captcha.bot Open in urlscan Pro
2606:4700:20::681a:76e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth1.captchabot-verify.site/
Effective URL:
https://captcha.bot/
Submission: On January 07 via api (January 7th 2024, 10:41:27 pm UTC) from US — Scanned from US

Summary HTTP 230 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 72 IPs in 4 countries across 60 domains to perform 230 HTTP transactions. The main IP is 2606:4700:20::681a:76e, located in United States and belongs to CLOUDFLARENET, US. The main domain is captcha.bot. The Cisco Umbrella rank of the primary domain is 860813.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 25th 2023. Valid for: a year.

This is the only time captcha.bot was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::ac43:9b82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 26	2606:4700:20:... 2606:4700:20::681a:76e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	18.245.96.60 18.245.96.60	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6811:2b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2600:141b:1c0... 2600:141b:1c00:31::1739:5a4b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:402... 2607:f8b0:4020:806::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
2 2	2600:9000:220... 2600:9000:2209:7800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:26c... 2600:9000:26c2:c400:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
19	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	13.33.165.113 13.33.165.113	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.13.102 172.217.13.102	15169 (GOOGLE) (GOOGLE)
6	104.19.218.90 104.19.218.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.160.46.100 18.160.46.100	16509 (AMAZON-02) (AMAZON-02)
11	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
5	34.149.20.76 34.149.20.76	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	147.135.119.115 147.135.119.115	16276 (OVH) (OVH)
1	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
2	147.28.129.37 147.28.129.37	54825 (PACKET) (PACKET)
6	2602:803:c002... 2602:803:c002:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	44.217.55.203 44.217.55.203	14618 (AMAZON-AES) (AMAZON-AES)
2	3.215.169.119 3.215.169.119	14618 (AMAZON-AES) (AMAZON-AES)
21	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
1	104.19.219.90 104.19.219.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
1 10	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
2	35.221.21.110 35.221.21.110	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.47.170.102 23.47.170.102	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c002... 2602:803:c002:200::24	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.117.239.71 34.117.239.71	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	34.160.5.2 34.160.5.2	15169 (GOOGLE) (GOOGLE)
1	18.67.17.70 18.67.17.70	16509 (AMAZON-02) (AMAZON-02)
1	13.33.165.26 13.33.165.26	16509 (AMAZON-02) (AMAZON-02)
1	34.86.110.8 34.86.110.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
6 7	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
22 25	35.236.220.17 35.236.220.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2600:9000:234... 2600:9000:2348:3800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 5	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
2 3	69.194.240.13 69.194.240.13	26120 (RHYTHMONE) (RHYTHMONE)
1	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:2994:5ad:21a7:a60b	14618 (AMAZON-AES) (AMAZON-AES)
1 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	13.33.165.14 13.33.165.14	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:200... 2600:9000:2000:f400:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:200... 2600:9000:2000:e800:1b:6b7d:2300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.33.165.100 13.33.165.100	16509 (AMAZON-02) (AMAZON-02)
1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	63.251.28.133 63.251.28.133	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2 3	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
1 2	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
3 4	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	52.45.141.6 52.45.141.6	14618 (AMAZON-AES) (AMAZON-AES)
1	23.47.69.85 23.47.69.85	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	63.251.86.50 63.251.86.50	10913 (INTERNAP-BLK) (INTERNAP-BLK)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	172.217.13.194 172.217.13.194	15169 (GOOGLE) (GOOGLE)
8 13	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 6	172.217.13.98 172.217.13.98	15169 (GOOGLE) (GOOGLE)
2 3	67.220.226.233 67.220.226.233	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a05:6096:7d74:cf85:e5f3	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	52.73.63.104 52.73.63.104	14618 (AMAZON-AES) (AMAZON-AES)
1	104.117.182.211 104.117.182.211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.216.74.116 3.216.74.116	14618 (AMAZON-AES) (AMAZON-AES)
3	13.33.165.58 13.33.165.58	16509 (AMAZON-02) (AMAZON-02)
230	72

1 2606:4700:3036::ac43:9b82 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth1.captchabot-verify.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:20::681a:76e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

captcha.bot	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.245.96.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-96-60.yto50.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:2b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:141b:1c00:31::1739:5a4b (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.fuseplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2209:7800:9:46dc:4700:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:26c2:c400:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.165.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-165-113.yto50.r.cloudfront.net

privygg.chargebeestaticv2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.102 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.218.90 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.46.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-100.iad55.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.20.76 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.114 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 147.135.119.115 (United States)

ASN16276 (OVH, FR)
PTR: ip115.ip-147-135-119.us

prg8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:803:c002:200::41 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.217.55.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-55-203.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.215.169.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-169-119.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)

newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4020:807::2002 (Montreal, Canada) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:807::2004 (Montreal, Canada) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.221.21.110 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 110.21.221.35.bc.googleusercontent.com

eastads.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.47.170.102 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-170-102.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:200::24 (United States)

ASN26667 (RUBICONPROJECT, US)

beacon-iad2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com

lbs-event.gcp.lineate-33x.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.5.2 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 2.5.160.34.bc.googleusercontent.com

media.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.17.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-17-70.yto50.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.165.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-165-26.yto50.r.cloudfront.net

cdn.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.86.110.8 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.110.86.34.bc.googleusercontent.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 8.43.72.98 (United States) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 35.236.220.17 (Washington, United States) 22 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2348:3800:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.194.240.13 (United States) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:2994:5ad:21a7:a60b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.165.14 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-165-14.yto50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2000:f400:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2000:e800:1b:6b7d:2300:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.165.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-165-100.yto50.r.cloudfront.net

sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.133 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.197.56 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.200.65.202 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.141.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-141-6.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.69.85 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-69-85.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.251.86.50 (United States) 2 redirects

ASN10913 (INTERNAP-BLK, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 8.43.72.97 (United States) 8 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.13.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.226.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a05:6096:7d74:cf85:e5f3 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.63.104 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-63-104.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.182.211 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-211.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.41.104 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.74.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-74-116.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.165.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-165-58.yto50.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	1 MB
30	simpli.fi 22 redirects eastads.simpli.fi — Cisco Umbrella Rank: 11141 media.simpli.fi — Cisco Umbrella Rank: 10789 cdn.simpli.fi — Cisco Umbrella Rank: 12500 i.simpli.fi — Cisco Umbrella Rank: 6388 um.simpli.fi — Cisco Umbrella Rank: 1428	41 KB
30	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 184 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 ad.doubleclick.net — Cisco Umbrella Rank: 199 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338	255 KB
29	rubiconproject.com 14 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 791 eus.rubiconproject.com — Cisco Umbrella Rank: 951 beacon-iad2.rubiconproject.com — Cisco Umbrella Rank: 2863 token.rubiconproject.com — Cisco Umbrella Rank: 744 pixel.rubiconproject.com — Cisco Umbrella Rank: 620	32 KB
26	captcha.bot 1 redirects captcha.bot — Cisco Umbrella Rank: 860813	824 KB
10	fuseplatform.net cdn.fuseplatform.net — Cisco Umbrella Rank: 19203	139 KB
10	chargebee.com js.chargebee.com — Cisco Umbrella Rank: 42936	214 KB
8	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 398 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923	5 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	429 KB
7	hcaptcha.com js.hcaptcha.com — Cisco Umbrella Rank: 11127 newassets.hcaptcha.com — Cisco Umbrella Rank: 7636 api.hcaptcha.com — Cisco Umbrella Rank: 7827	498 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 505 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 323	104 KB
5	smartadserver.com prg8.smartadserver.com — Cisco Umbrella Rank: 19977	10 KB
5	33across.com ssc.33across.com — Cisco Umbrella Rank: 6391	10 KB
5	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 266 www.google.com — Cisco Umbrella Rank: 6	1 KB
4	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 1432	2 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 878 gum.criteo.com — Cisco Umbrella Rank: 597 mug.criteo.com — Cisco Umbrella Rank: 1867	8 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 1738 api.btloader.com — Cisco Umbrella Rank: 1905	31 KB
4	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 4373	48 KB
3	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 1542	8 KB
3	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 778	1 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 764	1 KB
3	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 845	1 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1411 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431	13 KB
2	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 1732	529 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 972	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 594	696 B
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 930	502 B
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 3106	2 KB
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 3732	863 B
2	intentiq.com 1 redirects sync.intentiq.com — Cisco Umbrella Rank: 1479 sync1.intentiq.com — Cisco Umbrella Rank: 2959	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 973 d.agkn.com — Cisco Umbrella Rank: 1340	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 857	712 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 894	55 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	2 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 991 eb2.3lift.com — Cisco Umbrella Rank: 731	1 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1119	560 B
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766 image2.pubmatic.com — Cisco Umbrella Rank: 1555	665 B
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 356	2 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1774	1 KB
2	chargebeestaticv2.com privygg.chargebeestaticv2.com	1 KB
2	quantcast.com 2 redirects cmp.quantcast.com — Cisco Umbrella Rank: 4731	1 KB
2	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 4701	12 KB
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 797	280 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 1385	650 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 173	546 B
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 1480	632 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1624	444 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 3080	421 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 958	655 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 10133	175 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399	378 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 1035	544 B
1	truste.com choices.truste.com — Cisco Umbrella Rank: 1586	8 KB
1	lineate-33x.net lbs-event.gcp.lineate-33x.net — Cisco Umbrella Rank: 11843	288 B
1	gstatic.com fonts.gstatic.com	34 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	10 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	78 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1429	7 KB
1	captchabot-verify.site 1 redirects auth1.captchabot-verify.site	465 B
230	60

	Domain	Requested by
26	captcha.bot	1 redirects captcha.bot static.cloudflareinsights.com
25	um.simpli.fi	22 redirects eastads.simpli.fi
21	pagead2.googlesyndication.com	securepubads.g.doubleclick.net captcha.bot pagead2.googlesyndication.com cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
19	securepubads.g.doubleclick.net	cdn.fuseplatform.net securepubads.g.doubleclick.net captcha.bot www.googletagservices.com cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
13	pixel.rubiconproject.com	8 redirects eastads.simpli.fi captcha.bot
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net captcha.bot cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com tpc.googlesyndication.com cdn.ampproject.org
10	cdn.fuseplatform.net	captcha.bot cdn.fuseplatform.net
10	js.chargebee.com	captcha.bot js.chargebee.com
7	token.rubiconproject.com	6 redirects eus.rubiconproject.com
7	www.googletagservices.com	captcha.bot securepubads.g.doubleclick.net cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
6	cm.g.doubleclick.net	4 redirects captcha.bot
6	fastlane.rubiconproject.com	cdn.fuseplatform.net
6	cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	s.amazon-adsystem.com	2 redirects eastads.simpli.fi captcha.bot
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	newassets.hcaptcha.com	js.hcaptcha.com newassets.hcaptcha.com
5	prg8.smartadserver.com	cdn.fuseplatform.net
5	ssc.33across.com	cdn.fuseplatform.net
4	ce.lijit.com	2 redirects eastads.simpli.fi captcha.bot
4	ups.analytics.yahoo.com	3 redirects eastads.simpli.fi
4	www.google.com	1 redirects tpc.googlesyndication.com captcha.bot eastads.simpli.fi
4	cmp.inmobi.com	captcha.bot cmp.quantcast.com cmp.inmobi.com
3	choices.trustarc.com	choices.truste.com
3	aax-eu.amazon-adsystem.com	2 redirects captcha.bot
3	px.ads.linkedin.com	1 redirects eastads.simpli.fi captcha.bot
3	idsync.rlcdn.com	2 redirects eastads.simpli.fi
3	pixel.tapad.com	1 redirects eastads.simpli.fi captcha.bot
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
3	api.btloader.com	btloader.com
2	capi.connatix.com	1 redirects captcha.bot
2	match.prod.bidr.io	2 redirects
2	match.adsrvr.org	2 redirects
2	us-u.openx.net	1 redirects eastads.simpli.fi
2	loadm.exelator.com	1 redirects eastads.simpli.fi
2	fei.pro-market.net	2 redirects
2	sync.1rx.io	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	eus.rubiconproject.com	cdn.fuseplatform.net eus.rubiconproject.com
2	eastads.simpli.fi	cdn.fuseplatform.net captcha.bot
2	static.criteo.net	cdn.fuseplatform.net static.criteo.net
2	fonts.googleapis.com	cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2	bcp.crwdcntrl.net	tags.crwdcntrl.net eastads.simpli.fi
2	prebid.a-mo.net	cdn.fuseplatform.net captcha.bot
2	ib.adnxs.com	cdn.fuseplatform.net eastads.simpli.fi
2	ad-delivery.net	captcha.bot
2	privygg.chargebeestaticv2.com	js.chargebee.com
2	cmp.quantcast.com	2 redirects
2	challenges.cloudflare.com	1 redirects captcha.bot
1	match.sharethrough.com	captcha.bot
1	hb.yahoo.net	captcha.bot
1	pr-bh.ybp.yahoo.com	1 redirects
1	www.googleadservices.com	1 redirects
1	pippio.com	1 redirects
1	stags.bluekai.com	eastads.simpli.fi
1	sync.bfmio.com	eastads.simpli.fi
1	ads.stickyadstv.com	eastads.simpli.fi
1	image2.pubmatic.com	eastads.simpli.fi
1	sync1.intentiq.com	eastads.simpli.fi
1	sync.intentiq.com	1 redirects
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	eastads.simpli.fi
1	eb2.3lift.com	eastads.simpli.fi
1	sync.targeting.unrulymedia.com	eastads.simpli.fi
1	s.ad.smaato.net	1 redirects
1	mug.criteo.com
1	i.simpli.fi	eastads.simpli.fi
1	cdn.simpli.fi	eastads.simpli.fi
1	choices.truste.com	eastads.simpli.fi
1	media.simpli.fi	eastads.simpli.fi
1	lbs-event.gcp.lineate-33x.net	captcha.bot
1	beacon-iad2.rubiconproject.com	captcha.bot
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	api.hcaptcha.com	newassets.hcaptcha.com
1	tlx.3lift.com	cdn.fuseplatform.net
1	bidder.criteo.com	cdn.fuseplatform.net
1	hbopenbid.pubmatic.com	cdn.fuseplatform.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	js.hcaptcha.com	js.chargebee.com
1	ad.doubleclick.net	captcha.bot
1	btloader.com	cdn.fuseplatform.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	captcha.bot
1	static.cloudflareinsights.com	captcha.bot
1	auth1.captchabot-verify.site	1 redirects
230	87

This site contains links to these domains. Also see Links.

Domain
docs.captcha.bot
privy.gg
discord.com
arcane.bot

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-25` - `2024-06-24`	a year	crt.sh
js.chargebee.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
cdn.fuseplatform.net R3	`2023-12-20` - `2024-03-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.chargebeestaticv2.com Amazon RSA 2048 M01	`2023-04-30` - `2024-05-29`	a year	crt.sh
btloader.com GTS CA 1P5	`2023-12-17` - `2024-03-16`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2023-12-25` - `2024-03-24`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.a-mo.net R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
lbs-event.gcp.lineate-33x.net GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
media.simpli.fi GTS CA 1D4	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-11-18` - `2024-12-15`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://captcha.bot/
Frame ID: 3CB52BE381E9888A3634E8C9A396FB58
Requests: 88 HTTP requests in this frame

Frame: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master.html
Frame ID: 7A44ACB3C1AD37E5286AD940D3C3914B
Requests: 9 HTTP requests in this frame

Frame: https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 8DA2D9E73710CBF2A40A8FC2E12806EA
Requests: 2 HTTP requests in this frame

Frame: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C026EB7948A14728F7CDA526D47B3D92
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=vsrvmyg4pnm
Frame ID: 0EEF3C4F21E6BC8EE3A0A7F702204E18
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html
Frame ID: A45F0F23491AF5E86C9C25328E172622
Requests: 3 HTTP requests in this frame

Frame: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7A71B26F7CF9EA7D1FDB203AFE10C4B7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Frame ID: DBCE26EAE0643F7A366013559FF0FB6B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D11EC1C7A9EBB5483BE52BBA9E50201B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4D4333BFBC6E641565617435A7D8FE29
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: C267B1D5E1CE20D5DEA77246B6BCABA4
Requests: 16 HTTP requests in this frame

Frame: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1D11DE975B011F0BA4BDF83DF2239565
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQCAr-QmDjuLebWsgZg_eRj51t4WsZBbpQt5BcYZ4Y5-s_c8inHWxZIqN5-l2V098j-MiQDGADVxNhTBOIYYSLDrdhaKRCvG4G_B8OG2Kj3BOQiRunwADsfQcB_RAlmG6gD6C8hkBjvDblOdnB0UvbYKIeez5k--zKQRBVCe5ZHlPLC60uqRc9kuZiGkWmcxasEIqrAcBzYGQuIMyXZLcaDKOX-ey6MrwpKLgFtksHQHiQDi6ZJ5G5DYPCeSAqcFcecyipvVBP5oU6mT880PmFoE_by_3PsDMa4Tbnnqe5T9xjMbPh8bpmuWk5YXiSQ00HDMtx9KPPreGV9dBBIULHY-4z0RddsVqqwzSQ3Z-8p-tlfIJKsZPlXpCfj1YqN-rCPnMarNscgnV9fLyZFxPZ79p8BQ&sai=AMfl-YS8ifWZ4Lhqv7duujKqdy1GO7hjY4hpf18RMmGeikzpwqETnIizF7LvdEuahDdq_jtQr_JVO9R6vHu4Xn-VYd3IOOyA4F5lhBgMgUTl2cHs4UYdWIiVCW_sMtMPLg&sig=Cg0ArKJSzJHtc25pmzVtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 1B704F9229CEA8BF8ED97D621B58612A
Requests: 4 HTTP requests in this frame

Frame: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DC34D8262F519E4A2F25744011F4FDBF
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIRXVdoAI8eNaECysYDrD9Cx6F1BNkWN0r1CiB61l9qHjnS6E4NtngStytxxzAOzn_NDvOaxIwbJIfaV6iAlbAHYC9RWvmAnzb9lOudSULbwmD_4GjJhclTKL88dDzVp9gkULTLShx_lPQAA7XemgMaI6fZDU6z4Bb_e-YvkoCbI9AtJfk7HRwE2vcbUM42LtzKUz21DteCEqGm813TcgEpHn6a0JpTDltvMF_WmrsksqoljQATOgwbwZdxSROQziQ7aBLRKaxs9jJSH-n7YO0-YI07fvYQjAxj078SRkfRS-u8KImaoG9w0OXLMvkjZSr1EWBSeWPlkYLIMm8Q7cTl_yz55X7tAOiAHJfQ9oh6YaiQOnRNqr_n6x0p6SgmrglITBhRFGMx_-3OH4&sai=AMfl-YQG8erRjSSH8Qk7n3qUIkFUIY6o5Aw5uOxat65o12-iOLsRngOVHS68L-XryTmImn1_tcqZCxkGbH9nGoWl-2GKVGvja9B_IcSNMsS3_MgfwSF-amO6eOR6pXCWvA&sig=Cg0ArKJSzNnGShVuTEJjEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: FAAD37C49F2FE271479FB0EA63F92D77
Requests: 8 HTTP requests in this frame

Frame: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9EF447269DF4C9EA083CC3E3926EF238
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240104/r20190131/zrt_lookup_fy2021.html
Frame ID: B21589A4B611E48CBD7FBA2C5E09051A
Requests: 1 HTTP requests in this frame

Frame: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Frame ID: 6670968B4D343BD3EC034CA34AFA14E7
Requests: 30 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=na&co=us
Frame ID: AAD45A269F71D475B094884F9BDCCD85
Requests: 19 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=captcha.bot&gdpr=0&gdpr_consent=
Frame ID: D85D966C5D4B9E23E95AD70E1DA0AFEC
Requests: 2 HTTP requests in this frame

Frame: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ABB7BC6275E5F3B1859E4CABF0729BF3
Requests: 10 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarkermobile-icon-tr.png
Frame ID: BF52A3E95F2D22F870F109646BA54316
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Captcha.bot - Verification done right

Page URL History Show full URLs

https://auth1.captchabot-verify.site/ HTTP 302
https://captcha.bot/ Page URL

Detected technologies

Chargebee (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.chargebee\.com/v([\d.]+)

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

230
Requests

80 %
HTTPS

40 %
IPv6

60
Domains

87
Subdomains

72
IPs

4
Countries

3952 kB
Transfer

10566 kB
Size

89
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.captcha.bot/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://privy.gg/
Title: Privy.gg LLC

Search URL Search Domain Scan URL

URL: https://discord.com/application-directory/512333785338216465
Title: Add to Discord

Search URL Search Domain Scan URL

URL: https://arcane.bot/
Title: Arcane.bot

Search URL Search Domain Scan URL

URL: https://privy.gg/legal
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth1.captchabot-verify.site/ HTTP 302
https://captcha.bot/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/74bd6362/api.js?onload=onloadTurnstileCallback

Request Chain 13

https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 37

https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2 HTTP 301
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2

Request Chain 51

https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2 HTTP 301
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2

Request Chain 155

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 177

https://gum.criteo.com/sid/json?origin=publishertag&domain=captcha.bot&sn=ChromeSyncframe&so=0&topUrl=captcha.bot&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=OWzVHnxTQks4WnhaWFcwNTYxYVlScVlhT0ZEdVVsSVdwWE9IZ3BpZjlrUFViYWhKUWVUZXI0OUpRYUhBVGZZNXhiT0Y3a3pVaWZUbTRIVE5iUUpvcGhLT0JZQjhIS1F0MjRRNlh6dVlCZkNjSnYvcmhqK01wOXFocEFsRWp5bE1FYWJBRW16eng0cmV1VC9qc2hDa1hFTVhLK3podzJkQzlnTnVjalQrWkZCbFF0S0NwcWNyTjk4M1hodW5CU3hrYnhoMWhZbVRCbFNaaElSYUxtbzVENEZHSTh6YW9Ndm5VY0l4QUFMeDI0M3ZUZ1E4S09kUjBlbUJVRVpiTmNSYng2QUY5OXFBYjNLUkNTbkcxQTdmajRLOGE1S211Sit3UHlNODc3dlJ3WlljK0E0WT18&cppv=2

Request Chain 191

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D5920B0AA1DC4E4DB0795CE26E3D278C HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=65885d64ec&gdpr=0&gdpr_consent=

Request Chain 192

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/D5920B0AA1DC4E4DB0795CE26E3D278C HTTP 302
https://sync.1rx.io/usersync/simplifi/D5920B0AA1DC4E4DB0795CE26E3D278C?zcc=1&cb=1704667282237 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-cdabbcd1-61a6-4be4-b44d-39788d05dd2c-005

Request Chain 193

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=D5920B0AA1DC4E4DB0795CE26E3D278C&dongle=yf3

Request Chain 194

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=D5920B0AA1DC4E4DB0795CE26E3D278C

Request Chain 195

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=D5920B0AA1DC4E4DB0795CE26E3D278C HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D5920B0AA1DC4E4DB0795CE26E3D278C

Request Chain 196

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=D5920B0AA1DC4E4DB0795CE26E3D278C HTTP 302
https://d.agkn.com/pixel/10751/?che=1704667282254&ip=96.9.249.42&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213980604754008401179 HTTP 302
https://um.simpli.fi/aa_px?sk=213980604754008401179 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 197

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D5920B0AA1DC4E4DB0795CE26E3D278C HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D5920B0AA1DC4E4DB0795CE26E3D278C&ckls=true&ci=40cg7LDUkE&nc=false&trid=1768835908

Request Chain 198

https://um.simpli.fi/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D5920B0AA1DC4E4DB0795CE26E3D278C

Request Chain 199

https://um.simpli.fi/freewheel HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=D5920B0AA1DC4E4DB0795CE26E3D278C

Request Chain 200

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=D5920B0AA1DC4E4DB0795CE26E3D278C;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=D5920B0AA1DC4E4DB0795CE26E3D278C;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/400646.gif?partner_uid=3160041537646186172

Request Chain 201

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=D5920B0AA1DC4E4DB0795CE26E3D278C&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=D5920B0AA1DC4E4DB0795CE26E3D278C&j=0&xl8blockcheck=1

Request Chain 202

https://um.simpli.fi/yahoo HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=D5920B0AA1DC4E4DB0795CE26E3D278C HTTP 302
https://ups.analytics.yahoo.com/ups/55964/sync?uid=D5920B0AA1DC4E4DB0795CE26E3D278C&verify=true

Request Chain 203

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=D5920B0AA1DC4E4DB0795CE26E3D278C

Request Chain 204

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=D5920B0AA1DC4E4DB0795CE26E3D278C

Request Chain 205

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D5920B0AA1DC4E4DB0795CE26E3D278C

Request Chain 206

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D5920B0AA1DC4E4DB0795CE26E3D278C HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=D5920B0AA1DC4E4DB0795CE26E3D278C&dnr=1

Request Chain 207

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=D5920B0AA1DC4E4DB0795CE26E3D278C HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogRDU5MjBCMEFBMURDNEU0REIwNzk1Q0UyNkUzRDI3OEMQABoNCJLR7KwGEgUI6AcQAEIASgA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=3b96179f54e094e3cf007483fd6ff6ee4a80932ab0c0af4b2a6a29f174ca5e1b791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3b96179f54e094e3cf007483fd6ff6ee4a80932ab0c0af4b2a6a29f174ca5e1b791426b5417dce21&rand=05742638 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3b96179f54e094e3cf007483fd6ff6ee4a80932ab0c0af4b2a6a29f174ca5e1b791426b5417dce21&rand=05742638&expected_cookie=4e82a99b-f796-42f4-a68a-be3009c506b1

Request Chain 208

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1704667281821&cv=7&fst=1704667281821&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2138490007&cv=7&fst=1704667281821&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=kiibZeHNApmboPMPwpS-0A4&sscte=1&crd=&pscrd=IhMI4d65vqzMgwMVmQ1oCB1Cig_q HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=2138490007&cv=7&fst=1704667281821&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI4d65vqzMgwMVmQ1oCB1Cig_q&is_vtc=1&ocp_id=kiibZeHNApmboPMPwpS-0A4&cid=CAQSKQAvHhf_y64hXjvlzgKfRYk97cIrBXceE5110fbnVTvT7FrmggQnoRDI&random=3179958243

Request Chain 210

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=D5920B0AA1DC4E4DB0795CE26E3D278C

Request Chain 211

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D5920B0AA1DC4E4DB0795CE26E3D278C&expires=365

Request Chain 212

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D5920B0AA1DC4E4DB0795CE26E3D278C HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=D5920B0AA1DC4E4DB0795CE26E3D278C

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEIVjTURO2hxwCCqMPVi9dUc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D5920B0AA1DC4E4DB0795CE26E3D278C HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 215

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nbW3w3WqRD6xR5-d8pCutA&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nbW3w3WqRD6xR5-d8pCutA&gdpr=0

Request Chain 216

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=b2jgcF7KT6O6R5KHLvhQOw&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=b2jgcF7KT6O6R5KHLvhQOw&gdpr=0

Request Chain 217

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTYzZTAwNDcxNzVlMDU3NDYzN2E1OTg4N2EwZWI4NGFkYTE5NDZjNg&gdpr=0

Request Chain 218

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/QPXcYcOX2Z_ICfQEc25Ln8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-S_6xHaVE2oJIzggzLJtYq.QdfVi.MgBb0bb0gg--~A

Request Chain 219

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/rubicon?gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=547c0e4f-2603-40a0-9242-77bc857620dc&gdpr=0&gdpr_consent=&expires=30

Request Chain 220

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LR42VVHI-1P-4FWE&ex=d-rubiconproject.com&status=ok&gdpr=0

Request Chain 221

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR42VVHI-1P-4FWE&gdpr=0

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGVc8LLV5juIAM0XZkMWcSs&google_cver=1

Request Chain 223

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI0MlZWSEktMVAtNEZXRQ==&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEGiDdSKYSOFfUu8-DlT1lGQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI0MlZWSEktMVAtNEZXRQ==&google_push=&gdpr=0

Request Chain 224

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAR39U7LNlEAABbCXYW4zg&expires=30&gdpr=0

Request Chain 225

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LR42VVHI-1P-4FWE&gdpr=0 HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LR42VVHI-1P-4FWE&gdpr=0&dnr=1

Request Chain 226

https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR42VVHI-1P-4FWE&gdpr=0

Request Chain 227

https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR42VVHI-1P-4FWE&redir=true&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR42VVHI-1P-4FWE&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1KaDJoRzBORTJ1SEplQlBoNXdrTEhsVnlhZGlCaWg2dn5B&gdpr=0&ovsid=LR42VVHI-1P-4FWE&dpid=58160

Request Chain 228

https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0 HTTP 302
https://capi.connatix.com/us/pixel?puid=LR42VVHI-1P-4FWE&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0 HTTP 302
https://capi.connatix.com/us/pixel?puid=LR42VVHI-1P-4FWE&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true

Request Chain 229

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LR42VVHI-1P-4FWE&gdpr=0

Request Chain 230

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR42VVHI-1P-4FWE&gdpr=0

230 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
captcha.bot/
Redirect Chain

https://auth1.captchabot-verify.site/
https://captcha.bot/

2 KB
2 KB

450ms
372ms

Document
text/html

2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a4831292fc6acc780aa084f28713be6f2aa6cd14bc3c1f446b776f893efcfd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 841fb5186f476aee-BUF
content-encoding: br
content-type: text/html
date: Sun, 07 Jan 2024 22:41:18 GMT
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzfATQr9NdPxwAM58bUWcd6lj4yN4FXT%2FmAiPFLSJ%2BmpeSqsRQ4SygMS5QrZJURxqjgCX8XQ5mWrjRFOdOp29a08bO9JWcTVzJm1dPbsmRV8ysneChjg3Kj6T6j3re8rhlnQdRgmSv0k"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 841fb516799f4bbd-BUF
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 22:41:18 GMT
location: https://captcha.bot
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTXkZ36wxkfE2PPle%2FzwGDLOELExySdZymu%2BMu%2Baidxd2EYpmWxMMesG5GS5UDEp8sJdxTKMg1MCmPDThgjfD58qukbSfbYHHTIr8N5dLOUsPj%2BKx4m0QDGV%2Bxks0cPtwdiZLW06D0Hc%2FD1DPYAHoxdXzMbqXpcPJKuo"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 262 KB
77 KB 141ms
41ms Script
application/x-javascript 18.245.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.96.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-96-60.yto50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6587745a1d407781feeca44e95a7238ec468bff35a7e4cdeec7cbce5a0b9fea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: V..nNJWrsHkyTnCNUPtgXWxT6KfGF.Il
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 07 Jan 2024 22:38:44 GMT
via: 1.1 448b69523e9e6d19ed8280b1c8be22c8.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P3
age: 154
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 Jan 2024 08:55:18 GMT
server: AmazonS3
etag: W/"703255d8651b6fcaaf9db6e82a9c2e15"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: ZtAusgp56Lk-0rArifKvx7rv6RF6d7MamPKwAxyuvuynGVERyi0uJQ==

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/74bd6362/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
https://challenges.cloudflare.com/turnstile/v0/g/74bd6362/api.js?onload=onloadTurnstileCallback

34 KB
12 KB

46ms
44ms

Script
application/javascript

2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/74bd6362/api.js?onload=onloadTurnstileCallback
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd9ac3177195b3d9537e0cf71222057ec70de67715715b570a80287ba78c8d3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 841fb51b6a0a4bcf-BUF
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 07 Jan 2024 22:41:18 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/g/74bd6362/api.js?onload=onloadTurnstileCallback
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 841fb51b29f04bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 chunk-vendors.bfc7157a.js Show response
captcha.bot/js/ 150 KB
53 KB 44ms
43ms Script
application/javascript 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6026b5e35c99959ff49bb57e086263c3145cf10054c10448b944348d7a3d2ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3813
cf-polished: origSize=153350
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: W/"658fb0ff-25706"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjGxZ%2FltSnB0sTLcUcKsoLCuJdrXYreRF92M6LXGmjy6xkuDAbOBR7Z5qAW2I0XnBFQb0Xyxcb6%2FlE8Fm6U8bljPESBdndCQkqOwk8DunW%2FhMFmvvroVymtmUEZc40VtIhJcemEUczS%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 841fb51bbcc16aed-BUF

GET
H3 200 app.e92fa179.js Show response
captcha.bot/js/ 13 KB
6 KB 68ms
67ms Script
application/javascript 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/js/app.e92fa179.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 676041459462ccdec93b528297a0e88930e6e29b5e5948c740ceabdae3bb1ac1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3813
cf-polished: origSize=13078
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: W/"658fb0ff-3316"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5CEypkqupHNQgHUFp7smqwz2ttXvLlSXDCZVpU7q5AEfRBNA%2BP9mbPepVuJsWEyspRtyvAtvvPxu482luzYyvElYS1Ri4JHDluMTX9ljHfrH%2F1CRZOYAy3upCVYk37sxpFO8TLFqtPF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 841fb51bfcd86aed-BUF

GET
H2 200 app.908c6964.css
captcha.bot/css/ 44 KB
9 KB 40ms
38ms Stylesheet
text/css 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/css/app.908c6964.css
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9850834b2efcb9d344963e45b78a0483e6a6cedb0c1c36fc224abd7d5cebe2c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
age: 3813
etag: W/"658fb0ff-b0a9"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNWxvMsYPXpz625pCKDruuUIXSGuHgt4fJ5UZnWkvLrYj5TknAitSnNU%2BXb%2FvzifToZw0M2VT6S3MJrGGUd5Jo6nCXY2MLdlO6%2B255Q7Ombh1focF5kxS2oWAIRpmRz%2BgywuXdpTWian"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
cf-ray: 841fb51ac8716aee-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 118ms
55ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://captcha.bot/
Origin: https://captcha.bot
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 841fb51c9a504bbb-BUF

GET
H2 200 189-9075d28e354dfbf83c79.js Show response
js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/ 17 KB
5 KB 41ms
38ms Script
application/x-javascript 18.245.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/189-9075d28e354dfbf83c79.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.96.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-96-60.yto50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b8f30e4b4e6d6559fd4dfa7fd4818a3f0a294dddfd86ce8feab4075534cb37cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: .gR0DSddk7TZgXGStuiMT3bi8CWkqy5l
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 07 Jan 2024 22:38:51 GMT
via: 1.1 448b69523e9e6d19ed8280b1c8be22c8.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P3
age: 169
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 Jan 2024 08:55:18 GMT
server: AmazonS3
etag: W/"7b73bdba3edd5426509750ea29f175a4"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: NtVI61hemD4dxz2M8QZYEAwtKAt6PuJI0HPJkZQEI3azQESlC3sEEg==

GET
H2 200 fuse.js Show response
cdn.fuseplatform.net/publift/tags/2/2874/ 244 KB
56 KB 251ms
117ms Script
application/x-javascript 2600:141b:1c00:31::1739:5a4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/app.e92fa179.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:31::1739:5a4b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bf690803e1fc3c3d03595643914712996adb559fb7846cf6c69b8f83275d47b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 00:40:47 GMT
server: AkamaiNetStorage
etag: "c43b788e3884f4ebc21e0b82c92cfa3f:1677199247.347819"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 57145
expires: Sun, 07 Jan 2024 23:11:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 146ms
64ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer

Requested by

Host: captcha.bot
URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b1e4f41bda1a51d2e71a2b97fc8623c735efdd637858ff32d8f670f5fb0b73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79855
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jan 2024 22:41:18 GMT

GET
H3 200 609.7460785c.css
captcha.bot/css/ 128 KB
52 KB 42ms
42ms Stylesheet
text/css 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/css/609.7460785c.css
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/app.e92fa179.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32b756bfa32d3c2a0a584ebaa8d5050f9db464fe5a7c7ca25bd54ebfea5b15fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
age: 2069
etag: W/"658fb0ff-1801d"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZzsoraMK%2FZAQmmgRnb7uk8tWc8f%2F2EKLOoJMETihIb8roFKAaNTna3uN3p1NMZIWgRaKAdjR6rQ8sd50G3qJGCunVXkqyMl9FVZGP%2F85WOxkk%2FJHYzg1Px%2BMJi5QmyBPu5KIR52%2B6Hh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
cf-ray: 841fb51cad156aed-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 609.1ded81fc.js Show response
captcha.bot/js/ 19 KB
6 KB 40ms
40ms Script
application/javascript 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/js/609.1ded81fc.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/app.e92fa179.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ef1fb1258c5ef1d73e6a4325fa9cb17deffb721770edc8c01cc045e3041c5a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2068
cf-polished: origSize=19136
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: W/"658fb0ff-4ac0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmL%2B5O3f3r48SG035%2BRgVTqMlg7DjGLd%2BspLiBNLuftR9YiWufF6r0FSBeeNEL2z7W3L7LPdMPEX3rClgnQru1MBSFK4aevPniiRkJ4sJOCB4iRlat1r%2F6h0dkCfsFWFg42%2FWB8GLo%2Bc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 841fb51cad166aed-BUF

GET
H2 200 animation.css
js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/ 722 B
1 KB 37ms
37ms Stylesheet
text/css 18.245.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/animation.css

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.96.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-96-60.yto50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: iTAGy_WJOa85bpKlb0PpeAIB.LPczAD.
strict-transport-security: max-age=300; includeSubdomains; preload
via: 1.1 448b69523e9e6d19ed8280b1c8be22c8.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 22:39:05 GMT
x-amz-cf-pop: YTO50-P3
age: 135
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 722
last-modified: Thu, 04 Jan 2024 08:55:20 GMT
server: AmazonS3
etag: "520016f3fad41f77bb889758ac030aaf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300,public
accept-ranges: bytes
x-amz-cf-id: eoU-Pa0Gdt4x_s_-j61mDgrMRCHsw_W5qApaIXkftHbuT4mJdBqe-Q==

GET
H2 200 master.html Show response
js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/ Frame 7A44 234 B
721 B 38ms
37ms Document
text/html 18.245.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master.html

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/189-9075d28e354dfbf83c79.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.96.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-96-60.yto50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

590074e57dcf2082af21edd1a809b03a61fa933a74edf528037b397e0ea744f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 136
cache-control: max-age=300,public
content-length: 234
content-type: text/html
date: Sun, 07 Jan 2024 22:39:05 GMT
etag: "6c99c34ba379f2658f0acaf3284563d0"
last-modified: Thu, 04 Jan 2024 08:55:20 GMT
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 448b69523e9e6d19ed8280b1c8be22c8.cloudfront.net (CloudFront)
x-amz-cf-id: jpBa16dkwRYKCfDlKJY18OoCdZrQqM25YPOZE1SaPK9KPEk-5aL-tw==
x-amz-cf-pop: YTO50-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: 2kjc.4F9M3Dhm51jdAndH_KErMw4nFFf
x-cache: Hit from cloudfront

GET
H3

200

main.js Show response
captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 8DA2
Redirect Chain

https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

126ms
126ms

Script
application/javascript

2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Server

2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f120d09386a5ba5021109ab1cffef7c2f65d2b0735ed1727efc59def9e9c9100

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iuAouOteXPS4hD7fCBNMuzWna%2FKE9WWcs1VmdknPeb1F98xC6pTt7t4zApimmOToGifeqDPm14TvjYEEKsWp6%2FwNo8Lj7qjAv8xytnZ%2BWVnXdYZCLTHvDszlYuPbi8gQpHhT7sR2vLS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 841fb51d8d6f6aed-BUF
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 07 Jan 2024 22:41:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uwb5rwKhNBdYmNJNqOHTiy2trLxn%2BrCDIskaHKwgbZUWxPSnTrIIKkzl%2B2qoODVV%2BskhJEZ9xQDmszzZepuGAsKtibmLr6jSffJEZuLn7grmRa24mmYPUremKr08UgyAhN8EjtOuhxBC"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 841fb51d1d406aed-BUF
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 89 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62d056f363b8b39fd0f85690a31012fcb6f1f0cef642bb247fc8ae627e33ac6d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4383437e4c7973582c6fa37a8693ce3d30e4026a462995671533ef885b0a130a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 logo.0d11fe46.png
captcha.bot/img/ 15 KB
15 KB 40ms
40ms Image
image/webp 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/img/logo.0d11fe46.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6227e69f1c3711825b5166ddcbd07539e556ce7068917ad7701a5af5b4814f33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3812
cf-polished: origFmt=png, origSize=34020
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 14910
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-84e4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qdm9gxDInmvM98rOtWftZdnTprITByIQTYgvHhy8yrkK1diMQ3IcQKgVZiwXC%2FD%2B0Q%2F6CmRxJkuExfcnT%2FqdTk6EWQEOH4%2FzbnZS3QaG%2FOc3%2BGkF9F7UY3v%2BNF4Fd5f7u5lQr3j5HqWp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d6d566aed-BUF

GET
H3 200 landing-promo.423c8618.png
captcha.bot/img/ 8 KB
9 KB 42ms
39ms Image
image/webp 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/img/landing-promo.423c8618.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a87310dacb8e83018f2cbb037552a79868dafb9214613d442581b3f3eeea914

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2067
cf-polished: origFmt=png, origSize=16963
content-disposition: inline; filename="landing-promo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8702
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-4243"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cu9p2%2BjYGvBJl%2B8GulRmAVi%2FVz8rNSwx%2FlVMX6IDqbpFJDucwQHPX588uF1Omo%2BZHqp8pCkF%2FSF3PO%2FN5RsYp%2BoajzQZaSMUX19Rq7IUeVYArmvo5k%2BHiDOdOJRGJ8JiQB7o3lQsg422"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d7d586aed-BUF

GET
H3 200 bitcoin.png
captcha.bot/promo/crypto/ 8 KB
9 KB 41ms
38ms Image
image/webp 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/bitcoin.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9eab613f27dc9efb747630f963208741cc088b586edfbfdaaebf7d733dc2d63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2067
cf-polished: origFmt=png, origSize=14655
content-disposition: inline; filename="bitcoin.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8608
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-393f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfLA4M2N1MllPnaB5F%2FBPA4nyeDDwsJLawnVHtDO3MaflcBWXHetXy1q6U5ZhOEBkOPikzuxhSGC1awT68Q5llTDJ5yRqSOdQ7sXou%2FtEu7w7lhTFzUY0s0EmZuwGGvgmwAxS7jBi6jc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d7d596aed-BUF

GET
H3 200 doge.png
captcha.bot/promo/crypto/ 190 KB
190 KB 67ms
65ms Image
image/webp 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/doge.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08a184bb8e17a3028350b402628040f572e5e6b2a57a5959c5acd78bfb1f5f9a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2066
cf-polished: origFmt=png, origSize=332322
content-disposition: inline; filename="doge.webp"
alt-svc: h3=":443"; ma=86400
content-length: 194348
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-51222"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2Bmub7ZGfqy7btA3tqRyZOw3XR6CkFiac9cFq%2FvlsHGwISS2oYRzS2I%2BNTBDZudqxeHik%2Bcq4AmBodMFf2ZANTxZyTX1It1%2BxSfdIw%2FPg4VKIPkXgq%2Bifpa1gISutqom39SspeXcV7bS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d7d5a6aed-BUF

GET
H3 200 eth.png
captcha.bot/promo/crypto/ 84 KB
85 KB 42ms
39ms Image
image/png 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/eth.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bba3a253608d50cff0174ea1102b3ff4e93993be25d07c0e0223f20f19c37382

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2066
cf-polished: origSize=86443, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 86302
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-151ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FfwupaPcsN8mHtu61geFqS6kGq8279SYypaX5WM6ItEoR3mKHHktmZhisEWeDIUkBbi02dpYb23keUZa2npX%2B79QeV5tXNkoPr5Z%2B7M7mQYB0eKWZnPVWAPqbXqzl%2FeDPgWVDBMcxcU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d7d5d6aed-BUF

GET
H3 200 ape.webp
captcha.bot/promo/crypto/ 153 KB
153 KB 99ms
96ms Image
image/webp 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/ape.webp
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e424ab30e57e903c77ed203fd48b8e240c9333d18eada751c7a5744ad5ac5f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2066
etag: "658fb0ff-2639a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUfLbmMQjbOaV57mWksr6KCAhzB%2Bc8TRZ9vJLs49Bwb6XSr7R2ZuTUxJ%2F5jN3Zd1EqCAFpDaO2U5Vn7nWP75wRm89cqQ2d0zdrkJphV%2Fo7KijzYKtlJh4PxwvT7r%2B%2F6BJbWBYKGMQvH5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d7d5f6aed-BUF
alt-svc: h3=":443"; ma=86400
content-length: 156570

GET
H3 200 boost.png
captcha.bot/promo/discord/ 29 KB
29 KB 128ms
125ms Image
image/webp 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/discord/boost.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6800d363cb5a534231c868a110cc4762d636d4df062c41a407c1c091e959e96f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2064
cf-polished: origFmt=png, origSize=67807
content-disposition: inline; filename="boost.webp"
alt-svc: h3=":443"; ma=86400
content-length: 29300
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-108df"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xsyvgmbUD4t%2BuShZGOqwa0DrvgRw8F7Fvv1LaDZBwfoNOwQ5C%2FpMcrLIPLsk0WuHeULBR7IBaFCaEPW4Q7PN5i5vJWHlsVGFvY4I6p%2FcC%2BhIWVyDeXN1ikPG0NY1frzRbigEX7HJKVa"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d7d616aed-BUF

GET
H3 200 badge.png
captcha.bot/promo/discord/ 4 KB
5 KB 129ms
127ms Image
image/webp 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/discord/badge.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45081b381b2448cac81c3cc81ed427d216719a54890a2242e691ab7608a0ada8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2064
cf-polished: origFmt=png, origSize=8231
content-disposition: inline; filename="badge.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4252
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-2027"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxxnSPtesVMTSR4WLwJnDu76ZqqtxWS%2B78Y3wzjESAqn9%2B1TgcBof%2FUW%2BtQP8CEtgtWgSm%2BggF%2FeuTWd0cjWNVL5v6nfhG7td%2Bi%2BH7i8pbGDEbXZqPOET1d2%2BRcqjc21sWp1pxW%2BRPtU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d7d626aed-BUF

GET
H3 200 nitro.webp
captcha.bot/promo/discord/ 14 KB
14 KB 129ms
127ms Image
image/webp 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/discord/nitro.webp
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2a0ebb4c1e2bfeb215c6d41bb6c4fb0fac5a228fddf6a4bc77ef08e7f2e7477

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2064
etag: "658fb0ff-361c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSEm0JrLfleOnNKDWTtTnozfCFgXg1Q06gi%2B24z3OuEsYpkHRAJVE1Y9FdNVYgbJxRLUMbQzrv5nZxXpTdl0500Y%2Fhm8I%2FaqasG3PzKeKP1aMgSaEjiJwukIPDK6HeFX1sCDQYT8MqFM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d7d636aed-BUF
alt-svc: h3=":443"; ma=86400
content-length: 13852

GET
H3 200 phishing.png
captcha.bot/promo/ 9 KB
9 KB 130ms
128ms Image
image/webp 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/phishing.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93dc5afee0d7c64a418ee3804bb76f9855e7ff5a501a26ed29cd544f066bb6d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2063
cf-polished: origFmt=png, origSize=13769
content-disposition: inline; filename="phishing.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8860
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-35c9"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGnPLYzvsDUMAcf862%2B%2BM8gcK2soZP7JcPSDy7RoIoydl0adPvGMgykmxvjkJDtXM1Pfb%2BebKdOAp8mYMgC0Yw%2FaTrc4fCV%2FDpv5DfI4vv3FoxNARdhs1%2FhCP4iqnC%2FOct96NhVv%2BvcQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d7d646aed-BUF

GET
H3 200 sus.png
captcha.bot/promo/ 7 KB
7 KB 130ms
128ms Image
image/webp 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/sus.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a71902890d932247a4c1a8f83c6f0b8dd7a6e7a12d64524559aa158c9a19f1db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2064
cf-polished: origFmt=png, origSize=23982
content-disposition: inline; filename="sus.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7104
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-5dae"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcj%2BMcLZoqBZKjgHjIgVXyfopVkyWCv%2BSExCTdDIe1JFTV5k8aZjIz8D1h7VLlbsSuw1hYQs8C2%2FaVSLXS8H2cFx7b8q42zxAdNEe1MWw22tEep85K9zo9hYBOlPdA46bpvGOqpAjGHm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d7d656aed-BUF

GET
H3 200 accessible.png
captcha.bot/promo/ 16 KB
16 KB 131ms
129ms Image
image/webp 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/accessible.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a929bcd8cce2585ea3be49e84b6735c35debe93e48f62f5dd7e4fc4b33825e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2063
cf-polished: origFmt=png, origSize=27419
content-disposition: inline; filename="accessible.webp"
alt-svc: h3=":443"; ma=86400
content-length: 16334
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-6b1b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQlBaX%2FP8eVHYgqh9FUKdkhwCiWGM10o%2B9gvmr5nofOh0%2F5e3BV8ILrKbCcWLwzsCYoOcE1WZ8RPBYx374WECFfqZlWId%2Fc%2Bakjp3f3MwWxs%2BA0HFD%2Fie4iEFZ%2BtnNbJxlg%2BY94c0lCi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d7d686aed-BUF

GET
H3 200 time-limit.png
captcha.bot/promo/ 6 KB
6 KB 131ms
129ms Image
image/webp 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/time-limit.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 950487041eb8b857d86436c10b487f194b9b97a4205366978d9b945de8164ccb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2063
cf-polished: origFmt=png, origSize=11864
content-disposition: inline; filename="time-limit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5896
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-2e58"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvwb995y97o3%2F8UKZ1Fo2Z07TRHmJfqYFe0O8ao0BQ17xB%2FvPIVyo14q0RK17hN4lFfOR2mpVhL5qypv2GRnySTbKqkVkA4NhSO5u7xNzobTQGlohqttQtWoyYlg32%2B2ThSi83CVrmTo"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d7d6a6aed-BUF

GET
H3 200 analytics.png
captcha.bot/promo/ 139 KB
140 KB 132ms
130ms Image
image/webp 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/analytics.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd6334bbbdabc6a816851f5c2c4a71193190a0569359d4f8834e45b57e10dfb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2063
cf-polished: origFmt=png, origSize=382343
content-disposition: inline; filename="analytics.webp"
alt-svc: h3=":443"; ma=86400
content-length: 142700
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-5d587"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sq%2BKBB7jao07lE7XxeBKzFdeLdZ48JuLaAEItbDUrIo2Nzc4%2BZ7BdrFiwXtRLWxY4o5GddwZoj6w7g6efVDEk36SDIi7LTZQti%2FoeWRtoqZFgzNZi0fM7KvNYv1Xm3ActaUO7U58kfll"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 841fb51d7d6b6aed-BUF

GET
H3 200 discord-logo.1bf7c650.svg
captcha.bot/img/ 2 KB
1 KB 135ms
133ms Image
image/svg+xml 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/img/discord-logo.1bf7c650.svg
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2063
etag: W/"658fb0ff-82e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0d2Ad9Yw4gqjmQaMsUDD0nI57UxPqfL9DBADtpzLY3jPUDSFw%2FSgftH8U%2FVzz42%2BqQte0lMQa7clbsaPruuUzKA6p9GJHisOl1DKPWGwe6nS%2BW6d0DL9NyulzvcwzpZdNHJG9znKWZw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=120
cf-ray: 841fb51d7d6c6aed-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 statistics Show response
captcha.bot/api/v1/ 17 B
442 B 373ms
372ms XHR
application/json 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/api/v1/statistics
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15281a2bcc261d624ce4ac83854be4f5bfec40bc5658a53391607ac311064678

Request headers

Accept: application/json, text/plain, */*
Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
Authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qq322fR3Gm%2Bj07jhWT%2BcZS9jydtZJtak5GAv2Z%2FkIia6EdiRUhehOX%2FhPVBn8KRKF92%2F0mhqp4ueUkI9hfw28IcHn2%2FZl2wRQ6yRgdnVNkUqO%2F5DcR2PfXmuV1dvJ0KMDOLeIGfTZF5U"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 841fb51d7d6d6aed-BUF
alt-svc: h3=":443"; ma=86400
content-length: 17

GET
H2 200 master-e78e10b701ca76de64ae.js Show response
js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/ Frame 7A44 242 KB
69 KB 42ms
41ms Script
application/x-javascript 18.245.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master-e78e10b701ca76de64ae.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.96.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-96-60.yto50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

78bed889aff57d6a6623a23597fbe8029ed1c41bf12b644553016604130b3da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: FNHz0cKKvcZe.LZbKrSiggjiVMB5.ERx
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 07 Jan 2024 22:37:52 GMT
via: 1.1 448b69523e9e6d19ed8280b1c8be22c8.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P3
age: 207
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 Jan 2024 08:55:18 GMT
server: AmazonS3
etag: W/"18bc6715d6cd06995a5a19048cc5320e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: cVO8doas2zfZoi8nfGanZQ8W6JW5G-yhW0rtrw6ylY7QV_eJbUesDA==

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 94ms
38ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VT1JT14S09&gtm=45je4130v9119558076&_p=1704667278794&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=964147890.1704667279&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Home&dp=%2F&dl=https%3A%2F%2Fcaptcha.bot%2F&sid=1704667279&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1331
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 98ms
38ms Ping
text/plain 2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VT1JT14S09&cid=964147890.1704667279&gtm=45je4130v9119558076&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 205-81261cd08df7d8618092.js Show response
js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/ Frame 7A44 3 KB
2 KB 161ms
158ms Script
application/x-javascript 18.245.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/205-81261cd08df7d8618092.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master-e78e10b701ca76de64ae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.96.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-96-60.yto50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c9607a3a65a3c63cf8919f208d764c36e0fbcc44f2a91b21a4180e0dbb94daaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: PQK7yvd3DDOWSC.sMGBFOgm2fyz4z7hl
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 07 Jan 2024 22:41:20 GMT
last-modified: Thu, 04 Jan 2024 08:55:18 GMT
server: AmazonS3
via: 1.1 448b69523e9e6d19ed8280b1c8be22c8.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P3
x-amz-server-side-encryption: AES256
etag: W/"883edcfeea1cb727fe075d6fcc1700e3"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: kNewkq4Tzp5lRlx6hRlmZ3DTsbnkPkwVHdq8SSHIYLaljZfHPOFROA==

GET
H2 200 214-35526049775cb8a35e36.js Show response
js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/ Frame 7A44 3 KB
2 KB 40ms
37ms Script
application/x-javascript 18.245.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/214-35526049775cb8a35e36.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master-e78e10b701ca76de64ae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.96.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-96-60.yto50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5cda84f5afb1e0ca7ee7df0ee8b4a6af95b9e50009acddfa82967b78f3998cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: vQHntOwYtIwjXOjvbysX7.WSC55ViwTv
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 07 Jan 2024 22:38:49 GMT
via: 1.1 448b69523e9e6d19ed8280b1c8be22c8.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P3
age: 150
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 Jan 2024 08:55:18 GMT
server: AmazonS3
etag: W/"1c42978ffc1fb6d98ab36392d1fc4be4"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: n6ac6h_PLVcd859zokJzHbcnpWmxiNCrMeCpvVtD-BvasckI6RuC7w==

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/
Redirect Chain

https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2

4 KB
2 KB

291ms
59ms

XHR
application/javascript

2600:9000:26c2:c400:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 2600:9000:26c2:c400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c37dd45167098f01b5aa23ce5c21898424c7347c05d34444ca013af9d85c57f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:40:25 GMT
content-encoding: br
via: 1.1 baea19e57b5c9a395399255309193508.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P3
age: 55
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Sun, 19 Nov 2023 22:34:11 GMT
server: AmazonS3
etag: W/"76a3516a731c32c1a6a8f48b54d3d323"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id: 0_EjJXLv0cJbBT8kDNuVnZNWiqripaX0AqOao2Jk7WtzBfHgQSrgCw==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
date: Sun, 07 Jan 2024 22:40:54 GMT
via: 1.1 bf49d89d8a3c52a5998a7b465717a00e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 26
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
last-modified: Wed, 15 Nov 2023 19:47:35 GMT
server: AmazonS3
etag: "997985d66f999e7c0034a8915419c2cf"
access-control-max-age: 3000
access-control-allow-methods: GET
location: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
access-control-allow-origin: https://captcha.bot
cache-control: max-age=3600
access-control-allow-credentials: true
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: u6x_9OyZYoYvOf5nFsCajDINgim9K8a0gNwVwmPc1fFTFrnym7pzLQ==

GET
H2 200 prebid-407496646b648e67be5f557efe0c7641.js Show response
cdn.fuseplatform.net/prebid/ 261 KB
81 KB 30ms
30ms Script
application/x-javascript 2600:141b:1c00:31::1739:5a4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:31::1739:5a4b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ac029ed357e9abcb27b7afb2c5e3ffd7b0877924f8707c32c0a094e9a2027b2d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 02:21:08 GMT
server: AkamaiNetStorage
etag: "84cb2005d5697b835da43944b24c79f2:1677810068.706101"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400000
accept-ranges: bytes
content-length: 82396
expires: Sat, 03 Oct 2026 22:41:19 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 130ms
60ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8faecaadd48b12a02d72f7d84425f2c056186ed4485dfe3d95e119df4471be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: cafe
etag: 368 / 19729 / m202401020101 / config-hash: 2026918608723226553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:19 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
265 B 113ms
29ms Fetch
text/plain 2600:141b:1c00:31::1739:5a4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1704667279108&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=ee8eeaad00d63640f3f1&srate=100&adserver=gpt&etm=1391&e=fuse-load
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:31::1739:5a4b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Sun, 07 Jan 2024 23:11:19 GMT

GET
H2 200 pi-worker.js
js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/ Frame 7A44 66 KB
22 KB 41ms
41ms Other
application/x-javascript 18.245.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/pi-worker.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.96.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-96-60.yto50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4932f16c155e6a25dc48dc75c17e539a92ceec76687e6f2c4a61c3007ce5a274

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: ZwyRc0WlhV_Lc_d0_rRjXyVxNx7kDTIQ
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 07 Jan 2024 22:38:49 GMT
via: 1.1 448b69523e9e6d19ed8280b1c8be22c8.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P3
age: 150
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 Jan 2024 08:55:18 GMT
server: AmazonS3
etag: W/"0f3365b16eba65de9fcd781e3db4c485"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: a2YiFIYlBu2zB_OMJz_hHmnVzQjaKrGVBc_zi7_7ozZwb3-RBSXI4g==

POST
H3 200 841fb5186f476aee Show response
captcha.bot/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8DA2 0
549 B 51ms
50ms XHR
text/plain 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/cdn-cgi/challenge-platform/h/g/jsd/r/841fb5186f476aee
Requested by: Host: captcha.bot
URL: https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JGUbRKZQoMLNdZg5ItJb%2FCRYNvLMhXJbmXP2PYDuQj2swDuEHDNPSS5IM8%2FYDddVKXXC2dzPoCQXcf%2FLGBHSGN0vBE0MQL03vTsBYaAJ98xs67HkIOAytVSq2Ta6pQ51tyElsLWc6tJ"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 841fb51f5e046aed-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 retrieve_js_info Show response
privygg.chargebeestaticv2.com/api/internal/1704666600/ Frame 7A44 678 B
1 KB 46ms
36ms XHR
application/json 13.33.165.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://privygg.chargebeestaticv2.com/api/internal/1704666600/retrieve_js_info

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master-e78e10b701ca76de64ae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.165.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-165-113.yto50.r.cloudfront.net

Software

ChargeBee /

Resource Hash

f3bc1ef86b4e5f5c383b397e2e1f86e7978d0ab7836dab27ae074b6f2760a9cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.chargebee.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:30:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 98e73e5dcd76ade3e4aad5e1d1a53a02.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-C3
age: 677
x-cache: Hit from cloudfront
content-length: 678
server: ChargeBee
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json;charset=utf-8
access-control-allow-origin: https://js.chargebee.com
cache-control: max-age=0, must-revalidate, public, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version, chargebee-business-entity-id, X-TP-Token
x-amz-cf-id: R0M-HKhJnfClcnYx6a5AAVEMjr6wezi_eh482jn6deccg_OGkrVIKw==
expires: Thu, 01 Jan 1970 00:00:00 UTC

OPTIONS
H2 202 retrieve_js_info
privygg.chargebeestaticv2.com/api/internal/1704666600/ Frame 0
0 407ms
186ms Preflight 13.33.165.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://privygg.chargebeestaticv2.com/api/internal/1704666600/retrieve_js_info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.165.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-165-113.yto50.r.cloudfront.net

Software

ChargeBee /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://js.chargebee.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version, chargebee-business-entity-id, X-TP-Token
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://js.chargebee.com
cache-control: max-age=0, must-revalidate, public, s-maxage=10800
content-length: 0
date: Sun, 07 Jan 2024 22:41:19 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: ChargeBee
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 98e73e5dcd76ade3e4aad5e1d1a53a02.cloudfront.net (CloudFront)
x-amz-cf-id: j752hhPqgFuiI9iJOi9bvlt8pc301WEpU3vd7h0pa3Nj03mt6A29PA==
x-amz-cf-pop: YTO50-C3
x-cache: Miss from cloudfront
x-content-type-options: nosniff

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 32ms
23ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 539
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 06 Jan 2025 22:32:20 GMT

GET
H2 200 tag Show response
btloader.com/ 105 KB
31 KB 131ms
43ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11a1d469c8f8371322169f36f9b542cfa3a36d6643ed518ffba0c7377ff6211

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Sun, 07 Jan 2024 22:31:06 GMT
server: cloudflare
age: 525
etag: "d5b29f9d089ef16438c8127620fdfa59"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 841fb520dfc44bd5-BUF
content-length: 31541

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 128ms
58ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 07 Jan 2024 22:41:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
922 B 126ms
39ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1248386
x-guploader-uploadid: ABPtcPoOg4SZ5oPFZyTliG4fjSQ26PKj2rjvLiy_9azUqegBtP-FgnbyhSYt9-dD9ifYdmF9TrAo2bdHQw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE%2FRRYPcfxfNpcB9TDFa%2FHzNRflt7ZHxa659Uz7sSlHwUUZTRpS%2BixLYBcNB8gEMPWlFywETQ2ymYbwFuvsYgz0SZrkdRVXnmDVLA9K3nUZaLkLFpTS%2FeaJJja1jplFIIi0u4%2B7MgKjs38rt2g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 841fb521ab494bc9-BUF
expires: Sun, 24 Dec 2023 12:37:21 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 140ms
37ms Image
image/x-icon 172.217.13.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 00:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Jan 2024 00:48:52 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
350 B 126ms
40ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.3600389789794929
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1248386
x-guploader-uploadid: ABPtcPoOg4SZ5oPFZyTliG4fjSQ26PKj2rjvLiy_9azUqegBtP-FgnbyhSYt9-dD9ifYdmF9TrAo2bdHQw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L82VEmxYlhO8hrqFNGS8lTVBEv%2BWvjCROmU8HYtNEg0FPIIv%2F%2FAPIuE4h%2FYzoxS4cUyGftLbMM3rKZmYjU8%2Bp8KiobCO%2B6A%2BYSg4S4LIgdTJXgRA%2BCuvsz20B1CG1v%2F9S%2BGPBnCMFMCnqTabDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 841fb521ab4a4bc9-BUF
expires: Sun, 24 Dec 2023 12:37:21 GMT

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/
Redirect Chain

https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2

4 KB
2 KB

140ms
62ms

Script
application/javascript

2600:9000:26c2:c400:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 2600:9000:26c2:c400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c37dd45167098f01b5aa23ce5c21898424c7347c05d34444ca013af9d85c57f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
content-encoding: br
via: 1.1 0f0b1a29daedcaef491f1558b9ebf0f6.cloudfront.net (CloudFront)
last-modified: Sun, 19 Nov 2023 22:34:11 GMT
server: AmazonS3
x-amz-cf-pop: YTO50-P3
age: 54
x-amz-server-side-encryption: AES256
etag: W/"76a3516a731c32c1a6a8f48b54d3d323"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: V1OukzW5Imvpaz3f6-rAGdMOv6pSYM8kAMptvFBO_17zlC1LXBkx2Q==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
date: Sun, 07 Jan 2024 22:40:57 GMT
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 23
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
last-modified: Wed, 15 Nov 2023 19:47:35 GMT
server: AmazonS3
etag: "997985d66f999e7c0034a8915419c2cf"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: gY2boAruI2F6ZmrFNIKZMQ2oOmhId3BDZNrvSv4dDXv7Yxw-Hdcn4g==

GET
H2 200 country Show response
api.btloader.com/ 16 B
132 B 64ms
53ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 61ms
52ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=iLFhWcfF&w=5142342223265792&o=5708166709903360&cv=2.1.27-2-g1727909&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fcaptcha.bot%2F&sid=O98RcgkD&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 07 Jan 2024 22:41:19 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 207-4bbffe7ac37a17e779c6.js Show response
js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/ Frame 7A44 14 KB
5 KB 40ms
40ms Script
application/x-javascript 18.245.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/207-4bbffe7ac37a17e779c6.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master-e78e10b701ca76de64ae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.96.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-96-60.yto50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d7ad4756d5887ddadc06f5dde5e3e7d570ff9890478bfa765369575f17ff6986

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: wkFHKQqyDrNSZbi1TkUI7S_og5XwvE0g
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 07 Jan 2024 22:36:26 GMT
via: 1.1 448b69523e9e6d19ed8280b1c8be22c8.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P3
age: 292
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 Jan 2024 08:55:18 GMT
server: AmazonS3
etag: W/"711563c70de1a66d10378a56855b1bfe"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: xnSwaihq4Ec8Fjzz1qeid0bPiQ59iEpWb2-3b8Xz7si10SrLCDrFeA==

GET
H2 200 210-be5f57c1476dcf04cae5.js Show response
js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/ Frame 7A44 98 KB
32 KB 46ms
39ms Script
application/x-javascript 18.245.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/210-be5f57c1476dcf04cae5.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master-e78e10b701ca76de64ae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.96.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-96-60.yto50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b74e3adee873afc726f9ef7f7ed90a500afcbd94eac43d3e8f20c9de4760c101

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: ekyj1rPjBXVvt94p6hf0w64w_i4o6sjY
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sun, 07 Jan 2024 22:41:00 GMT
via: 1.1 448b69523e9e6d19ed8280b1c8be22c8.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P3
age: 20
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 Jan 2024 08:55:18 GMT
server: AmazonS3
etag: W/"572ffb2767341db4b7ccf639269d6888"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: 00fKNh7LCWzCWv6vFj90HSZQuwXWOMcSQCV6-WOyMB-ClQoYebVkHw==

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 158 KB
44 KB 45ms
44ms Script
text/javascript 2600:9000:26c2:c400:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=captcha.bot
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c2:c400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f7b7682f77a3b058e7c8b7d88984dfe31a16dc29cf49abbba5fcdc5b7b2cf3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:34:25 GMT
content-encoding: gzip
via: 1.1 0f0b1a29daedcaef491f1558b9ebf0f6.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-P3
age: 415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 06 Dec 2023 23:27:11 GMT
server: AmazonS3
etag: W/"7636a5d5c097ff5973731fa30bece2ba"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
x-amz-cf-id: l9_i2uDkLqNq3UC5sXO0-7mDIiXhr6mbL1ucOoGYLwvXLrGnSnXcdQ==

GET
H2 200 api.js Show response
js.hcaptcha.com/1/ Frame 7A44 326 KB
92 KB 87ms
36ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hcaptcha.com/1/api.js?onload=hCaptchaOnLoad

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.04-08.45/v2/210-be5f57c1476dcf04cae5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age: 0
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
etag: W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 841fb5235ca0a202-YYZ
x-amz-cf-id: KBgfMo8PvvHBEHk_eWv-OhxgWecgjpUEyOgV6UVefZIk6mxiGVMAMg==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 118ms
31ms Script
text/javascript 18.160.46.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-100.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 20:43:15 GMT
content-encoding: gzip
via: 1.1 9a7c700290cf80b3334e7dcd07bfe44a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P2
age: 7086
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: GBTLgAyAaijEss--ELMdWdT5J_5f0Bn6njwZ-L4NawjXRytev4eOew==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
16 KB 437ms
436ms Fetch
text/plain 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=808048392386057&correlator=2741505184909015&eid=31077976%2C31079956%2C31080197%2C31079239%2C31079527&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&gdpr=0&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Cweb_interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=4167373516&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704667279901&lmt=1703915775&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=964147890.1704667279&ga_sid=1704667280&ga_hid=800521137&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmeTZsM4xSABSAghk&dlt=1704667278514&idt=866&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D1500-1999%26PREBID_READY_MS%3D1500-1999%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3Dnot_ready%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D1000-1499%26CMP_JURISDICTION%3Dunknown%26CMP_ALLOW_PERSONAL%3Dfalse&adks=3794695886&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4068f6fbded1ffc3f0a7d2fec7d521f120e19cf5db4074d4cfc1a237d99b210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16093
x-xss-protection: 0
google-lineitem-id: 208234953
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324260112
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
265 B 30ms
30ms Fetch
text/plain 2600:141b:1c00:31::1739:5a4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602535&cmpj=unknown&v=1&ttm=1704667279911&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=ee8eeaad00d63640f3f1&srate=100&adserver=gpt&etm=2194&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:31::1739:5a4b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Sun, 07 Jan 2024 23:11:19 GMT

GET
H2 200 container.html Show response
cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C026 6 KB
3 KB 160ms
54ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 22:41:20 GMT
expires: Mon, 06 Jan 2025 22:41:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 40 KB
14 KB 27ms
24ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1fee0e275eff6d223e9845ca7aee343e0f4ea7b74b8e33b3b37088e559fce0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 18:27:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15219
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13827
x-xss-protection: 0
server: cafe
etag: 14489142153891184122
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 06 Jan 2025 18:27:40 GMT

GET
H2 200 geoip Show response
cmp.inmobi.com/ 48 B
330 B 39ms
37ms XHR
application/json 2600:9000:26c2:c400:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=captcha.bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26c2:c400:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9dc63939eeea8f32f81d91f0db4a34a2b28c03449c4465d7bde2a0ef19f42d34

Request headers

Accept: application/json, text/plain, */*
Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:19 GMT
via: 1.1 baea19e57b5c9a395399255309193508.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YTO50-P3
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 48
x-amz-cf-id: 9BglvfDFUn-s0yw1Q2ogsk4E9vhphWbmSfWmdNvF_ocjHhLK54oLww==

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
171 B 200ms
132ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
171 B 241ms
173ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
345 B 197ms
130ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 14 KB
9 KB 236ms
168ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 378925d48df49d8c97fbf2fffda4f96f998039b65d61371a6537750b928dc0ab

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
171 B 300ms
233ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 607 B
1 KB 215ms
146ms XHR
application/json 68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a19da46a5e6e7e2263c3a46722e4a09d90fa27bbd26a52a72470f5ff1b9e6440

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
an-x-request-uuid: 5878f31e-5591-4608-a546-ed30eac14ac3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://captcha.bot
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.42; 96.9.249.42; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 106ms
26ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://captcha.bot
date: Sun, 07 Jan 2024 22:41:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 954 B
2 KB 222ms
93ms XHR
application/json 147.135.119.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip115.ip-147-135-119.us
Software: /
Resource Hash: 1811af5511272be0b81e4d1fcd0f18dc5500ca06c906b537decb965ec2338f27

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:19 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 902 B
2 KB 272ms
143ms XHR
application/json 147.135.119.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip115.ip-147-135-119.us
Software: /
Resource Hash: 1692f4634c23d4d41974ab39bd43bc902f263606f1ddf8ac8411e22c32d3739c

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:19 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 1 KB
2 KB 224ms
95ms XHR
application/json 147.135.119.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip115.ip-147-135-119.us
Software: /
Resource Hash: 4c2342148d00141b17c2ff05dbcc0bb07964eb2c8063c4d10710f9a17d6b4438

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:19 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 1 KB
2 KB 231ms
103ms XHR
application/json 147.135.119.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip115.ip-147-135-119.us
Software: /
Resource Hash: 565ac5bf510d8ed8e345bec4c1cbd7f2f1fcf047af3575ad0bc72e3899c457df

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:19 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 1 KB
2 KB 228ms
97ms XHR
application/json 147.135.119.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.119.115 , United States, ASN16276 (OVH, FR),
Reverse DNS: ip115.ip-147-135-119.us
Software: /
Resource Hash: 19c8c9917111a8e094cc0fd6ebda0a65dc5bb182e15e132f43472bb665bd2d53

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:19 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
190 B 104ms
38ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.27.0&cb=70616480553

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://captcha.bot
date: Sun, 07 Jan 2024 22:41:19 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
167 B 107ms
31ms XHR
text/plain 147.28.129.37
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Sun, 07 Jan 2024 22:41:19 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://captcha.bot
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 265 B
604 B 219ms
122ms XHR
application/json 2602:803:c002:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=1%2C55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=a41690fc-5680-48bb-b2de-4ee1f348c4d7&l_pb_bid_id=5039ab9c1648ef7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8560268933841935
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c68602f6f115301be1b024ae68285801724c491b5d6890d4cca9093f71d564ce

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 265
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
602 B 224ms
128ms XHR
application/json 2602:803:c002:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=0fb259d3-cb78-4af2-b853-2577b3dfdd7d&l_pb_bid_id=519ca05667c0097&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.009953669010019706
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ee7abb064897d2a7e43f72056b5410129694010448cec5f8c6f0f032645f4605

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
602 B 323ms
226ms XHR
application/json 2602:803:c002:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=0e30dfb8-678f-4438-9b2e-35fa9fb3f62c&l_pb_bid_id=52458995c1041a2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19638167877334767
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9119ed6db66d16cb1bb6a9c4ddcdb29a217e431a9d4505ee6bb0dbe5d1526b17

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
775 B 191ms
95ms XHR
application/json 2602:803:c002:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=bdf93dae-325a-4d0e-8fc4-f8b7684d7ee8&l_pb_bid_id=53ad6d1ce889679&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8382185578214394
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 76488018db965015e6d5c626ecd802a153092f46fb97dbf9b0f08646afb4c85a

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
601 B 255ms
159ms XHR
application/json 2602:803:c002:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=1fa79bdf-f927-4a56-b8fc-e1a5dfc11bc8&l_pb_bid_id=54e7e07c1e0902d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2564237888289187
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 775da9505d2a043fb346ceef16ff318676e5861f855c5f85731336b94b41ae09

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
602 B 196ms
100ms XHR
application/json 2602:803:c002:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=e15328b6-067f-485a-8a09-36e08f6e828e&l_pb_bid_id=55267bdad9ed3ea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8028079693705885
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 52d7c4b044a6366d5e2b053fe66b3c6d4c02dd9b16b3674774c2fa22cfddcb96

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:20 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
739 B 198ms
112ms XHR
application/json 44.217.55.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fcaptcha.bot%2F&tmax=1000&gdpr=false

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.217.55.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-217-55-203.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:20 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
content-type: application/json; charset=utf-8
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/3b797c3/static/ Frame 0EEF 2 KB
1 KB 36ms
34ms Document
text/html 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=vsrvmyg4pnm

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=hCaptchaOnLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

165d82fad4d52f2f2d48bbcad0bb294e7fc90843d42002db7d8900d0d4b101fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.chargebee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
age: 754836
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 841fb5243dfda202-YYZ
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 22:41:20 GMT
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 7293b56f3a0eb541aadcbcaa0146d528.cloudfront.net (CloudFront)
x-amz-cf-id: xLRZG543ZB-eV5fWsF4Pp7OJQID1S3g0Wchak0rh58tvy8PWTIzsDw==
x-amz-cf-pop: YTO50-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: zqmRvj.5H3xz3glqyfc6p0MpeMIvCHe2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/3b797c3/static/ Frame A45F 2 KB
763 B 36ms
36ms Document
text/html 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=hCaptchaOnLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a9421e36647973f38d80cd149c3d4b30211aba44dbb1c28d82927be59e9a224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.chargebee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
age: 754836
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 841fb5244e17a202-YYZ
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 22:41:20 GMT
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 7293b56f3a0eb541aadcbcaa0146d528.cloudfront.net (CloudFront)
x-amz-cf-id: xLRZG543ZB-eV5fWsF4Pp7OJQID1S3g0Wchak0rh58tvy8PWTIzsDw==
x-amz-cf-pop: YTO50-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: zqmRvj.5H3xz3glqyfc6p0MpeMIvCHe2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
610 B 150ms
47ms XHR
application/json 3.215.169.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.169.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-169-119.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 80c39b44efb71ea8c3946f35a4d2c2d6eb75ac7d69ed5a127f41862017868db6

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://captcha.bot
cache-control: no-cache
x-server: 10.40.2.145
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/3b797c3/ Frame 0EEF 326 KB
92 KB 31ms
29ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=vsrvmyg4pnm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=vsrvmyg4pnm
Origin: https://newassets.hcaptcha.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age: 190151
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
etag: W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 841fb5247e6ca202-YYZ
x-amz-cf-id: KBgfMo8PvvHBEHk_eWv-OhxgWecgjpUEyOgV6UVefZIk6mxiGVMAMg==

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/3b797c3/ Frame A45F 326 KB
92 KB 33ms
29ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 de0a592002999100a0085e087a370864.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age: 190151
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
etag: W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 841fb5249e95a202-YYZ
x-amz-cf-id: KBgfMo8PvvHBEHk_eWv-OhxgWecgjpUEyOgV6UVefZIk6mxiGVMAMg==

GET
DATA 200
OK truncated
/ Frame A45F 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 158ms
69ms XHR
application/json 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1325639362952a3cf15c3d08d15452c2cc1e471d94392d5853107dd117686df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12208
x-xss-protection: 0

POST
H2 200 checksiteconfig Show response
api.hcaptcha.com/ Frame 0EEF 719 B
887 B 59ms
40ms XHR
application/json 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/checksiteconfig?v=3b797c3&host=js.chargebee.com&sitekey=dc26aa54-4902-437f-80e2-a22947a6c01b&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0add4dade7d5e777165a41f32e0525229914f6dee4cea8dd2f653a489d023092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 841fb5256fe1a202-YYZ
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc: h3=":443"; ma=86400

POST
H3 204 rum Show response
captcha.bot/cdn-cgi/ 0
138 B 31ms
29ms XHR
text/plain 2606:4700:20::681a:76e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://captcha.bot/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:76e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/json

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://captcha.bot
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 841fb525487c6aed-BUF

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/46b8fec/ Frame 0EEF 507 KB
220 KB 47ms
47ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/46b8fec/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a72d7b59d499f68ee9814cede398e42fbd87d5c579137f65032123c4f8dd6f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=vsrvmyg4pnm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 2ffb622580a0a24837f798fa62268b12.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: LhbIACCIseZhml8Xk2JUrr99P7mYK8d0
age: 92797
x-amz-cf-pop: YTO50-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 26 Dec 2023 18:49:30 GMT
server: cloudflare
etag: W/"d85d85be5bdb20c10f4397e54155215e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 841fb525ae1536db-YYZ
x-amz-cf-id: aFQ--jVT2PQWwynKK1FOTqsy7xgkZHwrQWbxjFLFujp7QBLOu0GfJw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 243 KB
42 KB 491ms
489ms Fetch
text/plain 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=808048392386057&correlator=722321922000017&eid=31077976%2C31079956%2C31080197%2C31079239%2C31079527&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Chome_header%2Chome_incontent_1%2Cscrolling_sticky_footer%2Chome_incontent_2%2Chome_incontent_3%2Chome_incontent_4&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C468x60%7C728x90%7C970x90%7C970x250%7C1200x90%2C728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250&ifi=2&didk=907217920~3563266103~3802411025~907161749~907278779~907458070&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704667280334&lmt=1703915775&adxs=436%2C436%2C566%2C436%2C436%2C436&adys=140%2C1149%2C1200%2C2312%2C3159%2C4373&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x64%7C0x64%7C0x-1%7C0x64%7C0x64%7C0x64&msz=728x0%7C728x0%7C468x-1%7C728x0%7C728x0%7C728x0&fws=128%2C128%2C644%2C128%2C128%2C128&ohw=0%2C0%2C1600%2C0%2C0%2C0&ga_vid=964147890.1704667279&ga_sid=1704667280&ga_hid=800521137&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjK5tmwzjFIAA..&dlt=1704667278514&idt=866&prev_scp=is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Cis_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Cis_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Cis_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Chb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D1.00%26hb_adid%3D638813fe08672fa%26hb_bidder%3D33across%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Cis_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D1500-1999%26PREBID_READY_MS%3D1500-1999%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3D2000-2499%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D1000-1499%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D2500-2999%26CMP_LOAD_FINISH_MS%3D2000-2499%26FIRST_ZONE_MS%3D2000-2499%26HB_AUCTION_START_MS%3D2000-2499&adks=789855873%2C3730992247%2C3743414737%2C258786273%2C1791281508%2C4107777432&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa8a82ba170196241bac6d8d4815cdd6907b807bc9f8a66fafa480a4c11c900a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42892
x-xss-protection: 0
google-lineitem-id: -1,208234953,6135256488,208234953,5934703410,208234953
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,107027455233,138370396424,107027453073,138383374726,138324663424
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://captcha.bot
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
265 B 38ms
26ms Fetch
text/plain 2600:141b:1c00:31::1739:5a4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602502&cmpj=none&v=1&ttm=1704667280351&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=ee8eeaad00d63640f3f1&srate=100&adserver=gpt&etm=2633&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:31::1739:5a4b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Sun, 07 Jan 2024 23:11:20 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
265 B 39ms
28ms Fetch
text/plain 2600:141b:1c00:31::1739:5a4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801516488&cmpj=none&v=1&ttm=1704667280352&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=ee8eeaad00d63640f3f1&srate=100&adserver=gpt&etm=2634&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:31::1739:5a4b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Sun, 07 Jan 2024 23:11:20 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
265 B 37ms
27ms Fetch
text/plain 2600:141b:1c00:31::1739:5a4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22856109504&cmpj=none&v=1&ttm=1704667280352&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=ee8eeaad00d63640f3f1&srate=100&adserver=gpt&etm=2635&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:31::1739:5a4b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Sun, 07 Jan 2024 23:11:20 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
265 B 40ms
29ms Fetch
text/plain 2600:141b:1c00:31::1739:5a4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602508&cmpj=none&v=1&ttm=1704667280353&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=ee8eeaad00d63640f3f1&srate=100&adserver=gpt&etm=2636&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:31::1739:5a4b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Sun, 07 Jan 2024 23:11:20 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
265 B 39ms
29ms Fetch
text/plain 2600:141b:1c00:31::1739:5a4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602505&cmpj=none&v=1&ttm=1704667280354&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=ee8eeaad00d63640f3f1&srate=100&adserver=gpt&etm=2636&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:31::1739:5a4b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Sun, 07 Jan 2024 23:11:20 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
265 B 37ms
28ms Fetch
text/plain 2600:141b:1c00:31::1739:5a4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602511&cmpj=none&v=1&ttm=1704667280355&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=ee8eeaad00d63640f3f1&srate=100&adserver=gpt&etm=2637&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:31::1739:5a4b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
content-length: 21
expires: Sun, 07 Jan 2024 23:11:20 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 167ms
73ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 22:41:20 GMT

GET
H2 200 container.html Show response
cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A71 6 KB
3 KB 34ms
33ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 22:41:20 GMT
expires: Mon, 06 Jan 2025 22:41:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 7A71 4 KB
1 KB 136ms
51ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 07 Jan 2024 20:43:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Jan 2024 22:41:20 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DBCE 24 KB
7 KB 35ms
33ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 05 Jan 2025 00:00:35 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame DBCE 25 KB
10 KB 135ms
61ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32718449268b8cdb0b7251eac8dd860219484a1b8704e5026e6a1701c9ae969d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10275
x-xss-protection: 0
server: cafe
etag: 3760328457980313256
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBCE 194 KB
62 KB 222ms
112ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:20 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame 7A71 22 KB
9 KB 37ms
37ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 15:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 15:18:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D11E 13 KB
5 KB 41ms
40ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 528965
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 01 Jan 2024 19:45:15 GMT
expires: Tue, 31 Dec 2024 19:45:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4D43 829 B
1 KB 258ms
61ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

253b40f53a656bb4b28be55bc50179a97e792514fef999972c2aba55f1b21367

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f8GI3GgVrjpezTCekM7ovg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-f8GI3GgVrjpezTCekM7ovg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 22:41:21 GMT
expires: Sun, 07 Jan 2024 22:41:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DBCE 146 KB
50 KB 104ms
104ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

654868240578042fc11fe64f450abaae910983b5f57b3f9b2e885885394b64e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51188
x-xss-protection: 0
server: cafe
etag: 9039375648406031926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:20 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame C267 196 KB
55 KB 197ms
87ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 05 Jan 2024 20:11:10 GMT
age: 181810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 04 Jan 2025 20:11:10 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C267 15 KB
6 KB 143ms
35ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 Jan 2024 00:00:36 GMT
age: 168044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 Jan 2025 00:00:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C267 95 KB
29 KB 148ms
39ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 Jan 2024 05:20:38 GMT
age: 148842
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 Jan 2025 05:20:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C267 5 KB
2 KB 194ms
85ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 Jan 2024 07:38:24 GMT
age: 140576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 Jan 2025 07:38:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C267 40 KB
13 KB 183ms
74ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 06 Jan 2024 16:05:30 GMT
age: 110150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 05 Jan 2025 16:05:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C267 14 KB
1 KB 59ms
49ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 07 Jan 2024 20:44:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Jan 2024 22:41:20 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C267 2 KB
2 KB 37ms
36ms Image
image/png 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 00:18:09 GMT
x-content-type-options: nosniff
server: cafe
age: 80591
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 08 Jan 2024 00:18:09 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C267 295 B
319 B 36ms
34ms Image
image/png 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:41:43 GMT
x-content-type-options: nosniff
server: cafe
age: 21577
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 08 Jan 2024 16:41:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C267 0
0 161ms
59ms Image
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNoLPIRErZHpXV15tVUg_tueIoHYrQ6jPvBy1L_ZBxfgRb4uhuGeIKdn4P9XNaupG-TRTaDE1RFx1-3-8C1lP43BL3_A
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 container.html Show response
cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1D11 6 KB
3 KB 45ms
34ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 22:41:20 GMT
expires: Mon, 06 Jan 2025 22:41:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B70 0
0 67ms
67ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQCAr-QmDjuLebWsgZg_eRj51t4WsZBbpQt5BcYZ4Y5-s_c8inHWxZIqN5-l2V098j-MiQDGADVxNhTBOIYYSLDrdhaKRCvG4G_B8OG2Kj3BOQiRunwADsfQcB_RAlmG6gD6C8hkBjvDblOdnB0UvbYKIeez5k--zKQRBVCe5ZHlPLC60uqRc9kuZiGkWmcxasEIqrAcBzYGQuIMyXZLcaDKOX-ey6MrwpKLgFtksHQHiQDi6ZJ5G5DYPCeSAqcFcecyipvVBP5oU6mT880PmFoE_by_3PsDMa4Tbnnqe5T9xjMbPh8bpmuWk5YXiSQ00HDMtx9KPPreGV9dBBIULHY-4z0RddsVqqwzSQ3Z-8p-tlfIJKsZPlXpCfj1YqN-rCPnMarNscgnV9fLyZFxPZ79p8BQ&sai=AMfl-YS8ifWZ4Lhqv7duujKqdy1GO7hjY4hpf18RMmGeikzpwqETnIizF7LvdEuahDdq_jtQr_JVO9R6vHu4Xn-VYd3IOOyA4F5lhBgMgUTl2cHs4UYdWIiVCW_sMtMPLg&sig=Cg0ArKJSzJHtc25pmzVtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B70 194 KB
61 KB 76ms
74ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:20 GMT

GET
H3 200 container.html Show response
cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DC34 6 KB
3 KB 48ms
37ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 22:41:20 GMT
expires: Mon, 06 Jan 2025 22:41:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAAD 0
0 55ms
54ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIRXVdoAI8eNaECysYDrD9Cx6F1BNkWN0r1CiB61l9qHjnS6E4NtngStytxxzAOzn_NDvOaxIwbJIfaV6iAlbAHYC9RWvmAnzb9lOudSULbwmD_4GjJhclTKL88dDzVp9gkULTLShx_lPQAA7XemgMaI6fZDU6z4Bb_e-YvkoCbI9AtJfk7HRwE2vcbUM42LtzKUz21DteCEqGm813TcgEpHn6a0JpTDltvMF_WmrsksqoljQATOgwbwZdxSROQziQ7aBLRKaxs9jJSH-n7YO0-YI07fvYQjAxj078SRkfRS-u8KImaoG9w0OXLMvkjZSr1EWBSeWPlkYLIMm8Q7cTl_yz55X7tAOiAHJfQ9oh6YaiQOnRNqr_n6x0p6SgmrglITBhRFGMx_-3OH4&sai=AMfl-YQG8erRjSSH8Qk7n3qUIkFUIY6o5Aw5uOxat65o12-iOLsRngOVHS68L-XryTmImn1_tcqZCxkGbH9nGoWl-2GKVGvja9B_IcSNMsS3_MgfwSF-amO6eOR6pXCWvA&sig=Cg0ArKJSzNnGShVuTEJjEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame FAAD 26 KB
10 KB 102ms
28ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 07 Jan 2024 22:41:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 15749
x-jsd-version: 1.16.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9365
x-served-by: cache-fra-etou8220028-FRA, cache-nyc-kteb1890061-NYC
x-jsd-version-type: version
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAAD 194 KB
61 KB 88ms
88ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:20 GMT

GET
H3 200 container.html Show response
cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9EF4 6 KB
3 KB 43ms
37ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 22:41:20 GMT
expires: Mon, 06 Jan 2025 22:41:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C267 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ba97474283c18a94f9703af1c6e1b7c89d114a98ee1cfdf878b4c4815543b76

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 310ms
310ms Fetch
text/plain 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=808048392386057&correlator=722321922000017&eid=31077976%2C31079956%2C31080197%2C31079239%2C31079527&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Cscrolling_sticky_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=468x60%7C728x90%7C970x90%7C970x250%7C1200x90&ifi=8&didk=3802411025&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D5c9eeefa22fbb5ff%3AT%3D1704667280%3ART%3D1704667280%3AS%3DALNI_MZTgHECW8ktVdtkKEfpwLFGeN-yog&gpic=UID%3D00000a06bafb1781%3AT%3D1704667280%3ART%3D1704667280%3AS%3DALNI_MaFDWVa5CdpQb8KexOqtRwFGEvouw&abxe=1&dt=1704667281004&lmt=1703915775&adxs=800&adys=1151&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x-1&msz=0x-1&fws=516&ohw=1600&psts=AOrYGslEaVOb-fBLBsIIvUHkCeR3M8ig8kAHePnJ4Nif5VNyjZ6Ejs6c_fRuGCRjmDEl43ZXctP1YRPIuWpeyZhEhD9Rop7QOhnEhB8%2CAOrYGsmH2damI0ZDHA9JEtYmq2Ez64eE1AIjcu8HEaSbLPpQq5J4oay7RHgjRAaqMal29s_LmhW8nbxT9UZoL-uhhPEuqjLoOfc%2CAOrYGskt1O87YeyFJiRbjyoDpC2mcWVsJRfAAeW1sqDvFKzoHVN23jBLgTG2oqmw3NdIOd1ZZ4nfwI8QK3Jp1iPqXwdgWPbVTLE%2CAOrYGskOMJmQTEl86_oojNWJ9cnK_bIcGLzAfruaXMojXuwaPsdAH6W9dXWf1C73OHQ9h_t7ZNJU92iyppo81i4eVXZmiYkIewKu7cA%2CAOrYGskO4Afp4l_DCT6hED0RdAIEmcfgLQqmW7LJlONU8LgWkw03teLkPa8L4Y3f0UiEn97SF8z8SQJdxoVtgLK1Nn_HZnctHVM&ga_vid=964147890.1704667279&ga_sid=1704667280&ga_hid=800521137&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjK5tmwzjFIAA..&dlt=1704667278514&idt=866&prev_scp=is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26in2w_key%3D66%26in2w_key2%3Dnope%26in2w_key3%3Dadx1515%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3qgz%26in2w_key7%3D1515%26in2w_key8%3D66%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D1%26in2w_keypm%3Dfuse-slot-22856109504-1%26in2w_key9001%3D1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D1500-1999%26PREBID_READY_MS%3D1500-1999%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3D2000-2499%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D1000-1499%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D2500-2999%26CMP_LOAD_FINISH_MS%3D2000-2499%26FIRST_ZONE_MS%3D2000-2499%26HB_AUCTION_START_MS%3D2000-2499&adks=3743414737&frm=20

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0eeec02621746a6c02314ba43ffda910f70b0e42d63080f3244abb955cadc84e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12117
x-xss-protection: 0
google-lineitem-id: 208234953
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663415
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C267 33 KB
34 KB 126ms
37ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://captcha.bot
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:05:30 GMT
x-content-type-options: nosniff
age: 110151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jan 2025 16:05:30 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 108ms
36ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 08 Jan 2024 22:41:21 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ Frame DBCE 403 KB
136 KB 84ms
84ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69b3046c4091ee871639fd5d428f7ca1285539307d96d33399cbfeb57e053470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139393
x-xss-protection: 0
server: cafe
etag: 17763665680456116121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240104/r20190131/ Frame B215 9 KB
4 KB 38ms
31ms Document
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240104/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 80646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 00:17:15 GMT
etag: 9219409622527106327
expires: Sun, 21 Jan 2024 00:17:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1D11 24 KB
6 KB 36ms
34ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 05 Jan 2025 00:00:35 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1D11 25 KB
10 KB 64ms
62ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c61b7444206c338d52c7d7078347e86b5c3a047c01614ffcf57567d725fc125e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10275
x-xss-protection: 0
server: cafe
etag: 18357249344766068248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D11 194 KB
61 KB 85ms
83ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1B70 0
0 111ms
55ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCFq5Zyz91Y4FylzWolTeEwO6FrieYwHgJMB2s7mdgLfWYObRdgPWo3QG0Ngzc9S06WRzirTOQv8w2Lfk-Nhly2Yfp5VZOxuX3Fovnl7-tSg_fmvO9-OHgjnH4QewAbI-_VRjVe8QP6moqPRLzWmXAJw98ktXYLodl0gMUSlUzpRQlF5KY_xWJbA9EL1Gv-5JVZAwS4nZNMe2_JyhTox2JtmioCXeW07ExXVKp6vylrFGE96swdKks9p41C7fpXa3_7s_WM_STcFThHtZWjhpWBoGMV9A7Hx7p9pEq8Cjb_WmDU07XCKajS6smv6B0XeH7u4Pfv-HJZkTnEFATRp9rWlnbZDa9f3awaA--S4gspyD4LTzw0hPD2-LVpzCJLedOdykhEuGYkhDNyJBgtniqBLESA4nE&sai=AMfl-YSZN2xgoKG9DfoqXewI2hY0_KVNuixHL5e8jdR2ulQYLXLh2zW4hnlfTl0MnDsYwKD3qM171cZkg28clK4OuLyxFxLveGzz3rCj3mx9Et5TpphilpnTUUb636ZsRQ&sig=Cg0ArKJSzBKQL-2TOgKOEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DC34 24 KB
6 KB 50ms
34ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 05 Jan 2025 00:00:35 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame DC34 25 KB
10 KB 78ms
63ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

405229106aa2607376300a629c2ac8036c4d8f0d866d4fdc9d07a5106ddcac7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10268
x-xss-protection: 0
server: cafe
etag: 9251970619481553042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC34 194 KB
61 KB 84ms
69ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9EF4 24 KB
6 KB 47ms
35ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 05 Jan 2025 00:00:35 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9EF4 25 KB
10 KB 113ms
101ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f92c637f152b65b35d830389af8a7fb40055d141364e403b8ffe0c5db494c409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10263
x-xss-protection: 0
server: cafe
etag: 17146570253092085754
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9EF4 194 KB
61 KB 129ms
117ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H2 200 _p.html Show response
eastads.simpli.fi/ads/3121785/27916290/ Frame 6670 3 KB
2 KB 263ms
35ms Document
text/html 35.221.21.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.221.21.110 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

110.21.221.35.bc.googleusercontent.com

Software

Resource Hash

867b9f60b731c454a0e51b38656d162a32b81966673e223bfaafa7984f596d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 22:41:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: F6gx3FfYY2FUM89mGwXB

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame AAD4 281 B
555 B 257ms
30ms Document
text/html 23.47.170.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=na&co=us
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-170-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 07 Jan 2024 22:41:21 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ad.html
eastads.simpli.fi/ads/3121785/27916290/ Frame FAAD 0
0 263ms
36ms Image
text/html 35.221.21.110
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eastads.simpli.fi/ads/3121785/27916290/ad.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.221.21.110 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 110.21.221.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 11eaa7b0-e234-415b-901a-ab48b46cca93
beacon-iad2.rubiconproject.com/beacon/d/ Frame FAAD 43 B
227 B 326ms
33ms Image
image/avif 2602:803:c002:200::24
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-iad2.rubiconproject.com/beacon/d/11eaa7b0-e234-415b-901a-ab48b46cca93?oo=0&accountId=21642&siteId=300054&zoneId=1508208&sizeId=2&e=6A1E40E384DA563BD07CE35ACF8F2546B67E606413E08E770288C3B30DEC37AD02B8815A4CF238465F45B511B2DD10345F64092AC966A6F6F2C086156EA141F366B1BB154B19B35D1110894F7AC3BCD56BF82A5A3C38FB63CCEE87F7A62C3128AF2630090FFAB3F7796350A328B6C89EE59998CA7FF77B3F975B2BB4C51E8CB504849D224A7549B2DDC3EF3E77D75DB450970F0196453B87E82800A31CDAA9AFF0A34407E0B3C4582544696C7453D3687C65178AA19DAD1B

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c002:200::24 , United States, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:20 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 imp
lbs-event.gcp.lineate-33x.net/ Frame FAAD 68 B
288 B 264ms
37ms Image
image/png 34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbs-event.gcp.lineate-33x.net/imp?id=1&bidid=3&impid=5fe43ebb61055&adid=35440_4957172&nurl=&randsalt=235122&auctionPrice=1&impression=AAAAAIgU-QZwdgACAn1XS4xkVRnuqp7uri4cEEyQSCRlmxgG-zTn_YCQphkTMePwHIKwqZznTDHVXZ3q6oEBiToJPkYXwAZlI4GNTljoxIXMRjNxAcQYZxIfjBth4QMNgUETmJiM361b3TQT5S7uPffc_5z_8X3_d-9t_-va9jvXthvsqt2qZClyCJpRpa558sw_X5zt_Oovr_3kN-yG6d7q-j2XOb3klrh0S5I_ONo_eLTX7_sb1RLtXH9_by0NHt7o3HGgw-gSvbmDCS1v7jyi5Z7Oyvp6P9-fw77e6EYlzJLQnev33X5g_5cXO_3e4dz5Yo6HB3s6ew8NB6v5RsaxwZKmzi0x7jr3-uKHvcm6cBWljAaKg9-9b03JlZUvPDTLhNFcDGeF4FqaR6dbf5w51mi2HjzemHoa19azODVONC6Lfn0UD_mlMBidaswP85HuxiE_zOcau6qY32w077v3fGPuts1SfH9wodG844FjzV10ibvjzblJgk83G_zZ5pV35eHGYM33O3sHq-ubozx8vjlz5-hQHp5oNgU72XzmigMHVrpKF8kQNBHJCCJ54MR5momgKeliuRdaLFaGmWmqC1UkURuJRNrEesGJjkVSoRkrLo0NjcLKECKhkhkibaDEcpFJkkU4G2SQJYwNo0ip-JiJi8kSKZMmwcCBSdRFXop2jI4NvZJUaiVJ1s5VhpFYZQwpLBotI5dc2rEhjSw5LCM6u0ykYIk4KguxzjHnsE6EODYUzmgEbwgtKRA8oCRIZQkXRmkRkqCG1VkHOMlZk6h45dpaEpAAkbqYIBFFmZRHZ-FCzpZkyvDYWUZ8Coko5bJzwUSvakNRKKdZCeJ4gCFlnHhuA2FaUcdZsCzXMTofaZUbCVpTxGgc8cZLEgTLyqKIOpuxYXDZOC8UkTlxIr3U2JFHUpTlJgabTKoLrpJO0XIk46qsFTWAEND7kGniEt68rF07HrPUnhjFkLXTKDi12FZLwZPCRdeuU0pKKZuI1jjJBPSCsRnIOBWEc4LTiaGIpViD6KVFMhLwWCM8QS-wKGRMMtblAfJZB8UIlmrsWBAjwiLJGBCVCSujrg1zjLoAGV00DIW2qCjoUWT2VCSJFPPYEDwCH1HHkqsYs2QkWKeIY9JQy1A6WbtmmmtK0QDZ0VQxXBAfEWjyKYeoo4iiJoXyvjhnMhDODOUpjNiCrJ0tQUieLJ0wnAqGgkVPkCUKniMMGUjJi5NRap6p9WNDcBrUM-BMiegZp6qsFXoNWPuYQNVUkwJlMN6jPKkKVAJNYtGVxArsJ3OGbd2FKlCUTQYC0CuaWU9CjJEEJUvVBsbAtbVMu7qc1nibuUbj-4obEoX1VFHUIiVuZRYBtBzb162WBbVoNagFZazqoEicDJARy7lExU0AO1f2P0g406h9pYasXs_r9bRYkQ0l3KCQwEwgvpSICZxxGXxOStb2tQboAlQLAIwqVY3I4M-gbWXFfC4TgKzh9loL6Xgh1BqgyCl4AcoS7UE0Dg1GieoIovU8S3RVQrOg-xXxigqiPMeeQhhn61QVdIx6lwgyhU4Zh24IohBsxyAUjtlSEyh4ePaoYVFQNZAchugQECh7aSAEdNIN3kMy0WQEgCEZD8yDNqBk0KrolBxkYdEw6F8NTnKWMwnUFYNwSAp6oEyUFBGoMFQn7dVErjTnVEQCJBGByhAXZyspyCI6LSjzdfmN4UWj9NiHw9BT0AMKRWIKimflBES4lisUTJQCsQ_QPimCA-K0oKY2OCiBtQm4GkiU3lJWaDxTJCtf8QII--AqGqqCd4HjybGt1wR3EjhxV4XKcQoyKhSZF2srevktphXtQVdUh6OTrK9eGF4Tk5X0TkBPxaRKTFbxwKtNoLzC-8wmK0iKsjDvqLG0zokzFSE5kWRrKx10hXioJAGajBqjBHNh0pYisahFpeISyYMDwUHEqEP0HuhYVZNOKGWcQ2R404B0ESOQwZDMC1cQMSjQFkBOc4CBIgogGbIkriKCN9nrUhCLSaeazzUfW8hrqZv8KC_ctMApF5Qzs7C4cKSXH_ah1--NjuIBoxRzB1cxzKvrmFpc6B0J3fU8jHlthFkpxlPx0il_kO1Y4w-KD93xHXfrw0HajKMNTG30fMDMyMdRL-L-UHVX3RzJ3d5atwqtO-qt1hGP_fpL_a77gzn66nZsMFn0gZGqctwY-eHow7lTW-VZtuN6_HTzE_dshl4crHVWRiMs7mH0lVebc3dthn6vjM42r45H96fR0TLIQ3P0sBkevj2u9ff1zzV3VXm82ZxG8c43Z4SSkl5o7h5fu5XyMsOPTX_qodUYB8PVXjwMHxujIWoAF0txsHpienYNT3z_5PTUqenZ1p8vXrw4d3prcG4a33FvTk9dmJ6tvxVf2fXcZ775zPd-98Dyme3Ra9uj17dHf98evbM9en_XL1_a0_3q3gPL35gpv3hr9NdX3l3-zszv__Pevu_e9P7yU9ujn85srXhpZmp8vL38t5nG12cb3569uHU0fjTbODmL6M5WpzdmZ3ZPTb182_nZqQvV_bE5nI5XpyfnPljy_R3js3N72tdNoAKMY6i3cWe0u5HjlU_84-6fX_fEn5bPzl3f_vT_s1WXmF7dvmwHra-sE3jg1o_0J2p_U5PjI_2x7mpvbYfpR6VxaWyfa19bNvv9o12QIA5zXts2HYKfOzb9ZPtjO3eaPJG3jp98aM0t7T-8sH7LG8tvzM18aeU2Lt-ea1yY242ve04Z_iZwMcdbzdY1P2i9-N7n5_-95-Xl51r7TrYa7FRrpj29uXb4dHXde9f-V1tz7Znxn8iF1mL7hh1_Dt31ugtu-t89cGx-d3vnj8bxeWyUNldXjz49P936VuPZ-WareWL-ivZutjjZqSL-yfmPty833D6CV7Iz9BGu6OlLdjoz_9ad7_7wa79uLZ-bn3p9_nn71Anzs4Xl89jwlvfmG8fau9rNxx4_3r78YCoc3zoFZ-3zqXbzUHi1DfL9tt14re35ffSGH392-b8=
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

GET
DATA 200
OK truncated
/ Frame FAAD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13637ae1792aab0dde8095319fd2812b2c74134f9ed599c5c11e1c0ea132ce7d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4D43 0
0 95ms
94ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=808048392386057&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D11 0
0 56ms
56ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstU_wDJFYBmH_dsDAOFu2_77FtQK3zEybCzyStfXK4OvJA7EzHr-y2BA1u8Di0BCbPFtSd_g3mba3ddXxQ-fqV-Re5NH0yGLcGbS8wF0t3AV5v9zN9-IIDSevse5E-E4niApvO8OdiO3p8Uv9yOyq6liYY-LsU1-Im3CCZI03anadDiU1BCGRS9SZjiqTEg3O2WDNDYPiHNOe19iBfNEkkvN4Wa5oR01BQiYenoGD9-HyMXDcPozXEPBEM-Oa1PVksfByPs3OJLTYxeik2dIjRDU86vs25UQ9ltCUvfm4WvLBdDZygnj75Z6V0JhT71Gxf3jBz6V0szm_wZbYk9_ovaCR0QZodFgEhieJpz7yV1I_3-P3B3JgsXGKlsl1MbPUjrcmyGNIcGgQ&sai=AMfl-YQLvgUhHItxoHGfUfGmkiqe-etHqcqCwkaRKfPxHYOiuRmZVdQL3EGEPArMZv4BiE41QljlJzwJoIIusHYzzhScteWcFNmpMzCPxxDFHv5dSgoqITABccSu5NH3KA&sig=Cg0ArKJSzL0DvI_nreSPEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1D11 146 KB
50 KB 83ms
81ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d51f2d72b6013f72276249300438bc9fd5a75c3091aebca2297f797095e774fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51191
x-xss-protection: 0
server: cafe
etag: 1373159212833128869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame D11E 39 KB
15 KB 30ms
29ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 266057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 20:47:04 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C267
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

72ms
71ms

Image
text/html

2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H3
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date: Sun, 07 Jan 2024 22:41:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D85D 14 KB
6 KB 116ms
30ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=captcha.bot&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 22:41:20 GMT
server: Kestrel
server-processing-duration-in-ticks: 790137
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 127ms
57ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 08 Jan 2024 22:41:21 GMT

GET
DATA 200
OK truncated
/ Frame 1D11 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57a773d00479eef1617c44b99aa990c889efa4e28bfa4142bba7f825f201b7b0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC34 0
0 60ms
59ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoTNkDYXNNMb1TexcyZrpAp-NvvHpwzXPX37KAO9OhOnyrT2AIJesdWOZPnDe_a6Z0mXMDOuh7SVGQLclnhRcL-kw-7cE4Sj64U8u11LrhxZnlFcYEXQJk8DPLtmqahbn8hbkFQgk2MLgk09cQ5ffR3h68G28UosV12Z_TYNXauz6nE1i_BRRJjAdsmWq91F-7Ew2ZMkVyQIsuFDe_MmUGlF1mUisxYsxTrTOhvNMpYsk5WU9jmS135KIJGlbDCKvYSurHCib7ySc7gQH3toY5pmzUeR-H7oQTVJt76BObhXofvyTnZ5JDQz--AibybhptiNDsAJdHk_nNxjbzlxp-rYZKZvasblu023UEZ6PXdwEwKoz7bqe-89mSSz3MN856Je-QuX13Dw&sai=AMfl-YTtIzVGHdlHdykafEorWznIEmCRuLxFCxLMZAt_dUTxeVmcK-OJ4-QtnvXXXlrDf2HVs4Q8zQkakYWVSdMx2FqyVYN9yL8Ji9mhZjdFBYncG1jSbOrK69BG2VydCg&sig=Cg0ArKJSzB6SdDuJREUAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9EF4 0
0 58ms
58ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstICUaa0MMySzW431VZ1OAXMUD9f8ObCOvcJZ_OAXqQlo-ME_qb6FXHS0yIJnIVBKiXt3u54ndaEW9lnUCebTiidBukA4Cb5bO90Pv-UGMmkN3akMPtC8cbBDMi4wh4yEFaeIXV84Thy4yPw2VKOc2lp8x0QSUH34w-li5rn7b8M_1i6bSwYOjHZLeRrxwmRPzotzmlpYakLecxGm5KLj6iIBSe4sROjDu7sKG_oGIDdDEADBZ_esJcYlIqS8jc_hsdyTmJ1tG22MTUS-6uQDeqkR3jEylCjh64PsDeehfKAq5duq0QaQXMxUIByMjKlGtl_qwCKZ2NMtnxR8mekxZNQYauBBfZkTtC0gmaILQvddMGsJfuMhZTekrNEOgvzSUNOLQqOSt6Ww&sai=AMfl-YQhKUHDy7Z5bZXLuTqUwTTF1_-Etj_mH392aBhcOzGBKLQKs4oa4ts01wHOIDFyQYEuLaqL6-aktgdVrByIoa6j4_QvXCyqQ7ShzrXGxOmEorGOA5hA8k6vLU9aug&sig=Cg0ArKJSzACH3dv8YahtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DC34 146 KB
50 KB 75ms
75ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25c3d7fae11d7835fa3b221535ec4dc2900fd0dff2d5bb1cdf9ed35144fb2301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51191
x-xss-protection: 0
server: cafe
etag: 14654140683722603572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C267 2 KB
2 KB 42ms
39ms Image
image/png 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 00:18:09 GMT
x-content-type-options: nosniff
server: cafe
age: 80592
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 08 Jan 2024 00:18:09 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C267 295 B
319 B 47ms
45ms Image
image/png 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 16:41:43 GMT
x-content-type-options: nosniff
server: cafe
age: 21578
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 08 Jan 2024 16:41:43 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9EF4 146 KB
50 KB 93ms
80ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f724df77a45fc4ee27dd13f78e8b4f5773ed893d1cf60229de06dd5e4c9e14f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51191
x-xss-protection: 0
server: cafe
etag: 7903741388738490209
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 1B70 0
0

GET
H3 200 container.html Show response
cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ABB7 6 KB
3 KB 34ms
32ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 22:41:20 GMT
expires: Mon, 06 Jan 2025 22:41:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AAD4 45 KB
13 KB 30ms
29ms Script
text/html 23.47.170.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=na&co=us
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.170.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-170-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7eb443cadccea9522070bca2334ee371462ea22354031035ec4326203361a326

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=na&co=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 22:41:21 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jan 2024 19:22:42 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=74426
Connection: keep-alive
Content-Length: 13174
Expires: Mon, 08 Jan 2024 19:21:47 GMT

GET
H2 200 05f60.jpg
media.simpli.fi/ads/display/db/27916290/d32158eff87e9f346e4e6f5edab9037e/ Frame 6670 27 KB
27 KB 81ms
26ms Image
image/jpeg 34.160.5.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.simpli.fi/ads/display/db/27916290/d32158eff87e9f346e4e6f5edab9037e/05f60.jpg?sifi_date=8772
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.5.2 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 2.5.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ce3dcd99ba309e4729d631b372e47bdd53ab88e3d9e856b2100bdf36f7fd394e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 07:50:28 GMT
age: 53453
x-guploader-uploadid: ABPtcPr3FEsqtAMIR8rX-_5ncRNsRkeWQmj_Mb8RXkK-NLWT-R8qwohKcUQM6F914biYvPJP2UqsYbUmmQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27385
last-modified: Mon, 08 May 2023 06:02:29 GMT
server: UploadServer
etag: "d32158eff87e9f346e4e6f5edab9037e"
x-goog-generation: 1683525749069789
x-goog-hash: crc32c=nfUL9A==, md5=0yFY7/h+nzRuTm9e2rkDfg==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=3600
x-goog-stored-content-length: 27385
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 ca Show response
choices.truste.com/ Frame 6670 21 KB
8 KB 171ms
63ms Script
text/javascript 18.67.17.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=simplifi01&aid=simplifi01&cid=0611sf728x90&c=cont1&w=728&h=90&js=pmw0&plc=tr&sid=7BFq-tseoZb_N8y1CeH8CJ6lD4BRzEOb5nYWHrpoKi0ghJk1yGLRXc7uF8yXWhKlTRDGcc91jjI6qvety3_iBU14X7yL7xFv69pXBwg6-ngbvklHCWp8Rr9SAqQDol77hf1YP4AD6GTywE11hpISy7gjfRaurtjrMhdi_sjcowo

Requested by

Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.17.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-17-70.yto50.r.cloudfront.net

Software

nginx /

Resource Hash

754068f50cc4804a6bc339ed5eb7dac404c6450e482031438e8db549ccec4250

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 879741630ff6546987b7e3ce604046ec.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-amz-cf-pop: YTO50-P1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 7361
x-xss-protection: 1; mode=block
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=3600
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: O_SWFDeB0WmJ29qHpbS5hlvRu4uNoAWmGLcu-kFE6zP5gigYb5F3gA==
expires: Sun, 07 Jan 2024 23:41:21 GMT

GET
H2 200 SifiLib-1.1.12.min.js Show response
cdn.simpli.fi/lib/ Frame 6670 1 KB
2 KB 317ms
32ms Script
application/ecmascript 13.33.165.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.simpli.fi/lib/SifiLib-1.1.12.min.js
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.165.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-165-26.yto50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c67404c1eab4fd9ccbfff1e25eb2c676fbda189004a54ff050f51326080ecaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 21:54:48 GMT
via: 1.1 3500217a9615be8281152e7c88016d26.cloudfront.net (CloudFront)
last-modified: Thu, 03 Nov 2022 18:38:48 GMT
server: AmazonS3
x-amz-cf-pop: YTO50-C3
age: 2794
etag: "b45652bcc83850c179affce5e3df2e7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/ecmascript
accept-ranges: bytes
content-length: 1263
x-amz-cf-id: 9NchsNyWbtizeG6FbnIoQz4o5uLMjInHWqPqDtKjFAtPmYMi1x8fiQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FAAD 0
0 55ms
54ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjlQ7KH6nG4aCTwvnvZVjGQ_z1vOTIZfVvbfwnLPqaKvOtIcFmrZcj22s6fJFJRvcEE_gxvxwJVa9Tpj53ezphRarm8_xAzhoJxZVt_Q7TwCpEMV6dvIDmAmpdIOJ3NgD0OAasDeMhqxtrKgn521YJwPiNJKbhaoKmTjdzsPYR4cij8wXgqWq3s4rx90KYJsnbzMwRrcuIYulAfDTluGgk0ITpw5oZyNSIrdOZ7wMEFjYHhDQ47eAx3eKzoPLwaHRNBACz0WOzsRmrVkf5GX036B8ZE_SiGFdHeSTmnL083Ne4Q14EFXo4SA3DJWxLWvUktRfD3IQW_GJY07FwT7zYf1OuBJFdezCpUrfMgLal6SfzmNvEuSM0JhgVyxfHPEeP9B-hIKriHb235l2Lqg&sai=AMfl-YSugnBkAWzbR4rKkVOjBcLW8dqKXGxcewzBqPHR29jF-a4xQLnoivKpU2VGGNJ6p168IJLFKN9pvQ49V8raQJG_xFW6bPNO1dGJXPaaNNB_GtotQzJOE2_Ski2Mqw&sig=Cg0ArKJSzO8fnWqAj5pfEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
DATA 200
OK truncated
/ Frame DC34 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 218052ea0be6497e20e8afff0a51c92a5adf92bd5ce8f0c0ebd1cd89d4135218

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C267 0
0 71ms
71ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDlUZkCibZYSUG6OPjvQPvO-rsAvM-IScdfj36_OFEuql2u-MDxABINPLzjBgye6Oi8CkjBCgAZyHwbgpyAEB4AIAqAMByAMKqgS5Ak_QmDbfcYnNLbU3NlpkjrMjFt_28Fhv5CdAH_0hn7LuqxdQQGQ_d8juauV1nS-yekowUPUwWUrBor7_l66VWnHkVaO6HFb1AmsVGmItbc-WxykzlMxTDDJmnkwYx8NHGfEJ7dNlOQ0LAme34n6Mcy4XA3dZN_PLUCMqoP6omn3uR0cY46fjWDvKKngIkhl4PpHroFmybV2OAbTsmUYK6m0yKwTVnrERajuZAdqQ2qlxJNe192FZauOM-DeHlo3eFqFUgq6qW7Qa8zc5C7yn3YCNKYQ8sSgc_3zw7A4wfCyVkEfXVt_BmhxLhi6cXrLY9NJ5OKJdolH0e63h-tHSNx1sB_VkCmh25Eq_6zpqHsBxF62IjFQcq05arf3l46kJAkjDPvoEBREn6g5FyHBtVwlJE2RUs1wsrunABIHNpf_VBOAEAYgF6Zjc4k2SBQQIBBgBkgUECAUYBIAHnL-RmASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBClsAjSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WJS21L2szIMDmgnQBGh0dHBzOi8vY29udGVudGxpc3RzLmNvbS8_Y2FtcD02Mjg2Jmd0aWQ9R1RNLU05TjJCV0YmaGFzaD1oYkh3VWpwSEU3OFA5WiUyQm96MFFQd0xuS3RkQUpCNEtjcFhYUlQzTXJ1JTJGMmltN1FmU003bDlIelZlTllQTDhqSEh1QnpKWkJxcWdqZER4UTJGQjU3T2Y4WVpZTjlBJTJGQUxFNVVWRHJ0RHdRQ1pHcmVyNFkxYkZIRDVYNXFiejZjSUlzSFZ3NXBpRE13enpKNWFQZnhTWnZFVUxWYW5zM0c5aFRLa2RmczFaOWxwc2olMkJ3NyUyQnpKbmxsTHROSnUwNHB2MXY4anJZcVozR1RCaU8lMkYxbXVtSUIlMkJZTkZCVFh0OHdzWk5BREhSMEVkdWslM0QmY2FtcGFpZ25pZD0yMDg3NjU2MTUxMyZhZGdyb3VwaWQ9MTYwNTIyOTIxNjAxJnRhcmdldGlkPSZsb2NfaW50ZXJlc3RfbXM9JmxvY19waHlzaWNhbF9tcz05MDA1NTMyJm5ldHdvcms9ZCZkZXZpY2U9YyZkZXZpY2Vtb2RlbD0mY3JlYXRpdmU9Njg1MTA1OTI0MDIxJmtleXdvcmQ9JnBsYWNlbWVudD1jYXB0Y2hhLmJvdCZ0YXJnZXQ9c2VnbWVudF9iZV9hXzE4MTAzNTE5NzQ1MTg0MzQ5MjEmcHViPWNhcHRjaGEuYm90JnN1Yl9wdWJfaWQ9MjA4NzY1NjE1MTNfMTYwNTIyOTIxNjAxXzkwMDU1MzKACgPICwHaDBEKCxCgg_y52qmmqo4BEgIBA-INEwjp-NS9rMyDAxWjh4MIHbz3CrbYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzAzOTE5OTUwMzQwMzYzNBiZ0iE&sigh=V2GDJF51Bx0&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSOwAvHhf_n-l6wnhJxwhqQWpElwQkrfZbyfVHiU4ldhzrUq24w4ZBsDGT9TONyLSIZZjjj72xAVUO4rYmGAE&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 p Show response
i.simpli.fi/ Frame 6670 799 B
763 B 311ms
29ms Script
application/javascript 34.86.110.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=390015&cb=ads_31128010192._hp
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.86.110.8 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.110.86.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: d371b6d8f964696d251f18313431c37d1dbbe52f240e310d1a5db4578f6884c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ Frame 1D11 403 KB
136 KB 86ms
86ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69b3046c4091ee871639fd5d428f7ca1285539307d96d33399cbfeb57e053470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139393
x-xss-protection: 0
server: cafe
etag: 17763665680456116121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
DATA 200
OK truncated
/ Frame 9EF4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e427937af925b490a48f30d84fcc0d1783d0831fbfed41dbb4e0ad5fe356ef2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame D85D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=captcha.bot&sn=ChromeSyncframe&so=0&topUrl=captcha.bot&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=OWzVHnxTQks4WnhaWFcwNTYxYVlScVlhT0ZEdVVsSVdwWE9IZ3BpZjlrUFViYWhKUWVUZXI0OUpRYUhBVGZZNXhiT0Y3a3pVaWZUbTRIVE5iUUpvcGhLT0JZQjhIS1F0MjRRNlh6dVlCZkNjSnYvcmhqK01wOXFocEFsRW...

422 B
1 KB

152ms
40ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=OWzVHnxTQks4WnhaWFcwNTYxYVlScVlhT0ZEdVVsSVdwWE9IZ3BpZjlrUFViYWhKUWVUZXI0OUpRYUhBVGZZNXhiT0Y3a3pVaWZUbTRIVE5iUUpvcGhLT0JZQjhIS1F0MjRRNlh6dVlCZkNjSnYvcmhqK01wOXFocEFsRWp5bE1FYWJBRW16eng0cmV1VC9qc2hDa1hFTVhLK3podzJkQzlnTnVjalQrWkZCbFF0S0NwcWNyTjk4M1hodW5CU3hrYnhoMWhZbVRCbFNaaElSYUxtbzVENEZHSTh6YW9Ndm5VY0l4QUFMeDI0M3ZUZ1E4S09kUjBlbUJVRVpiTmNSYng2QUY5OXFBYjNLUkNTbkcxQTdmajRLOGE1S211Sit3UHlNODc3dlJ3WlljK0E0WT18&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a6ea6f25201f903ad4335b5b6ace1ee55ce290df4ff084e37b25b0f1bb0d1803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 8780659
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=OWzVHnxTQks4WnhaWFcwNTYxYVlScVlhT0ZEdVVsSVdwWE9IZ3BpZjlrUFViYWhKUWVUZXI0OUpRYUhBVGZZNXhiT0Y3a3pVaWZUbTRIVE5iUUpvcGhLT0JZQjhIS1F0MjRRNlh6dVlCZkNjSnYvcmhqK01wOXFocEFsRWp5bE1FYWJBRW16eng0cmV1VC9qc2hDa1hFTVhLK3podzJkQzlnTnVjalQrWkZCbFF0S0NwcWNyTjk4M1hodW5CU3hrYnhoMWhZbVRCbFNaaElSYUxtbzVENEZHSTh6YW9Ndm5VY0l4QUFMeDI0M3ZUZ1E4S09kUjBlbUJVRVpiTmNSYng2QUY5OXFBYjNLUkNTbkcxQTdmajRLOGE1S211Sit3UHlNODc3dlJ3WlljK0E0WT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 631781
content-length: 0
expires: 0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ Frame DC34 403 KB
136 KB 83ms
82ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f40de0990c25794ad751f4fabbf7f8a25e7fd5917109939fa869e980ec115fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139400
x-xss-protection: 0
server: cafe
etag: 589317852943942582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame ABB7 24 KB
6 KB 35ms
34ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 05 Jan 2025 00:00:35 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame ABB7 25 KB
10 KB 65ms
64ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c61b7444206c338d52c7d7078347e86b5c3a047c01614ffcf57567d725fc125e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10275
x-xss-protection: 0
server: cafe
etag: 18357249344766068248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ABB7 194 KB
61 KB 72ms
71ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ Frame 9EF4 403 KB
136 KB 110ms
110ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e7f53a792fa09dfed69adb26cacc0212f170dc6b4d68d1a1e78823fd6983f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139393
x-xss-protection: 0
server: cafe
etag: 11166588892685728902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame AAD4 7 B
788 B 183ms
32ms XHR
application/json 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 636a4452fa95aad32992c06634d4089f
Expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D11E 0
10 B 33ms
32ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?F77Ldg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ABB7 0
0 57ms
53ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUQb6iTBIDMDV5r_nPM0EvGoS3ipFMsC4anmDdRm8OH2VK5QklUwXcNLi_LJnbLK7L6qCQOzmgxpeN0HTi7UrVpPjLw7zwVw_p83gHLoBUbhY-bvtJ0YiZxMmX349FyOIvVRNJuiCU1Aw_pFY-JVuAJLgSW-bXx2puFb3rLREf7mm9etWTuo8aGQP7Lhvbu2HMGBbqL92J1QS3phznz63W2unkwjg_4A3Iyqr7u28LodVny_p1e4uy3D5BWp-PMKU463y3Nk1iQMGeUb2PYZYC5rTDyndiylTC-fLdkVgo6L3lCEe9bgcwHjghMpEUyPwnXkfUHBJ7s5q5uZDeM3lawnK9yYtgPQwuMTdvQwrwEq_aE7BQwW5y9LpCZ3aoABoXxcNALathy_lGC_D22hM&sai=AMfl-YQ38b8Tq17YDh6kb32GrQVN6iJCUh74FZ-t_gJwNV9840KAW4U1vPt9sotO9olg3CpkaJEcaXMWS21ULnWk8Gtm-akXvUBEXu3l6UDcUvA60oYTusx4hppZ-jyWtA&sig=Cg0ArKJSzACKONqMXc5sEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
URL: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame ABB7 146 KB
50 KB 86ms
82ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c79e5adedef11f785063e8d0b0d576844d244d60114762fea05cbbaf3b92510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51187
x-xss-protection: 0
server: cafe
etag: 837920633571831919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
DATA 200
OK truncated
/ Frame ABB7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed9a6c39eedc0b41bc419b69a718dedafb21c4a3746eae76056c8822035dc0bd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D11 0
0 54ms
53ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvH16zKfkcNqEvYaVi9QskCF5twfIVuQ250DG6NV7N0AyS9OPuwfkGjUCRx5Xs_zJ1t7cC5u_D4oyEieSJDG3IgrFdZhlhbDm4zFvf7Q6wFUf1MyZseDdTEdGKX0d7rjTzDBqBONqq1nGs7WZgJiViy_Reja5OT8QsUAWVs4olARZlgNHZjhjYH8U2fZ_pED0yASjO0PLE08G8-nreJArZ9eTNUO0FOfcbfEFkgBwOEero3blXHK96-TRltgykjMiAEfxjShp9joAEfJNBjhaO3J5C6E-ihhOfqqqz5rVMZ70p6HZkvbl11QUAp5eA7mNRhUuSCs6gmjBRhLfclrK3FkBw4nLakOHw1Uwo3Olqpg9Tq936DgXjmVJbC0AmbIgw6Xp7TbY7s3lCB&sai=AMfl-YRAHtDsl5QUsVsoiedLahetR9168859YrXv_v5ybCfdq4ePgHP_MXxg2IRmeU-N3F7eBxLxHQsFgeXrb3Psa58kEM05pjBnvCc2DC8wsdohmZ8xMg4sL-RaHV5Xog&sig=Cg0ArKJSzK8IYxlq8XAjEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC34 0
0 73ms
72ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoJQvBNEnDbUOkqMog4e95FAhFC8M3gf7dfrik8fKYHYJrf2JFfKve4byPmFkcY8-eo_ltofttzSvtSaUE-gj3iasdb0MFLeIXriM6fzxu9rIyf2QfxzaHgwqf7_siOslJ81THTDM4fEx0kivPydIZaRQkClLuOoXxxp64mIGApZYrpqdKwAVqg01idKuFMxhfq6Y7AmLOq2JcOWGT28kfJSjVNyXN6EnOPAxlKGHdb0WXf-oBG2Io-rVImmjUA2Lp3_IKEMfk8myakjr24wU8JKk8YgxmoJwhDc6whLefCkJlfKEvdz0hP2idTUalIfDdBpkAtKmj69OIZEgBzyl40-QfGq9K_nBdwGVLCmvzV-_B6rk-YOLrqsDHz2tcCupcNRSd8fEtLvEz&sai=AMfl-YSJxx4huQIJQ_3KuCh9nydM8FBWW-ffHRcro0aHrTsbJR06ATnZxNvJEu1U7ZSSL2wgIfYK28ZmGa3huUCGSQ0E93_cODsLjbyiQL3eP8hw5ZSRSF_jKg1oXd8z7A&sig=Cg0ArKJSzObElZaXju0REAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9EF4 0
0 70ms
69ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuU-UTIB-M1sjWn5Y0dm29FLFo4GKRMvCYGYcPwH4guaq90RRkVFRkKzMAAgruK6wA9KibTXw51ezSNrdHAJywNNjYJW5LSuPhygHk6SdpMmNeFe1p6JzcocBcRn21TxsnKqO87VmhKOG4SjzkJfomZIJd3EZJDQLvWCcGxDRTuabqgZzNg7faKnbEfhnccaH1z4OXJYAlELLZCx7duPk6ELeEmL-GdMre6aFqZL3RM8-atp-4uJHC-abDrcfFsT-r03_QoUgHq6dpY2AusLQElquHq0LWxYUnyPWGZOCklMjWE0Nz39xIFfF79VUey7qDDAzd6t1uuUj5RIYr0fq_cX0U5Me1sLKgixmBxDMiqZ-GsuyHuMqRaJQA3yAQhBfr17B-bwtRBAbg0&sai=AMfl-YSwLCmUOuYtciwMtjV8WbOh1BmWFReKaAeLHz7KgoLF1x1zA46JJOQUa-d6u9BoUPzarVtqbV9aT-LVwfQsP_CoogA0H6pkiRGu7EbjKpOC_n7DXmt2tz3G8wMH5w&sig=Cg0ArKJSzIvsStZLKkFOEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6670
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=D5920B0AA1DC4E4DB0795CE26E3D278C
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=65885d64ec&gdpr=0&gdpr_consent=

43 B
855 B

41ms
41ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=65885d64ec&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Jan 2024 22:41:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PJ27BRA0838Y5XEF5XW7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
via: 1.1 bc9d715161855640c4738aa7390d934e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YTO50-P2
x-cache: Miss from cloudfront
location: https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=65885d64ec&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: Zz9YHknnxcVecM8akn8iae9GXdkFuNIVEpEEUlGqOIicBYfQ2HIjgQ==

GET
H2

200

RX-cdabbcd1-61a6-4be4-b44d-39788d05dd2c-005
sync.targeting.unrulymedia.com/csync/ Frame 6670
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/D5920B0AA1DC4E4DB0795CE26E3D278C
https://sync.1rx.io/usersync/simplifi/D5920B0AA1DC4E4DB0795CE26E3D278C?zcc=1&cb=1704667282237
https://sync.targeting.unrulymedia.com/csync/RX-cdabbcd1-61a6-4be4-b44d-39788d05dd2c-005

43 B
378 B

114ms
32ms

Image
image/gif

69.194.240.13
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-cdabbcd1-61a6-4be4-b44d-39788d05dd2c-005
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Server: 69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:22 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-cdabbcd1-61a6-4be4-b44d-39788d05dd2c-005
pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/ Frame 6670
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=D5920B0AA1DC4E4DB0795CE26E3D278C&dongle=yf3

37 B
355 B

209ms
33ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=D5920B0AA1DC4E4DB0795CE26E3D278C&dongle=yf3
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 07 Jan 2024 22:41:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=D5920B0AA1DC4E4DB0795CE26E3D278C&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 06 Jan 2024 22:41:22 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/ Frame 6670
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=D5920B0AA1DC4E4DB0795CE26E3D278C

43 B
175 B

205ms
29ms

Image
image/gif

2600:1f18:612b:4216:2994:5ad:21a7:a60b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=D5920B0AA1DC4E4DB0795CE26E3D278C
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Server: 2600:1f18:612b:4216:2994:5ad:21a7:a60b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 07 Jan 2024 22:41:22 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=D5920B0AA1DC4E4DB0795CE26E3D278C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 06 Jan 2024 22:41:22 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 6670
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=D5920B0AA1DC4E4DB0795CE26E3D278C
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D5920B0AA1DC4E4DB0795CE26E3D278C

95 B
427 B

61ms
53ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D5920B0AA1DC4E4DB0795CE26E3D278C

Requested by

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=D5920B0AA1DC4E4DB0795CE26E3D278C
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/ Frame 6670
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=D5920B0AA1DC4E4DB0795CE26E3D278C
https://d.agkn.com/pixel/10751/?che=1704667282254&ip=96.9.249.42&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213980604754008401179
https://um.simpli.fi/aa_px?sk=213980604754008401179
https://um.simpli.fi/empty.gif

43 B
361 B

29ms
28ms

Image
image/gif

35.236.220.17
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Requested by

Protocol

Server

35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

17.220.236.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 6670
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D5920B0AA1DC4E4DB0795CE26E3D278C
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D5920B0AA1DC4E4DB0795CE26E3D278C&ckls=true&ci=40cg7LDUkE&nc=false&trid=1768835908

43 B
1 KB

220ms
63ms

Image
image/gif

13.33.165.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D5920B0AA1DC4E4DB0795CE26E3D278C&ckls=true&ci=40cg7LDUkE&nc=false&trid=1768835908
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Server: 13.33.165.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-165-100.yto50.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
via: 1.1 039b6acf310ef8fb314d9bef263bf88a.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-C3
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: 0wU1zc3Bkc4DO5e5_SIyfzudELr5ItvQO86E2N4uFF3ONpQ6nTUGlw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
via: 1.1 44dc635ab5d687a3f3ece286c845d75a.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=D5920B0AA1DC4E4DB0795CE26E3D278C&ckls=true&ci=40cg7LDUkE&nc=false&trid=1768835908
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: zkisv7OskAkuYryEgEJRgtPIpWCw2QNf45hfzVECP_kDH6vbQX0Png==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6670
Redirect Chain

https://um.simpli.fi/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D5920B0AA1DC4E4DB0795CE26E3D278C

42 B
552 B

135ms
31ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D5920B0AA1DC4E4DB0795CE26E3D278C
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 07 Jan 2024 22:41:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:D5920B0AA1DC4E4DB0795CE26E3D278C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 06 Jan 2024 22:41:22 GMT

GET
H/1.1

200

user-registering
ads.stickyadstv.com/ Frame 6670
Redirect Chain

https://um.simpli.fi/freewheel
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=D5920B0AA1DC4E4DB0795CE26E3D278C

43 B
655 B

447ms
33ms

Image
image/gif

63.251.28.133
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=D5920B0AA1DC4E4DB0795CE26E3D278C
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: HTTP/1.1
Server: 63.251.28.133 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Jan 2024 22:41:22 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1704667282659020-1178

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=D5920B0AA1DC4E4DB0795CE26E3D278C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 06 Jan 2024 22:41:22 GMT

GET
H2

200

400646.gif
idsync.rlcdn.com/ Frame 6670
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=D5920B0AA1DC4E4DB0795CE26E3D278C;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=D5920B0AA1DC4E4DB0795CE26E3D278C;mimetype=img;sr
https://idsync.rlcdn.com/400646.gif?partner_uid=3160041537646186172

42 B
288 B

54ms
53ms

Image
image/gif

35.244.154.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400646.gif?partner_uid=3160041537646186172
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Server: 35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:22 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp9.us1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://idsync.rlcdn.com/400646.gif?partner_uid=3160041537646186172
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame 6670
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=D5920B0AA1DC4E4DB0795CE26E3D278C&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=D5920B0AA1DC4E4DB0795CE26E3D278C&j=0&xl8blockcheck=1

0
742 B

41ms
40ms

Image
text/plain

50.16.197.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=D5920B0AA1DC4E4DB0795CE26E3D278C&j=0&xl8blockcheck=1
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=D5920B0AA1DC4E4DB0795CE26E3D278C&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55964/ Frame 6670
Redirect Chain

https://um.simpli.fi/yahoo
https://ups.analytics.yahoo.com/ups/55964/sync?uid=D5920B0AA1DC4E4DB0795CE26E3D278C
https://ups.analytics.yahoo.com/ups/55964/sync?uid=D5920B0AA1DC4E4DB0795CE26E3D278C&verify=true

0
132 B

40ms
39ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55964/sync?uid=D5920B0AA1DC4E4DB0795CE26E3D278C&verify=true

Requested by

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55964/sync?uid=D5920B0AA1DC4E4DB0795CE26E3D278C&verify=true
date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 6670
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=D5920B0AA1DC4E4DB0795CE26E3D278C

0
421 B

166ms
42ms

Image
text/plain

52.45.141.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=D5920B0AA1DC4E4DB0795CE26E3D278C
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: HTTP/1.1
Server: 52.45.141.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-141-6.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 07 Jan 2024 22:41:21 GMT

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=D5920B0AA1DC4E4DB0795CE26E3D278C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 06 Jan 2024 22:41:22 GMT

GET
H2

200

29931
stags.bluekai.com/site/ Frame 6670
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=D5920B0AA1DC4E4DB0795CE26E3D278C

62 B
444 B

231ms
149ms

Image
image/gif

23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=D5920B0AA1DC4E4DB0795CE26E3D278C
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 07 Jan 2024 22:41:22 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=D5920B0AA1DC4E4DB0795CE26E3D278C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 06 Jan 2024 22:41:22 GMT

GET
H2

200

tpid=D5920B0AA1DC4E4DB0795CE26E3D278C
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame 6670
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D5920B0AA1DC4E4DB0795CE26E3D278C

49 B
264 B

44ms
43ms

Image
image/gif

3.215.169.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D5920B0AA1DC4E4DB0795CE26E3D278C
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Server: 3.215.169.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-169-119.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.3.118
content-length: 49
expires: 0

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=D5920B0AA1DC4E4DB0795CE26E3D278C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 06 Jan 2024 22:41:22 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 6670
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=D5920B0AA1DC4E4DB0795CE26E3D278C
https://ce.lijit.com/merge?pid=2&3pid=D5920B0AA1DC4E4DB0795CE26E3D278C&dnr=1

43 B
679 B

34ms
34ms

Image
image/gif

63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=D5920B0AA1DC4E4DB0795CE26E3D278C&dnr=1
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Jan 2024 22:41:22 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 07 Jan 2024 22:41:22 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=D5920B0AA1DC4E4DB0795CE26E3D278C&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 6670
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=D5920B0AA1DC4E4DB0795CE26E3D278C
https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogRDU5MjBCMEFBMURDNEU0REIwNzk1Q0UyNkUzRDI3OEMQABoNCJLR7KwGEgUI6AcQAEIASgA
https://pippio.com/api/sync?pid=5324&it=1&iv=3b96179f54e094e3cf007483fd6ff6ee4a80932ab0c0af4b2a6a29f174ca5e1b791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3b96179f54e094e3cf007483fd6ff6ee4a80932ab0c0af4b2a6a29f174ca5e1b791426b5417dce21&rand=05742638
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3b96179f54e094e3cf007483fd6ff6ee4a80932ab0c0af4b2a6a29f174ca5e1b791426b5417dce21&rand=05742638&expected_cookie=4e82a99b-f796-42f4-a68a-be3009c506b1

0
144 B

53ms
52ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3b96179f54e094e3cf007483fd6ff6ee4a80932ab0c0af4b2a6a29f174ca5e1b791426b5417dce21&rand=05742638&expected_cookie=4e82a99b-f796-42f4-a68a-be3009c506b1
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A17C1DB1394441B0B1FDEAB0FDBB2BC0 Ref B: EWR311000102031 Ref C: 2024-01-07T22:41:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOYsfWw3mANjU8NKjroA==

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: AA4D1419DA1C4F2A9C74C54188199FA1 Ref B: EWR311000102031 Ref C: 2024-01-07T22:41:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: /db_sync?pid=10339&puuid=3b96179f54e094e3cf007483fd6ff6ee4a80932ab0c0af4b2a6a29f174ca5e1b791426b5417dce21&rand=05742638&expected_cookie=4e82a99b-f796-42f4-a68a-be3009c506b1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOYsfV+J7edH7SaQX50w==

GET
H3

200

/
www.google.com/pagead/1p-conversion/1026675585/ Frame 6670
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1704667281821&cv=7&fst=1704667281821&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=2138490007&cv=7&fst=1704667281821&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=...
https://www.google.com/pagead/1p-conversion/1026675585/?random=2138490007&cv=7&fst=1704667281821&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI4d65v...

42 B
64 B

63ms
62ms

Image
image/gif

2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1026675585/?random=2138490007&cv=7&fst=1704667281821&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI4d65vqzMgwMVmQ1oCB1Cig_q&is_vtc=1&ocp_id=kiibZeHNApmboPMPwpS-0A4&cid=CAQSKQAvHhf_y64hXjvlzgKfRYk97cIrBXceE5110fbnVTvT7FrmggQnoRDI&random=3179958243

Requested by

Protocol

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/1026675585/?random=2138490007&cv=7&fst=1704667281821&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI4d65vqzMgwMVmQ1oCB1Cig_q&is_vtc=1&ocp_id=kiibZeHNApmboPMPwpS-0A4&cid=CAQSKQAvHhf_y64hXjvlzgKfRYk97cIrBXceE5110fbnVTvT7FrmggQnoRDI&random=3179958243
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ Frame 6670 0
272 B 31ms
29ms Image
text/plain 35.236.220.17
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

17.220.236.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

setuid
ib.adnxs.com/ Frame 6670
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=D5920B0AA1DC4E4DB0795CE26E3D278C

43 B
1004 B

51ms
51ms

Image
image/gif

68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=D5920B0AA1DC4E4DB0795CE26E3D278C

Requested by

Protocol

Server

68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
an-x-request-uuid: e3af2c43-366b-44a7-9f48-8e451e59cc81
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.42; 96.9.249.42; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ib.adnxs.com/setuid?entity=66&code=D5920B0AA1DC4E4DB0795CE26E3D278C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 06 Jan 2024 22:41:22 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 6670
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D5920B0AA1DC4E4DB0795CE26E3D278C&expires=365

42 B
853 B

35ms
28ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D5920B0AA1DC4E4DB0795CE26E3D278C&expires=365
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f1d2dfe1ca3ed0321925c13f4507bd26
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=D5920B0AA1DC4E4DB0795CE26E3D278C&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 06 Jan 2024 22:41:22 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6670
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=D5920B0AA1DC4E4DB0795CE26E3D278C
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=D5920B0AA1DC4E4DB0795CE26E3D278C

43 B
171 B

45ms
45ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=D5920B0AA1DC4E4DB0795CE26E3D278C
Requested by: Host: eastads.simpli.fi
URL: https://eastads.simpli.fi/ads/3121785/27916290/_p.html?sifi=8772,3121785,27916290,120603581445040,2,0,0,0,0,,6,v,27.33120,4483920FE74A8609,0,0,1,16,BDFB3C6BB9E547839935BCA6F64AF937,0,0,0,1270,400,1,0,0,604,0,701,bidder-base-prd-us-east4-a-22290c0b:9035-1704667280141-1470815263,1,0,395291,2,0,27,12,14202,0,0.70,0,0,1611266346,0,0,0,1,-5,0,97,MGNI-AP-6897,0,390015,0,0,3,-1,21642,32,150,5110629&sifi_exchange_uid=15db1da0627b1a84681a832fcc9fc8109c2e1b04&request_id=7a317f8690b43c5ff838588e3f1f4d868123be81
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=D5920B0AA1DC4E4DB0795CE26E3D278C
date: Sun, 07 Jan 2024 22:41:22 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/ Frame 6670
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEIVjTURO2hxwCCqMPVi9dUc&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D5920B0AA1DC4E4DB0795CE26E3D278C
https://um.simpli.fi/g_match?id=

0
320 B

29ms
28ms

Image
text/plain

35.236.220.17
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Protocol

Server

35.236.220.17 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

17.220.236.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 06 Jan 2024 22:41:22 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ Frame ABB7 403 KB
136 KB 93ms
91ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e7f53a792fa09dfed69adb26cacc0212f170dc6b4d68d1a1e78823fd6983f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139393
x-xss-protection: 0
server: cafe
etag: 11166588892685728902
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 22:41:21 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AAD4
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=nbW3w3WqRD6xR5-d8pCutA&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nbW3w3WqRD6xR5-d8pCutA&gdpr=0

43 B
479 B

34ms
34ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nbW3w3WqRD6xR5-d8pCutA&gdpr=0

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Jan 2024 22:41:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TVMFQTPZW2F227CYA75D
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=nbW3w3WqRD6xR5-d8pCutA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 207bf73b93f199ba0825203b77fa46ae
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame AAD4
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=b2jgcF7KT6O6R5KHLvhQOw&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=b2jgcF7KT6O6R5KHLvhQOw&gdpr=0

43 B
479 B

111ms
110ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=b2jgcF7KT6O6R5KHLvhQOw&gdpr=0

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Jan 2024 22:41:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B7EY37970FD4STGRHSRD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=b2jgcF7KT6O6R5KHLvhQOw&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 207bf73b93f199ba0825203b77fa46ae
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AAD4
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTYzZTAwNDcxNzVlMDU3NDYzN2E1OTg4N2EwZWI4NGFkYTE5NDZjNg&gdpr=0

170 B
243 B

63ms
58ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTYzZTAwNDcxNzVlMDU3NDYzN2E1OTg4N2EwZWI4NGFkYTE5NDZjNg&gdpr=0

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTYzZTAwNDcxNzVlMDU3NDYzN2E1OTg4N2EwZWI4NGFkYTE5NDZjNg&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 636a4452fa95aad32992c06634d4089f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame AAD4
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/QPXcYcOX2Z_ICfQEc25Ln8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-S_6xHaVE2oJIzggzLJtYq.QdfVi.MgBb0bb0gg--~A

42 B
853 B

31ms
31ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-S_6xHaVE2oJIzggzLJtYq.QdfVi.MgBb0bb0gg--~A
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 207bf73b93f199ba0825203b77fa46ae
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-S_6xHaVE2oJIzggzLJtYq.QdfVi.MgBb0bb0gg--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame AAD4
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://match.adsrvr.org/track/cmb/rubicon?gdpr=0
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=547c0e4f-2603-40a0-9242-77bc857620dc&gdpr=0&gdpr_consent=&expires=30

42 B
853 B

30ms
29ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=547c0e4f-2603-40a0-9242-77bc857620dc&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f1d2dfe1ca3ed0321925c13f4507bd26
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=547c0e4f-2603-40a0-9242-77bc857620dc&gdpr=0&gdpr_consent=&expires=30
date: Sun, 07 Jan 2024 22:41:22 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AAD4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
https://s.amazon-adsystem.com/ecm3?id=LR42VVHI-1P-4FWE&ex=d-rubiconproject.com&status=ok&gdpr=0

43 B
479 B

43ms
35ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LR42VVHI-1P-4FWE&ex=d-rubiconproject.com&status=ok&gdpr=0

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Jan 2024 22:41:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EEDGPQDEPMDXKZKD940J
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LR42VVHI-1P-4FWE&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 207bf73b93f199ba0825203b77fa46ae
Expires: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame AAD4
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR42VVHI-1P-4FWE&gdpr=0

0
515 B

229ms
57ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR42VVHI-1P-4FWE&gdpr=0
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1DAE570DA8CD4C78900D795B8CB5C903 Ref B: EWR311000102031 Ref C: 2024-01-07T22:41:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOYsfRa8qpQUScyCdCdA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR42VVHI-1P-4FWE&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame AAD4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGVc8LLV5juIAM0XZkMWcSs&google_cver=1

42 B
853 B

167ms
31ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGVc8LLV5juIAM0XZkMWcSs&google_cver=1
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 207bf73b93f199ba0825203b77fa46ae
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEGVc8LLV5juIAM0XZkMWcSs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAD4
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI0MlZWSEktMVAtNEZXRQ==&gdpr=0
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEGiDdSKYSOFfUu8-DlT1lGQ&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI0MlZWSEktMVAtNEZXRQ==&google_push=&gdpr=0

170 B
188 B

58ms
58ms

Image
image/png

172.217.13.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI0MlZWSEktMVAtNEZXRQ==&google_push=&gdpr=0

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Server

172.217.13.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI0MlZWSEktMVAtNEZXRQ==&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f1d2dfe1ca3ed0321925c13f4507bd26
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame AAD4
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAR39U7LNlEAABbCXYW4zg&expires=30&gdpr=0

42 B
853 B

31ms
31ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAR39U7LNlEAABbCXYW4zg&expires=30&gdpr=0
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 207bf73b93f199ba0825203b77fa46ae
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAR39U7LNlEAABbCXYW4zg&expires=30&gdpr=0
Date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame AAD4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
https://ce.lijit.com/merge?pid=80&3pid=LR42VVHI-1P-4FWE&gdpr=0
https://ce.lijit.com/merge?pid=80&3pid=LR42VVHI-1P-4FWE&gdpr=0&dnr=1

43 B
664 B

38ms
37ms

Image
image/gif

63.251.86.50
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LR42VVHI-1P-4FWE&gdpr=0&dnr=1
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Jan 2024 22:41:22 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 07 Jan 2024 22:41:22 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=80&3pid=LR42VVHI-1P-4FWE&gdpr=0&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame AAD4
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR42VVHI-1P-4FWE&gdpr=0

95 B
416 B

52ms
52ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR42VVHI-1P-4FWE&gdpr=0

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR42VVHI-1P-4FWE&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f31d5fb12ac7ec11f837ad8263e0f6c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

cksync
hb.yahoo.net/ Frame AAD4
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=0
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR42VVHI-1P-4FWE&redir=true&gdpr=0
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR42VVHI-1P-4FWE&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1KaDJoRzBORTJ1SEplQlBoNXdrTEhsVnlhZGlCaWg2dn5B&gdpr=0&ovsid=LR42VVHI-1P-4FWE&dpid=58160

57 B
650 B

256ms
48ms

Image
image/gif

104.117.182.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1KaDJoRzBORTJ1SEplQlBoNXdrTEhsVnlhZGlCaWg2dn5B&gdpr=0&ovsid=LR42VVHI-1P-4FWE&dpid=58160

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Server

104.117.182.211 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-117-182-211.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sun, 07 Jan 2024 22:41:22 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Sun, 07 Jan 2024 22:41:22 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1KaDJoRzBORTJ1SEplQlBoNXdrTEhsVnlhZGlCaWg2dn5B&gdpr=0&ovsid=LR42VVHI-1P-4FWE&dpid=58160
date: Sun, 07 Jan 2024 22:41:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

pixel
capi.connatix.com/us/ Frame AAD4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0
https://capi.connatix.com/us/pixel?puid=LR42VVHI-1P-4FWE&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0
https://capi.connatix.com/us/pixel?puid=LR42VVHI-1P-4FWE&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true

82 B
82 B

55ms
54ms

Image
image/gif

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LR42VVHI-1P-4FWE&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 841fb5336d0936b4-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 07 Jan 2024 22:41:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LR42VVHI-1P-4FWE&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 841fb532fc5536b4-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame AAD4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
https://prebid.a-mo.net/setuid/magnite?uid=LR42VVHI-1P-4FWE&gdpr=0

0
393 B

46ms
33ms

Image
text/plain

147.28.129.37
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LR42VVHI-1P-4FWE&gdpr=0
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:21 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LR42VVHI-1P-4FWE&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f1d2dfe1ca3ed0321925c13f4507bd26
Expires: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame AAD4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR42VVHI-1P-4FWE&gdpr=0

68 B
280 B

152ms
40ms

Image
image/png

3.216.74.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR42VVHI-1P-4FWE&gdpr=0
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 3.216.74.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-74-116.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:22 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR42VVHI-1P-4FWE&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 207bf73b93f199ba0825203b77fa46ae
Expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ABB7 0
0 54ms
54ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3YZTX8visyq3vBN5lZXx-ll4ZtWtp86eS9AMz0ERqWLClY95xrk4HE33ZvNi6T4472Ci9tRmYDmZWnWdY0jMfieWNPy0CqL410sg6PgHHCHrOhxw4Q_OlkeeyBGBCyOZFYawuJnxpXGy_7iH8GvsHZr6JL7UMsyCv_vS4UB7DtezitzGxZsB9LBWK3W79H3ARwTOZpOjtXDcTF3hXtKndJq5uUpgwB-BjpdSUSszLam_V7ZHx1ROYY0q6HHQEmvUv3i7XEy2tAWtpkaVWS0Xe4clASrBsqmxiFBygVnX9tIoENMH6I-toay01pphQBbntH_FD5Z5G00oGtGxJXjJx-mDmtbF22zsH5qnrJO-oIhFO3VbZzS6EcOwMspLF5ytgCDNnIyZNW0vdQMuQfGziog&sai=AMfl-YTUBDOK2yFxhdiN5P2dLuzwDBmIA9O-074fqpOVLurQG5ZJ7kCHKVp5ptQ5uof_t6n6asX0wM75p-dNOdhXC_KB3Jz0CGbhXWPMKMkqdr7ofhpcourJ19XQ32mlBg&sig=Cg0ArKJSzKmH90wn_NqsEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 22:41:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Jan 2024 22:41:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 98ms
97ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=808048392386057&bg=!srGlsf7NAAaumcC-jpk7ADQBe5WfOIYH2HKlzQDOcN8CufsOU5eM6aCR6J3CUql7WMNMnMoJ5QfP5X3NqVpPnurAEqN1AgAAAPdSAAAACmgBB5kCsmqKmZVMaIsDK5SdY-Q8tulJcKj0MpWXtgmnAaPlwcygvnor7P7TSrotzcVeMVWu34O_Zyqbg2-88vCFc1fSi0H1IyjZzlZxgfn8yTIeg0zAqovTiI6whE6LksPq6T593gkxicWOCd0y0D7aR9cDqkGIL_ZDGHD6kgpaRRbW6Rb5GmbgPry0AvBk0A3-loPvY25M9XfUPFLnW-E-Df7bO4Vgw8HGp5xkyrII6Yqjx037Cv-gObc_WC74QVIckDkg72VkKn1YGOAcsR-ojn-TlIKDxm5MLGwX5jb712jfqMRSy0uhJh3VxJdBYQpuDTu2aSUMRateTQpM7eZI78RO45H04He4GGBgSgYMrkrBpcG1FvqJGrZB_3v6ofc-3TM6x8tZzwbrVrAr8vRBWDd5o5y2jGUqGO-spouIRb3CJeIkPRUBaDeItziqtRM0LbO6IDX4iWoJ-KYgTPfw05Rt_6ujgxsoZ2NxNBxw_lURC2-2kYu2yQ_3mnXkwxCJAIz9rPnD_FVh-_XrP3jv4gZi3RNvdUTl-emN6i2fl4qDGRkayqzlwRw3-zPjODZS1DNU3bhZC6KXMd_LFm9oMXPRNUlo7li8nCCTyQtSbQ2kb_LRnKdGr1rZLjZqmxkVqdhEFvWuO1yfv6vnFkjeIu6mHi6bLS9JOWVWYmUOWVmxuY8AoURX_MOKQFHEMpfayPa5KPFtrbnc6cNGoFwRpHdfILmQInOEbD9Z2azwuboxQiBZnLYCA0YC8-Gel7Md_VlpGC288rEPc2yQY9u8fT1Iu7F0c3jvo_-ZsEXpS1hs3EkXQy-18BEajox6qmEsdcEyHbYe2DHXu_pAY9aEdLdRKWYTBVI1HmWrCRddU-ZYLiNtKT-G0VOrxZ-KnkdKyr1TAvPFEiXpZHysyDMtU085f5TFzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C267 42 B
64 B 103ms
102ms Image
image/gif 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUErdlt11ZbNA3Xok4GUPDQasPzZp5wNqRTeIXYD0HI4k1mI5_wIpmAU6BWPAY-VER_PxVAvEQoVSNDaNr7goTM0Z4CFKvWF6fukPAKK7ZIaS7laKRyhZxIhWZSSmUOv-TN9atVl32E2wVX9Ev8hgHQLot&sai=AMfl-YRNgq36r2f1qTfBYI8raxHOkQXES6OMplYhgKCjDPRWsq5hO9MM5dh0Ek_m21z2f9lZrVHfM9tyv0LgPTc8m7pJYkI96TC0iYVe5cW0fBJ2i8KSqBVpNXaFYp0&sig=Cg0ArKJSzCa4XECMOH_bEAE&cid=CAQSOwAvHhf_n-l6wnhJxwhqQWpElwQkrfZbyfVHiU4ldhzrUq24w4ZBsDGT9TONyLSIZZjjj72xAVUO4rYmGAE&id=ampim&o=315,140&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=618&tls=1618&g=100&h=100&tt=1618&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ABB7 42 B
64 B 97ms
96ms Fetch
image/gif 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuccqZQdAg9tHWVwe8X1gwbIccI35yXBak0FB6yk0FXRgHNAtmrBsWrDHcH2wHRD0_i_vLhFyZ6d2Q0Zp1XDV2Qe0Gfn8-Gc98aegEVgD8ZMu8_EtC04Nk62aXlDtcHXkMgqlZDSAN2rIttgnK7sKit5c64&sig=Cg0ArKJSzKxRp-s4bZjNEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3743414737&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704667281453&rpt=657&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
choices.trustarc.com/ Frame 6670 19 KB
6 KB 151ms
50ms Script
text/javascript 13.33.165.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/get?name=pmw2.js
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=simplifi01&aid=simplifi01&cid=0611sf728x90&c=cont1&w=728&h=90&js=pmw0&plc=tr&sid=7BFq-tseoZb_N8y1CeH8CJ6lD4BRzEOb5nYWHrpoKi0ghJk1yGLRXc7uF8yXWhKlTRDGcc91jjI6qvety3_iBU14X7yL7xFv69pXBwg6-ngbvklHCWp8Rr9SAqQDol77hf1YP4AD6GTywE11hpISy7gjfRaurtjrMhdi_sjcowo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.165.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-165-58.yto50.r.cloudfront.net
Software: nginx /
Resource Hash: 2e7b45ace7324f4eaf0c5e859c3ebbe3ac7fb2a8c2f922fee1e1f4096d5d0a12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 17:36:49 GMT
content-encoding: gzip
via: 1.1 5a1807a94b5298089c25d4896aabae66.cloudfront.net (CloudFront)
x-amz-cf-pop: YTO50-C3
age: 709474
x-cache: Hit from cloudfront
pragma: public
last-modified: Tue, 21 Nov 2023 07:44:27 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: F-a6_i9XLDF47xrweLmNbGQsBhsHu_oxijMbG4DXR4Qvl3U6WBs3zQ==
expires: Mon, 29 Jan 2024 17:36:49 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 6670 43 B
433 B 180ms
79ms Image
image/gif 13.33.165.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=simplifi01&pid=simplifi01&cid=0611sf728x90&w=728&h=90&c=8cd8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.165.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-165-58.yto50.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eastads.simpli.fi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 22:41:23 GMT
via: 1.1 5a1807a94b5298089c25d4896aabae66.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: YTO50-C3
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: 99RO3U_YoEl-D9UGdKJ9h0QqUbv_1E_otQtDQmLxjP0fwfoUQfKYPw==
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 07 Jan 2024 22:41:22 GMT

GET
H2 200 get
choices.trustarc.com/ Frame BF52 457 B
834 B 36ms
36ms Image
image/png 13.33.165.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarkermobile-icon-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.165.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-165-58.yto50.r.cloudfront.net
Software: nginx /
Resource Hash: 896761f91fce50ed2987f615631341a0ddeddf1354292e7cb8b3649f428bc12c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Tue, 26 Dec 2023 19:54:59 GMT
via: 1.1 5a1807a94b5298089c25d4896aabae66.cloudfront.net (CloudFront)
last-modified: Thu, 26 Oct 2023 03:20:37 GMT
server: nginx
x-amz-cf-pop: YTO50-C3
age: 1046784
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 457
x-amz-cf-id: h6QsOcKxPc-KyvbjWNGbSEqYtuxv7EQwLVRgEHwqZ0Nr2gOnopTyHQ==
expires: Thu, 25 Jan 2024 19:54:59 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYlT-263EQ-Vk5pkczJzO7s_LCIekazkRmMAABXB6Qlq0CNgPwdf48BDleyxyTBMz6J1wwfDkikEar8M2zTO7PDeapqvoKuRIpqFoy8AZ-2NHhL0Tpn4V_oDWwfrndvTlwFy6Y288ZFIHFOie0jQVj9aWH&sig=Cg0ArKJSzI7PMtZpjTdKEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240103&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3743414737&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704667280888&rpt=234&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

89 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cdn.fuseplatform.net/	1970-01-20 18:14:19	Name: akacd_captchabot Value: 1707259279~rv=87~id=25533d06d3a0c467bfa616bba026b02d
.captcha.bot/	1970-01-21 03:07:07	Name: _ga_VT1JT14S09 Value: GS1.1.1704667279.1.0.1704667279.60.0.0
.captcha.bot/	1970-01-21 03:07:07	Name: _ga Value: GA1.1.964147890.1704667279
.captcha.bot/	1970-01-21 02:16:43	Name: cf_clearance Value: bRhafZdcanqMoVqlUDFmrxNq8nlJ6vXOIBTPSsUPYto-1704667279-0-2-bd7e2088.f8d0ba39.d9e7b333-0.2.1704667279
.3lift.com/	1970-01-20 19:40:43	Name: tluid Value: 2597558301989633778033
.crwdcntrl.net/	1970-01-20 23:59:53	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 23:59:53	Name: _cc_id Value: 9454e2ac1e55ce5e466252ff5217bdba
.adnxs.com/	1970-01-20 19:40:43	Name: icu Value: ChkInNGFARAKGAEgASgBMJDR7KwGOAFAAUgBEJDR7KwGGAA.
.adnxs.com/	1970-01-20 19:40:43	Name: uuid2 Value: 8416416155076572440
.captcha.bot/	1970-01-20 23:59:55	Name: _cc_id Value: 9454e2ac1e55ce5e466252ff5217bdba
.captcha.bot/	1970-01-20 17:32:33	Name: panoramaId_expiry Value: 1704753680173
.smartadserver.com/	1970-01-21 02:18:09	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 536838=5794481
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-21 02:18:09	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 17:32:33	Name: sasd Value: %24qc%3D1312541377%3B%24ql%3DHigh%3B%24qpc%3D14202%3B%24qt%3D152_1829_10507t%3B%24dma%3D514
.smartadserver.com/	1970-01-21 02:18:09	Name: pid Value: 1014990430028247486
.smartadserver.com/	1970-01-20 17:32:33	Name: sasd2 Value: q=%24qc%3D1312541377%3B%24ql%3DHigh%3B%24qpc%3D14202%3B%24qt%3D152_1829_10507t%3B%24dma%3D514&c=1&l=-1956067260&lo=-1654000506&lt=638402640801373432&o=1
.rubiconproject.com/	1970-01-21 02:16:43	Name: khaos Value: LR42VVHI-1P-4FWE
.doubleclick.net/	1970-01-21 03:07:07	Name: IDE Value: AHWqTUmXa1thnugm2mvcPkSnJy0DQihzLFddRlovARj7zIIRZROgu9bwUvPJ6SbcjzQ
.captcha.bot/	1970-01-21 02:52:43	Name: __gads Value: ID=5c9eeefa22fbb5ff:T=1704667280:RT=1704667280:S=ALNI_MZTgHECW8ktVdtkKEfpwLFGeN-yog
.captcha.bot/	1970-01-21 02:52:43	Name: __gpi Value: UID=00000a06bafb1781:T=1704667280:RT=1704667280:S=ALNI_MaFDWVa5CdpQb8KexOqtRwFGEvouw
.simpli.fi/	1970-01-21 02:18:09	Name: suid Value: D5920B0AA1DC4E4DB0795CE26E3D278C
.doubleclick.net/	1970-01-20 17:31:10	Name: DSID Value: NO_DATA
.criteo.com/	1970-01-21 02:52:43	Name: uid Value: 3a7ebc2a-c820-4178-8599-3e326cd5c900
.criteo.com/	1970-01-21 02:52:43	Name: receive-cookie-deprecation Value: 1
.simpli.fi/	1970-01-20 17:41:12	Name: uid_syncd_secure Value: true
.criteo.com/	1970-01-21 02:52:43	Name: partitioned_bundle Value: h3kZw19hcDk5Q0t6NGEyZWEzcVpHSG9NQ3g2amlMWjlwTGZYZG1IRWlKRnE4aVMlMkZjTm83MFY0eE5sRzVHaWRPODh6clZmWTcwdDVqRVhta2NSWnJBWnExeTh2RkdzZVRyeiUyRjNjYXFDY1lzdUZtNmRHN2E1Tjh6WnNmcEk3a2MlMkJSUkFobSUyRkNWc2N5VlR1NyUyRjBlWE01RXdCMWhZc1VyV3d6SUFkRSUyQmNYNURGWGwwUXI4QmM1OCUyQklkMENNeElYaVlSQk93Wg
.captcha.bot/	1970-01-21 02:52:43	Name: cto_bundle Value: ysQEo19hcDk5Q0t6NGEyZWEzcVpHSG9NQ3g2amlMWjlwTGZYZG1IRWlKRnE4aVMlMkZjTm83MFY0eE5sRzVHaWRPODh6clZmWTcwdDVqRVhta2NSWnJBWnExeTh2RkdzZVRyeiUyRjNjYXFDY1lzdUZtNmRHN2E1Tjh6WnNmcEk3a2MlMkJSUkFobTNrVTBDY2hZOGNBMWZjcjJ0SktvY1ElM0QlM0Q
pixel.rubiconproject.com/	1970-01-20 19:40:43	Name: receive-cookie-deprecation Value: 1
.1rx.io/	1970-01-21 02:16:43	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-cdabbcd1-61a6-4be4-b44d-39788d05dd2c-005%22%7D
.adsrvr.org/	1970-01-21 02:18:09	Name: TDID Value: 547c0e4f-2603-40a0-9242-77bc857620dc
.tapad.com/	1970-01-20 18:57:31	Name: TapAd_TS Value: 1704667282248
.tapad.com/	1970-01-20 18:57:31	Name: TapAd_DID Value: 1dabd208-f423-45f4-8d30-ff1438c7514b
.linkedin.com/	1970-01-21 02:16:43	Name: bcookie Value: "v=2&ac8c41b7-e133-400a-8fa9-3e8d0f3f69d8"
.linkedin.com/	1970-01-20 17:32:33	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3091:u=1:x=1:i=1704667282:t=1704753682:v=2:sig=AQHbH8hXmYLMpVJRYOT2PNRMxNS7sXKl"
.agkn.com/	1970-01-21 02:16:43	Name: ab Value: 0001%3AbcCVyYvYK8kwtaO3zHyT0mpi5VF54vFO
.adnxs.com/	1970-01-21 03:07:07	Name: XANDR_PANID Value: SXoWKnAf29GAhaG5kLNPdbexzoHGN48OsN9z_muvAzce2yY3Uf6lNJ-1_KZrYqlQSBc6Ubc9gsOlrl40n1Kmq_PswZv_ZVwpR2i9fIxYPuc.
.adnxs.com/	1970-01-20 19:40:43	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2GTviIW1G!]tbPl1N!7On*M$=BWXxieF8KcxYUZeW(5`e8Xo9lx]c-jbBygk^yvjdLG=ueEdWg/X%W#.wL4W1Qw1c_7yVf
.smaato.net/	1970-01-20 18:01:21	Name: SCM Value: 65885d64ec
.smaato.net/	1970-01-20 18:01:21	Name: SCMaps Value: 65885d64ec
.smaato.net/	1970-01-20 18:01:21	Name: SCM1001136 Value: 65885d64ec
.tapad.com/	1970-01-20 18:57:31	Name: TapAd_3WAY_SYNCS Value:
.adsrvr.org/	1970-01-21 02:18:09	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCK6PwOP59sc8EAUYBSABKAIyCwiajf2PkPfHPBAFOAE.
.bidr.io/	1970-01-21 02:59:37	Name: bito Value: AAR39U7LNlEAABbCXYW4zg
.bidr.io/	1970-01-21 02:59:37	Name: bitoIsSecure Value: ok
.openx.net/	1970-01-21 02:16:43	Name: i Value: 0d19d5e1-8779-4ae8-a90d-9727cec46d29\|1704667282
.amazon-adsystem.com/	1970-01-21 03:07:07	Name: ad-privacy Value: 0
.rlcdn.com/	1970-01-21 02:16:43	Name: rlas3 Value: EcpsRshDOk14P6Gi299fj10f5EFFJP+YhHuBiOD6egs=
.pubmatic.com/	1970-01-20 18:14:19	Name: KRTBCOOKIE_148 Value: 19421-uid:D5920B0AA1DC4E4DB0795CE26E3D278C&KRTB&23486-uid:D5920B0AA1DC4E4DB0795CE26E3D278C&KRTB&23489-uid:D5920B0AA1DC4E4DB0795CE26E3D278C&KRTB&23539-uid:D5920B0AA1DC4E4DB0795CE26E3D278C
.pubmatic.com/	1970-01-20 18:14:19	Name: PugT Value: 1704667282
.prebid.a-mo.net/	1970-01-20 17:32:33	Name: _sv3_7 Value: 1
.a-mo.net/	1970-01-21 02:16:43	Name: amuid2 Value: 96f5461a-7325-4924-925b-c00b0175adae
.prebid.a-mo.net/	1970-01-21 02:16:43	Name: sd_amuid2 Value: 96f5461a-7325-4924-925b-c00b0175adae
.lijit.com/	1970-01-21 02:16:43	Name: _ljtrtb_80 Value: LR42VVHI-1P-4FWE
.yahoo.com/	1970-01-21 02:17:04	Name: A3 Value: d=AQABBJIom2UCEHnUXIkZopnfDFuIMX5lxwkFEgEBAQF6nGWlZQAAAAAA_eMAAA&S=AQAAAgoZUmgSWEiwjQPLh8ajGKA
.lijit.com/	1970-01-21 02:16:43	Name: _ljtrtb_2 Value: D5920B0AA1DC4E4DB0795CE26E3D278C
.lijit.com/	1970-01-21 02:16:43	Name: ljt_reader Value: H9CxiQZHH9SvWrQ4Qc2P7RED
.bfmio.com/	1970-01-21 02:16:43	Name: __141_cid Value: D5920B0AA1DC4E4DB0795CE26E3D278C
.bfmio.com/	1970-01-21 02:16:43	Name: __io_cid Value: b0f8419f7b8f49f367f80dda90a9d535fa9a0d86
.pro-market.net/	1970-01-20 21:50:19	Name: anProfile Value: "o0b18hejvd18+1+1f=1+1g=1+1j=57:1+rs=s+rt=2602FFC8000201040000000000000017+s2=(s6wxoy)+vm=24-D5920B0AA1DC4E4DB0795CE26E3D278C"
.pro-market.net/	1970-01-20 18:14:19	Name: anHistory Value: "o0b18hejvd18+2+!#7%/!)##L7"
.exelator.com/	1970-01-20 20:23:55	Name: EE Value: "548c3fd7d23da5449be56225e28f341d"
.targeting.unrulymedia.com/	1970-01-21 02:16:43	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-cdabbcd1-61a6-4be4-b44d-39788d05dd2c-005%22%7D
.analytics.yahoo.com/	1970-01-21 02:16:43	Name: IDSYNC Value: "18vk~2g1y:19e0~2g1y"
.exelator.com/	1970-01-20 20:23:55	Name: ud Value: "eJxrXxzq6XKLQcHUxCLZOC3FPMXIOCXR1MTEMinV1MzIyDTVyCLN2MQwZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR8r5gYAluApyw%253D%253D"
.connatix.com/	1970-01-20 18:14:19	Name: cnx_userId Value: ea7cde27cd634fb3a6caff28b30fd6bd
.rlcdn.com/	1970-01-20 18:57:31	Name: pxrc Value: CAA=
.bluekai.com/	1970-01-20 21:53:12	Name: bku Value: blx99J/GZtPfv/Qg
.bluekai.com/	1970-01-20 21:53:12	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDxNmE/yxMOOxEaWxpHaBWHY1ez8BDBa1Mja16x0BpCe9y9oIyr2
.agkn.com/	1970-01-21 02:16:43	Name: u Value: C\|0AAAAAAAALS3lEgAAAAAA
.intentiq.com/	1970-01-21 03:07:07	Name: intentIQ Value: 40cg7LDUkE
.intentiq.com/	1970-01-21 03:07:07	Name: IQver Value: 1.9
.sharethrough.com/	1970-01-20 18:14:19	Name: stx_user_id Value: fd918ffc-e1fd-472c-b391-1be45109cc69
.pippio.com/	1970-01-21 02:16:43	Name: did Value: S64gEg-hQeF1x5YW
.pippio.com/	1970-01-21 02:16:43	Name: didts Value: 1704667282
.pippio.com/	1970-01-20 18:57:31	Name: nnls Value:
.pippio.com/	1970-01-20 18:57:31	Name: pxrc Value: CJLR7KwGEgYIgr0rEAA=
.linkedin.com/	1970-01-20 19:40:43	Name: li_sugr Value: 4e82a99b-f796-42f4-a68a-be3009c506b1
.amazon-adsystem.com/	1970-01-20 23:57:02	Name: ad-id Value: AydZnt2h2E2dumgqc3C_fmU
.rubiconproject.com/	1970-01-21 02:16:43	Name: audit Value: 1\|mFVHqHkj5bFukDhFcr4ICFYvo2XO8wv+z0QnGM0pmGQ/ybvdeqGent/EMyrJSTQpGoppw8J0UWflrv5VkzQulZzU4JWreVW/X/BqjHngba2ma+WVcS1g3g==
.ads.stickyadstv.com/	1970-01-20 18:14:19	Name: UID Value: 67bc404eeb1dafa799d51f314724393
.ads.stickyadstv.com/	1970-01-20 17:32:33	Name: uid-bp-26865 Value: D5920B0AA1DC4E4DB0795CE26E3D278C
.hb.yahoo.net/	1970-01-20 21:50:19	Name: visitor-id Value: 3476688826634614000V10
.hb.yahoo.net/	1970-01-21 02:16:43	Name: data-mag Value: LR42VVHI-1P-4FWE~~63
.intentiq.com/	1970-01-21 03:07:07	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 03:07:07	Name: intentIQCDate Value: 1704667282667
.intentiq.com/	1970-01-21 03:07:07	Name: CSDT Value: UEQ6MTAwNDNfMCZVMGlnQzdR
.intentiq.com/	1970-01-21 03:07:07	Name: IQPData Value: 1611266346#1704667282664#0#1704667282664

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.stickyadstv.com
analytics.google.com
api.btloader.com
api.hcaptcha.com
auth1.captchabot-verify.site
bcp.crwdcntrl.net
beacon-iad2.rubiconproject.com
bidder.criteo.com
btloader.com
capi.connatix.com
captcha.bot
cd2b99d33e59c309b7d4351d17a9ac7b.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.fuseplatform.net
cdn.jsdelivr.net
cdn.simpli.fi
ce.lijit.com
challenges.cloudflare.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
cmp.inmobi.com
cmp.quantcast.com
d.agkn.com
eastads.simpli.fi
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js.chargebee.com
js.hcaptcha.com
lbs-event.gcp.lineate-33x.net
loadm.exelator.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
media.simpli.fi
mug.criteo.com
newassets.hcaptcha.com
pagead2.googlesyndication.com
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg8.smartadserver.com
privygg.chargebeestaticv2.com
px.ads.linkedin.com
s.ad.smaato.net
s.amazon-adsystem.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
ssc.33across.com
stags.bluekai.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
pagead2.googlesyndication.com
104.117.182.211
104.18.41.104
104.19.218.90
104.19.219.90
104.36.115.111
107.178.254.65
13.33.165.100
13.33.165.113
13.33.165.14
13.33.165.26
13.33.165.58
130.211.23.194
147.135.119.115
147.28.129.37
172.217.13.102
172.217.13.194
172.217.13.98
18.160.46.100
18.245.96.60
18.67.17.70
2001:4860:4802:38::181
23.47.170.102
23.47.69.85
2600:141b:1c00:31::1739:5a4b
2600:1901:0:8eee::
2600:1f18:4e9:5a05:6096:7d74:cf85:e5f3
2600:1f18:612b:4216:2994:5ad:21a7:a60b
2600:9000:2000:e800:1b:6b7d:2300:93a1
2600:9000:2000:f400:19:fc2c:a140:93a1
2600:9000:2209:7800:9:46dc:4700:93a1
2600:9000:2348:3800:1b:5138:8a40:93a1
2600:9000:26c2:c400:1b:cadc:ef40:93a1
2602:803:c002:200::24
2602:803:c002:200::41
2606:4700:10::ac43:293c
2606:4700:20::681a:76e
2606:4700:20::ac43:4513
2606:4700:3036::ac43:9b82
2606:4700::6810:3965
2606:4700::6811:2b8
2607:f8b0:4004:c08::9c
2607:f8b0:4006:822::2002
2607:f8b0:4020:804::2002
2607:f8b0:4020:805::200a
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2003
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2004
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:1ec:21::14
2a04:4e42:600::485
3.215.169.119
3.216.74.116
34.111.113.62
34.117.239.71
34.149.20.76
34.160.5.2
34.200.65.202
34.86.110.8
35.221.21.110
35.236.220.17
35.244.154.8
35.244.159.8
35.71.131.137
44.217.55.203
50.16.197.56
52.223.22.214
52.45.141.6
52.46.151.131
52.73.63.104
63.251.28.133
63.251.86.50
67.220.226.233
68.67.160.114
69.194.240.13
74.119.119.139
8.28.7.83
8.43.72.97
8.43.72.98
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08a184bb8e17a3028350b402628040f572e5e6b2a57a5959c5acd78bfb1f5f9a
0add4dade7d5e777165a41f32e0525229914f6dee4cea8dd2f653a489d023092
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b1e4f41bda1a51d2e71a2b97fc8623c735efdd637858ff32d8f670f5fb0b73f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eeec02621746a6c02314ba43ffda910f70b0e42d63080f3244abb955cadc84e
0f40de0990c25794ad751f4fabbf7f8a25e7fd5917109939fa869e980ec115fa
13637ae1792aab0dde8095319fd2812b2c74134f9ed599c5c11e1c0ea132ce7d
15281a2bcc261d624ce4ac83854be4f5bfec40bc5658a53391607ac311064678
165d82fad4d52f2f2d48bbcad0bb294e7fc90843d42002db7d8900d0d4b101fc
1692f4634c23d4d41974ab39bd43bc902f263606f1ddf8ac8411e22c32d3739c
1811af5511272be0b81e4d1fcd0f18dc5500ca06c906b537decb965ec2338f27
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
19c8c9917111a8e094cc0fd6ebda0a65dc5bb182e15e132f43472bb665bd2d53
1a87310dacb8e83018f2cbb037552a79868dafb9214613d442581b3f3eeea914
1ef1fb1258c5ef1d73e6a4325fa9cb17deffb721770edc8c01cc045e3041c5a6
218052ea0be6497e20e8afff0a51c92a5adf92bd5ce8f0c0ebd1cd89d4135218
253b40f53a656bb4b28be55bc50179a97e792514fef999972c2aba55f1b21367
25c3d7fae11d7835fa3b221535ec4dc2900fd0dff2d5bb1cdf9ed35144fb2301
2a4831292fc6acc780aa084f28713be6f2aa6cd14bc3c1f446b776f893efcfd1
2a9421e36647973f38d80cd149c3d4b30211aba44dbb1c28d82927be59e9a224
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c67404c1eab4fd9ccbfff1e25eb2c676fbda189004a54ff050f51326080ecaf
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881
2e7b45ace7324f4eaf0c5e859c3ebbe3ac7fb2a8c2f922fee1e1f4096d5d0a12
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
32718449268b8cdb0b7251eac8dd860219484a1b8704e5026e6a1701c9ae969d
32b756bfa32d3c2a0a584ebaa8d5050f9db464fe5a7c7ca25bd54ebfea5b15fd
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
378925d48df49d8c97fbf2fffda4f96f998039b65d61371a6537750b928dc0ab
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546
3dd6334bbbdabc6a816851f5c2c4a71193190a0569359d4f8834e45b57e10dfb
3e427937af925b490a48f30d84fcc0d1783d0831fbfed41dbb4e0ad5fe356ef2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405229106aa2607376300a629c2ac8036c4d8f0d866d4fdc9d07a5106ddcac7f
4383437e4c7973582c6fa37a8693ce3d30e4026a462995671533ef885b0a130a
45081b381b2448cac81c3cc81ed427d216719a54890a2242e691ab7608a0ada8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4932f16c155e6a25dc48dc75c17e539a92ceec76687e6f2c4a61c3007ce5a274
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba97474283c18a94f9703af1c6e1b7c89d114a98ee1cfdf878b4c4815543b76
4c2342148d00141b17c2ff05dbcc0bb07964eb2c8063c4d10710f9a17d6b4438
4c79e5adedef11f785063e8d0b0d576844d244d60114762fea05cbbaf3b92510
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52d7c4b044a6366d5e2b053fe66b3c6d4c02dd9b16b3674774c2fa22cfddcb96
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565ac5bf510d8ed8e345bec4c1cbd7f2f1fcf047af3575ad0bc72e3899c457df
57a773d00479eef1617c44b99aa990c889efa4e28bfa4142bba7f825f201b7b0
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
590074e57dcf2082af21edd1a809b03a61fa933a74edf528037b397e0ea744f2
5cda84f5afb1e0ca7ee7df0ee8b4a6af95b9e50009acddfa82967b78f3998cd8
5f7b7682f77a3b058e7c8b7d88984dfe31a16dc29cf49abbba5fcdc5b7b2cf3f
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e69f1c3711825b5166ddcbd07539e556ce7068917ad7701a5af5b4814f33
62d056f363b8b39fd0f85690a31012fcb6f1f0cef642bb247fc8ae627e33ac6d
654868240578042fc11fe64f450abaae910983b5f57b3f9b2e885885394b64e7
6587745a1d407781feeca44e95a7238ec468bff35a7e4cdeec7cbce5a0b9fea7
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
676041459462ccdec93b528297a0e88930e6e29b5e5948c740ceabdae3bb1ac1
6800d363cb5a534231c868a110cc4762d636d4df062c41a407c1c091e959e96f
69b3046c4091ee871639fd5d428f7ca1285539307d96d33399cbfeb57e053470
6c37dd45167098f01b5aa23ce5c21898424c7347c05d34444ca013af9d85c57f
6e7f53a792fa09dfed69adb26cacc0212f170dc6b4d68d1a1e78823fd6983f1f
754068f50cc4804a6bc339ed5eb7dac404c6450e482031438e8db549ccec4250
76488018db965015e6d5c626ecd802a153092f46fb97dbf9b0f08646afb4c85a
775da9505d2a043fb346ceef16ff318676e5861f855c5f85731336b94b41ae09
78bed889aff57d6a6623a23597fbe8029ed1c41bf12b644553016604130b3da4
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7a929bcd8cce2585ea3be49e84b6735c35debe93e48f62f5dd7e4fc4b33825e5
7eb443cadccea9522070bca2334ee371462ea22354031035ec4326203361a326
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80c39b44efb71ea8c3946f35a4d2c2d6eb75ac7d69ed5a127f41862017868db6
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
867b9f60b731c454a0e51b38656d162a32b81966673e223bfaafa7984f596d51
896761f91fce50ed2987f615631341a0ddeddf1354292e7cb8b3649f428bc12c
9119ed6db66d16cb1bb6a9c4ddcdb29a217e431a9d4505ee6bb0dbe5d1526b17
93dc5afee0d7c64a418ee3804bb76f9855e7ff5a501a26ed29cd544f066bb6d3
950487041eb8b857d86436c10b487f194b9b97a4205366978d9b945de8164ccb
9850834b2efcb9d344963e45b78a0483e6a6cedb0c1c36fc224abd7d5cebe2c6
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9dc63939eeea8f32f81d91f0db4a34a2b28c03449c4465d7bde2a0ef19f42d34
9e424ab30e57e903c77ed203fd48b8e240c9333d18eada751c7a5744ad5ac5f7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a19da46a5e6e7e2263c3a46722e4a09d90fa27bbd26a52a72470f5ff1b9e6440
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a6ea6f25201f903ad4335b5b6ace1ee55ce290df4ff084e37b25b0f1bb0d1803
a71902890d932247a4c1a8f83c6f0b8dd7a6e7a12d64524559aa158c9a19f1db
a72d7b59d499f68ee9814cede398e42fbd87d5c579137f65032123c4f8dd6f47
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac029ed357e9abcb27b7afb2c5e3ffd7b0877924f8707c32c0a094e9a2027b2d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4068f6fbded1ffc3f0a7d2fec7d521f120e19cf5db4074d4cfc1a237d99b210
b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b621f105dc9c1c99d31af41bb5f137c49c3c58dbdbe12684a3b29d6bf39719dc
b74e3adee873afc726f9ef7f7ed90a500afcbd94eac43d3e8f20c9de4760c101
b8f30e4b4e6d6559fd4dfa7fd4818a3f0a294dddfd86ce8feab4075534cb37cd
b9eab613f27dc9efb747630f963208741cc088b586edfbfdaaebf7d733dc2d63
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba3a253608d50cff0174ea1102b3ff4e93993be25d07c0e0223f20f19c37382
bf690803e1fc3c3d03595643914712996adb559fb7846cf6c69b8f83275d47b6
c1325639362952a3cf15c3d08d15452c2cc1e471d94392d5853107dd117686df
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6026b5e35c99959ff49bb57e086263c3145cf10054c10448b944348d7a3d2ab
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c61b7444206c338d52c7d7078347e86b5c3a047c01614ffcf57567d725fc125e
c68602f6f115301be1b024ae68285801724c491b5d6890d4cca9093f71d564ce
c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd
c9607a3a65a3c63cf8919f208d764c36e0fbcc44f2a91b21a4180e0dbb94daaf
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce3dcd99ba309e4729d631b372e47bdd53ab88e3d9e856b2100bdf36f7fd394e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d11a1d469c8f8371322169f36f9b542cfa3a36d6643ed518ffba0c7377ff6211
d1fee0e275eff6d223e9845ca7aee343e0f4ea7b74b8e33b3b37088e559fce0b
d371b6d8f964696d251f18313431c37d1dbbe52f240e310d1a5db4578f6884c5
d51f2d72b6013f72276249300438bc9fd5a75c3091aebca2297f797095e774fc
d7ad4756d5887ddadc06f5dde5e3e7d570ff9890478bfa765369575f17ff6986
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e2a0ebb4c1e2bfeb215c6d41bb6c4fb0fac5a228fddf6a4bc77ef08e7f2e7477
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed9a6c39eedc0b41bc419b69a718dedafb21c4a3746eae76056c8822035dc0bd
ee7abb064897d2a7e43f72056b5410129694010448cec5f8c6f0f032645f4605
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f120d09386a5ba5021109ab1cffef7c2f65d2b0735ed1727efc59def9e9c9100
f3bc1ef86b4e5f5c383b397e2e1f86e7978d0ab7836dab27ae074b6f2760a9cb
f724df77a45fc4ee27dd13f78e8b4f5773ed893d1cf60229de06dd5e4c9e14f9
f8faecaadd48b12a02d72f7d84425f2c056186ed4485dfe3d95e119df4471be9
f92c637f152b65b35d830389af8a7fb40055d141364e403b8ffe0c5db494c409
fa8a82ba170196241bac6d8d4815cdd6907b807bc9f8a66fafa480a4c11c900a
fd9ac3177195b3d9537e0cf71222057ec70de67715715b570a80287ba78c8d3d

captcha.bot Open in urlscan Pro 2606:4700:20::681a:76e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

230 Requests

80 %HTTPS

40 %IPv6

60 Domains

87 Subdomains

72 IPs

4 Countries

3952 kBTransfer

10566 kBSize

89 Cookies

5 Outgoing links

Page URL History

Redirected requests

230 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

captcha.bot Open in urlscan Pro
2606:4700:20::681a:76e Public Scan

Screenshot
Live screenshot

Full Image

230
Requests

80 %
HTTPS

40 %
IPv6

60
Domains

87
Subdomains

72
IPs

4
Countries

3952 kB
Transfer

10566 kB
Size

89
Cookies

230 HTTP transactions
9 data transactions