controlc.com Open in urlscan Pro
2606:4700:3031::681c:a81 Public Scan

URL:
https://controlc.com/9e337e10
Submission: On March 24 via manual (March 24th 2020, 6:05:28 pm UTC) from GB

Summary HTTP 145 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 29 domains to perform 145 HTTP transactions. The main IP is 2606:4700:3031::681c:a81, located in United States and belongs to CLOUDFLARENET, US. The main domain is controlc.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 14th 2019. Valid for: a year.

This is the only time controlc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:303... 2606:4700:3031::681c:a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1	23.111.10.140 23.111.10.140	33438 (HIGHWINDS2) (HIGHWINDS2)
1	23.111.10.144 23.111.10.144	33438 (HIGHWINDS2) (HIGHWINDS2)
14	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
19	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
4	151.101.114.214 151.101.114.214	54113 (FASTLY) (FASTLY)
2	178.128.255.192 178.128.255.192	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
16	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
22	99.86.7.26 99.86.7.26	16509 (AMAZON-02) (AMAZON-02)
1	40.84.148.247 40.84.148.247	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.89.118 13.224.89.118	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1 2	216.58.207.38 216.58.207.38	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
4	54.236.169.205 54.236.169.205	14618 (AMAZON-AES) (AMAZON-AES)
2 3	185.33.223.216 185.33.223.216	29990 (ASN-APPNEX) (ASN-APPNEX)
1	206.189.254.17 206.189.254.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 4	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
1	213.19.147.210 213.19.147.210	26120 (RHYTHMONE) (RHYTHMONE)
2 2	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE)
1 1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	35.241.44.144 35.241.44.144	15169 (GOOGLE) (GOOGLE)
145	29

17 2606:4700:3031::681c:a81 (United States)

ASN13335 (CLOUDFLARENET, US)

controlc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.140 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.carbonads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.144 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.fancybar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.214 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

api.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.128.255.192 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-9.buysellads.com

srv.carbonads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 99.86.7.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-26.fra6.r.cloudfront.net

yadloop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.84.148.247 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ads3.mthsense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-118.zrh50.r.cloudfront.net

d2tbmvllb55wxq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.38 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.236.169.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-169-205.compute-1.amazonaws.com

exchange.bidphysics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.216 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.189.254.17 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.120.147 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

os4m-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.66 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.44.144 (Ascension Island) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 144.44.241.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	49 KB
25	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	414 KB
22	yadloop.com yadloop.com	34 KB
17	controlc.com controlc.com	206 KB
10	googletagservices.com www.googletagservices.com	209 KB
8	ampproject.org cdn.ampproject.org	173 KB
7	google.com 2 redirects adservice.google.com www.google.com	918 B
6	openx.net 4 redirects os4m-d.openx.net eu-u.openx.net us-u.openx.net rtb.openx.net	2 KB
4	bidphysics.com exchange.bidphysics.com	3 KB
4	twitch.tv api.twitch.tv	1 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	google.de adservice.google.de www.google.de	451 B
2	gstatic.com fonts.gstatic.com	22 KB
2	google.co.uk adservice.google.co.uk	1010 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	carbonads.net srv.carbonads.net	1 KB
2	cloudflare.com ajax.cloudflare.com	8 KB
1	sonobi.com 1 redirects sync.go.sonobi.com	744 B
1	1rx.io tag.1rx.io	267 B
1	serverbid.com e.serverbid.com	166 B
1	googleapis.com fonts.googleapis.com	776 B
1	cloudfront.net d2tbmvllb55wxq.cloudfront.net	224 KB
1	mthsense.com ads3.mthsense.com	3 KB
1	fancybar.net cdn.fancybar.net	8 KB
1	carbonads.com cdn.carbonads.com	9 KB
0	lijit.com Failed ap.lijit.com Failed
0	33across.com Failed ssc.33across.com Failed
0	casalemedia.com Failed as-sec.casalemedia.com Failed
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
145	29

	Domain	Requested by
22	yadloop.com	controlc.com yadloop.com
19	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net controlc.com yadloop.com
17	controlc.com	controlc.com ajax.cloudflare.com
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com controlc.com
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net controlc.com
10	www.googletagservices.com	ajax.cloudflare.com securepubads.g.doubleclick.net controlc.com
8	cdn.ampproject.org	securepubads.g.doubleclick.net
4	exchange.bidphysics.com	d2tbmvllb55wxq.cloudfront.net
4	api.twitch.tv	controlc.com
4	adservice.google.com	www.googletagservices.com securepubads.g.doubleclick.net
3	ib.adnxs.com	2 redirects d2tbmvllb55wxq.cloudfront.net
3	www.google.com	2 redirects controlc.com
2	rtb.openx.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	eu-u.openx.net	2 redirects
2	fonts.gstatic.com	controlc.com
2	ad.doubleclick.net	1 redirects controlc.com
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	www.google-analytics.com	1 redirects controlc.com
2	srv.carbonads.net	cdn.carbonads.com
2	adservice.google.de	www.googletagservices.com
2	ajax.cloudflare.com	controlc.com
1	sync.go.sonobi.com	1 redirects
1	us-u.openx.net
1	tag.1rx.io	d2tbmvllb55wxq.cloudfront.net
1	os4m-d.openx.net	d2tbmvllb55wxq.cloudfront.net
1	e.serverbid.com	d2tbmvllb55wxq.cloudfront.net
1	googleads.g.doubleclick.net	controlc.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	d2tbmvllb55wxq.cloudfront.net	ads3.mthsense.com
1	ads3.mthsense.com	securepubads.g.doubleclick.net
1	www.google.de
1	stats.g.doubleclick.net	1 redirects
1	cdn.fancybar.net	ajax.cloudflare.com
1	cdn.carbonads.com	ajax.cloudflare.com
0	ap.lijit.com Failed	d2tbmvllb55wxq.cloudfront.net
0	ssc.33across.com Failed	d2tbmvllb55wxq.cloudfront.net
0	as-sec.casalemedia.com Failed	d2tbmvllb55wxq.cloudfront.net
0	fastlane.rubiconproject.com Failed	d2tbmvllb55wxq.cloudfront.net
145	39

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-14` - `2020-09-13`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.carbonads.com COMODO RSA Domain Validation Secure Server CA	`2018-03-12` - `2020-04-08`	2 years	crt.sh
*.fancybar.net COMODO RSA Domain Validation Secure Server CA	`2018-09-10` - `2020-09-09`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
api.twitch.tv DigiCert SHA2 Secure Server CA	`2020-03-13` - `2022-03-18`	2 years	crt.sh
*.carbonads.net Sectigo RSA Domain Validation Secure Server CA	`2019-09-19` - `2021-10-12`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
yadloop.com Amazon	`2019-10-22` - `2020-11-22`	a year	crt.sh
ads3.mthsense.com Go Daddy Secure Certificate Authority - G2	`2019-09-03` - `2020-11-01`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.bidphysics.com Amazon	`2020-03-05` - `2021-04-05`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
e.serverbid.com Let's Encrypt Authority X3	`2020-03-24` - `2020-06-22`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh

This page contains 32 frames:

Primary Page: https://controlc.com/9e337e10
Frame ID: 6A70B41866B7DCC5DE0755D3E20D80E9
Requests: 38 HTTP requests in this frame

Frame: https://controlc.com/9e337e10/fullscreen.php?hash=ad7bd3f433e51f53c45166da4ca7b44c&linenum=false
Frame ID: 2232A6529D8F013DFB42B92810D3635F
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9bSX7_heXHVR3KU7VeqcBuvL9LoLqEaf1RpqWPg0SCP0PgmSbn0A3R5bPZEwyGPUktDuIFiWfEY6lvzJ-ZEh6pgaeF84YcgCWRVhG8_KJmS1veyltnUhs0cM7V11Aell2mgn0WVIJUPVgVnwUfo4gRfhctO8m3TnGa6oeVPpjrCG0tsdebfXvdu-SqYX9zK8p7J7hCNQfXzdYzWfUvb29dy_p0jnBrwTYZXM4uI8xYwvJM7Ed9It9tKrwinZUheh46FjoxeFWDYSDpQ7hUVq8O1olpPMu6Q&sai=AMfl-YQqgfwXNlJWuhVfYelDmx4kxN9qGOERbT59-m24NxIP1AWGoBPVp5LU11ZJZzMDWh3G1iVOKPNgUxCuNWrHqAY46hNzHFS2BEWuoR0q_w&sig=Cg0ArKJSzO2UIYOrypuyEAE&urlfix=1&adurl=
Frame ID: 5B9F2632184270C636FB29960FC998C4
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssj9htzipsxDG7yN3gqfCxkgTYDpRPczWe6JqVEyifWWe_7yp1gtuMGTF0zymDoCQvdO-YSR-jbXXTFJce_v-b9picjNLRDfjkcd3hZTxqcQ1XE13IB9Mb5GnMAFgN2mWM4XNrV5ygHnRWbH2fbOtRcD6KCEtGCe9WL8ZPsmiMPIwako_quqxAZZZBrNv0pedvgD98WvLhgl2L-cJRqXlS419kzYMPhOf1dYOUNFtwBK_PEuaHF89PS4oXRs8jjPbh4suWBXr7Nibr85KRdq_cd5Tfqig&sai=AMfl-YR0Zc6SzgpgE8ne2AgPOpulDviPQMYyDDnmcb-wkOBSMZQZh0czDhizYubPEAygs7smlVKzG3jeiFYe9BCeB1zMXaWiEgG9mjZAqw1rmw&sig=Cg0ArKJSzBaik1djci1eEAE&urlfix=1&adurl=
Frame ID: 302A424BCEE7739DC2BD89C9379A98DF
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXoVn8H2wSVfe3jl2bvhw09LXenhcmyuFOtj-IWM40Yi3qxa1TnzlnTK1xd4ItmAuBZwuSY3zldQrFyYOpsIoqKGVArwDpOW-AQolgbSP8BJ6fnXB5BJbhlF8L4RSrcSbDWnXtxa_QoDCMgKv9H2R9KpEyH_jMoq6I7DlgDhtkHYEDF2V0DhARnWHHs9ZSvsAB7ZF6k3Vpw9QtSD3vgMap5-8kdW7cPOn7pQhyT9kHv3uvD_dN7owhuNRNzCPOeEuLvixjOWC2xNT5w4U&sai=AMfl-YSJla782g36WJCk2ySurq1qaFOeBqPEZgZP2XEhUjh-NrCcWXMPpYGRyJ0l_BcIitF92sHGLJT5dGmRVXZVP9ZD7ZMlhQKbdt_ZarN1Cw&sig=Cg0ArKJSzIM7XLFpPYRUEAE&urlfix=1&adurl=
Frame ID: 031CAC2A3B224F149F0B9FB82002822F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 0066D4118200341EF9226BA093CD4CE9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C355DF40016ACE905C7C50957338F225
Requests: 11 HTTP requests in this frame

Frame: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e701&cb=5021611585073110434
Frame ID: C3AFFA0441E5BBB272DC72B775175ED4
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b5&cb=8823461585073110435
Frame ID: E097BBAF73C0FBB805467780ED04FC32
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1757&cb=0803161585073110436
Frame ID: 47927DD1E2A6D8B09F9850A2CD6B54E3
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d87&cb=0924831585073110437
Frame ID: DD326C48AE542818AEAC32BB4CA3D1DC
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260883&cb=0500681585073110438
Frame ID: 7218439C4B9C5F30CD15AD71A1E68026
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a37&cb=2327841585073110439
Frame ID: FB46CC0212C93872139EF46E8F7C02E3
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e79&cb=9636401585073110440
Frame ID: E22235A46762109DB34FC7C3EE25FFF1
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d31&cb=9874081585073110440
Frame ID: AA399405A7CF5E2103C79581534A51D1
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc5&cb=5918261585073110441
Frame ID: 24E4FD480F23E15337D1ABF33F166D1F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D0506F5C243B1F923BD9E23AA6B45BA9
Requests: 11 HTTP requests in this frame

Frame: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f7&cb=1512851585073110451
Frame ID: 28E4268024E74DDA04A47A56DA21C25B
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475217&cb=6145411585073110456
Frame ID: DB232F65443B2ADE44D189492190D7A6
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb31&cb=4248981585073110457
Frame ID: 23440FA6A7B955BF9AFB196140CCA51A
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a97&cb=0183031585073110458
Frame ID: 6E954698588BB222B211B494B6AEB81D
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a9&cb=4565971585073110458
Frame ID: 67AA90FABEC0DE1F8E96A7C7D211FB0E
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab307&cb=7693161585073110459
Frame ID: 594B0083C4165E49E7E22283620E3C1B
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f3&cb=2475701585073110460
Frame ID: F2159B935CF7E9DB1D93A2363C5EDB98
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe481&cb=9866381585073110461
Frame ID: 84735EECC8F0F727C30EA197F463B27E
Requests: 1 HTTP requests in this frame

Frame: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba027&cb=8751821585073110461
Frame ID: F3D89E802FFC1BFC122637DAD04436F9
Requests: 1 HTTP requests in this frame

Frame: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Frame ID: 86EA5A210A98353AA53F51B6177F1370
Requests: 24 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js
Frame ID: F85326BC6A1AFDD45576CA1CAA348803
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: 507DE31BD2DB11181381E6813CEAF960
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: C2B8127536FE6A50B40B85877B086C00
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 2C77455264BB3EB18E1DE49694EF5F41
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 4F3FE4CD6A1541F6FEA27537D6F44513
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

145
Requests

97 %
HTTPS

47 %
IPv6

29
Domains

39
Subdomains

29
IPs

6
Countries

1386 kB
Transfer

3608 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=925172961&t=pageview&_s=1&dl=https%3A%2F%2Fcontrolc.com%2F9e337e10&ul=en-us&de=UTF-8&dt=BOBUSTA%20-%209e337e10&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=783478604&gjid=520237003&cid=931922687.1585073110&tid=UA-62963607-1&_gid=1510692674.1585073110&_r=1&z=1913838932 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62963607-1&cid=931922687.1585073110&jid=783478604&_gid=1510692674.1585073110&gjid=520237003&_v=j81&z=1913838932 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=931922687.1585073110&jid=783478604&_v=j81&z=1913838932 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=931922687.1585073110&jid=783478604&_v=j81&z=1913838932&slf_rd=1&random=664932095

Request Chain 106

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.255020799;dc_trk_aid=450807297;dc_trk_cid=121088478;ord=3610075644;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.255020799;dc_pre=COjqp77Zs-gCFaDluwgdp8MOFw;dc_trk_aid=450807297;dc_trk_cid=121088478;ord=3610075644;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 144

https://ib.adnxs.com/getuid?https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fexchange.bidphysics.com%252Fsetuid%253Fbidder%253Dappnexus%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://exchange.bidphysics.com/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=6871446738144590781

Request Chain 145

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHpFPJo9e1oq9yakUHgtJho&google_cver=1

Request Chain 146

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BUID%5D HTTP 302
https://exchange.bidphysics.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&uid=dbccc4a1-3f46-478f-9397-096720491c75

Request Chain 147

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://exchange.bidphysics.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=30d14805-e8fb-4973-9eee-bfa3c6f36aea

145 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 9e337e10 Show response
controlc.com/ 8 KB
3 KB 181ms
132ms Document
text/html 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 9d4c7e29b87c8f2f556b17136fb1595f4befce5192f75e2281fea853ae3358d4

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /9e337e10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Tue, 24 Mar 2020 18:05:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dd7cbaafc0f7857f5ed963cfaafaae4451585073109; expires=Thu, 23-Apr-20 18:05:09 GMT; path=/; domain=.controlc.com; HttpOnly; SameSite=Lax PHPSESSID=df72e7d9aaa8ffcb6f34a67bbbaaf135; path=/ tinychat_box=1585073109; expires=Wed, 25-Mar-2020 18:05:09 GMT; Max-Age=86400; path=/; domain=.tinypaste.com
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 579251950f022748-FRA
content-encoding: br

GET
H2 200 global.css
controlc.com/public/css/ 12 KB
3 KB 35ms
33ms Stylesheet
text/css 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 319
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-polished: origSize=15109
cf-ray: 57925195efbc2748-FRA
cf-bgj: minify

GET
H2 200 bootstrap.css
controlc.com/public/css/ 80 KB
13 KB 63ms
62ms Stylesheet
text/css 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap.css
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 2755
etag: W/"555139ee-182dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-polished: origSize=99036
cf-ray: 57925195efbd2748-FRA
cf-bgj: minify

GET
H2 200 bootstrap-responsive.css
controlc.com/public/css/ 10 KB
2 KB 34ms
32ms Stylesheet
text/css 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap-responsive.css
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 2755
etag: W/"555139ee-37e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-polished: origSize=14308
cf-ray: 57925195efbe2748-FRA
cf-bgj: minify

GET
H2 200 view.css
controlc.com/public/css/ 598 B
347 B 37ms
35ms Stylesheet
text/css 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/view.css
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 5606
etag: W/"555139ee-2f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-polished: origSize=752
cf-ray: 57925195efbf2748-FRA
cf-bgj: minify

GET
H2 200 getpaid.png
controlc.com/public/images/ 6 KB
6 KB 38ms
37ms Image
image/png 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/getpaid.png
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 3182
etag: "555139ee-196e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 57925195efc02748-FRA
content-length: 6510

GET
H2 200 logo.png
controlc.com/public/images/ 12 KB
12 KB 34ms
33ms Image
image/png 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/logo.png
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
cf-cache-status: HIT
last-modified: Thu, 19 Sep 2019 14:03:25 GMT
server: cloudflare
age: 2187
etag: "5d838aad-2f2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 57925195efc12748-FRA
content-length: 12078

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 11ms
9ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 17 Mar 2020 16:29:47 GMT
server: cloudflare
etag: W/"5e70fafb-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 57925195ec26d6e5-FRA
expires: Thu, 26 Mar 2020 18:05:09 GMT

GET
H2 200 fullscreen.php Show response
controlc.com/9e337e10/ Frame 2232 314 KB
88 KB 168ms
167ms Document
text/html 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/9e337e10/fullscreen.php?hash=ad7bd3f433e51f53c45166da4ca7b44c&linenum=false
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 5ebbb37c6498cc132b7f7d84b5757060c763fa670456b72cfd8d2eb721831958

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /9e337e10/fullscreen.php?hash=ad7bd3f433e51f53c45166da4ca7b44c&linenum=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dd7cbaafc0f7857f5ed963cfaafaae4451585073109; PHPSESSID=df72e7d9aaa8ffcb6f34a67bbbaaf135
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
date: Tue, 24 Mar 2020 18:05:09 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57925195efc22748-FRA
content-encoding: br

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dab1b4b8c847f3e82a6f6a9a276b1d7a4ffa5e1a735e0f3b433a77ce18cdd142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "465 / 713 of 1000 / last-modified: 1585062300"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14678
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:09 GMT

GET
H/1.1 200
OK carbon.js Show response
cdn.carbonads.com/ 22 KB
9 KB 76ms
21ms Script
application/javascript 23.111.10.140
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.carbonads.com/carbon.js?serve=CKYIKK7U&placement=pasteco
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.10.140 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: b6a57a4f1907adf3d6a1640c8b1302862cdb93def66215280b11e4ef2ed9059a

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 24 Mar 2020 18:05:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Mar 2020 14:44:38 GMT
Server: NetDNA-cache/2.2
ETag: W/"5715-5a14a53300486"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK fancybar.js Show response
cdn.fancybar.net/ac/ 21 KB
8 KB 103ms
24ms Script
application/javascript 23.111.10.144
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fancybar.net/ac/fancybar.js?zoneid=1502&serve=C6ADVKE&placement=tinypaste
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.10.144 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 24 Mar 2020 18:05:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 14:20:27 GMT
Server: NetDNA-cache/2.2
ETag: W/"5362-5900057953202"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 view.js Show response
controlc.com/public/js/ 2 KB
716 B 50ms
49ms Script
application/javascript 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/view.js?x=1585073109
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-7f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 57925195ffcd2748-FRA

GET
H2 200 jquery.js Show response
controlc.com/public/js/ 148 KB
30 KB 78ms
77ms Script
application/javascript 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 318
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-polished: origSize=153534
cf-ray: 57925195ffce2748-FRA
cf-bgj: minify

GET
H2 200 bg.png
controlc.com/public/images/ 987 B
1 KB 39ms
38ms Image
image/png 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/bg.png
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6

Request headers

Referer: https://controlc.com/public/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 2186
etag: "555139ee-3db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 57925196681a2748-FRA
content-length: 987

GET
H2 200 glyphicons-halflings.png
controlc.com/img/ 14 KB
14 KB 38ms
37ms Image
image/png 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/img/glyphicons-halflings.png
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced

Request headers

Referer: https://controlc.com/public/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 4607
etag: "555139ee-3602"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 57925196681c2748-FRA
content-length: 13826

GET
H2 200 global.css
controlc.com/public/css/ Frame 2232 12 KB
3 KB 16ms
15ms Stylesheet
text/css 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10/fullscreen.php?hash=ad7bd3f433e51f53c45166da4ca7b44c&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: https://controlc.com/9e337e10/fullscreen.php?hash=ad7bd3f433e51f53c45166da4ca7b44c&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 319
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-polished: origSize=15109
cf-ray: 57925196f87b2748-FRA
cf-bgj: minify

GET
H2 200 fullscreen.css
controlc.com/public/css/ Frame 2232 312 B
259 B 13ms
13ms Stylesheet
text/css 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/fullscreen.css
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10/fullscreen.php?hash=ad7bd3f433e51f53c45166da4ca7b44c&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b

Request headers

Referer: https://controlc.com/9e337e10/fullscreen.php?hash=ad7bd3f433e51f53c45166da4ca7b44c&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 2600
etag: W/"555139ee-1aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-polished: origSize=426
cf-ray: 57925196f87d2748-FRA
cf-bgj: minify

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ Frame 2232 12 KB
4 KB 9ms
9ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10/fullscreen.php?hash=ad7bd3f433e51f53c45166da4ca7b44c&linenum=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://controlc.com/9e337e10/fullscreen.php?hash=ad7bd3f433e51f53c45166da4ca7b44c&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 17 Mar 2020 16:29:47 GMT
server: cloudflare
etag: W/"5e70fafb-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 57925197faddd6e5-FRA
expires: Thu, 26 Mar 2020 18:05:09 GMT

GET
H2 200 tinypaste.js Show response
controlc.com/public/js/ Frame 2232 3 KB
1 KB 26ms
25ms Script
application/javascript 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/tinypaste.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9

Request headers

Referer: https://controlc.com/9e337e10/fullscreen.php?hash=ad7bd3f433e51f53c45166da4ca7b44c&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 6855
etag: W/"555139ee-d07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-polished: origSize=3335
cf-ray: 5792519849162748-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
controlc.com/public/js/ Frame 2232 148 KB
30 KB 22ms
22ms Script
application/javascript 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: https://controlc.com/9e337e10/fullscreen.php?hash=ad7bd3f433e51f53c45166da4ca7b44c&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 318
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-polished: origSize=153534
cf-ray: 5792519849172748-FRA
cf-bgj: minify

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controlc.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020032302.js Show response
securepubads.g.doubleclick.net/gpt/ 168 KB
62 KB 119ms
48ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

26fd020a6c1f169eab6b6232014e6e6d067788f63a8995b682ee77d6f41b56cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 17:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62957
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:09 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a4f0e8c39215f22253ccbba8d94aaf7d5cce967a7f746234af6750de3df5af3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "465 / 416 of 1000 / last-modified: 1585062257"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14409
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

OPTIONS
H2 200 streams Show response
api.twitch.tv/helix/ 0
549 B 265ms
180ms Fetch 151.101.114.214
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.twitch.tv/helix/streams?user_login=harkdan

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.214 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Access-Control-Request-Method: GET
Origin: https://controlc.com
Referer: https://controlc.com/9e337e10
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: client-id

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
vary: Accept-Encoding
x-cache: HIT, MISS
x-ctxlog-logid: 1-5e7a49e1-17053f0165fd9f39ff5a9e30
status: 200
strict-transport-security: max-age=300
content-length: 0
x-served-by: cache-sea4457-SEA, cache-hhn4047-HHN
pragma: no-cache
twitch-trace-id: f3c3a3105508b795d9085fc71d85abef
server: envoy
x-timer: S1585073110.143623,VS0,VS0,VE139
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: *
expires: 0
cache-control: no-cache, no-store, must-revalidate, private
timing-allow-origin: https://www.twitch.tv
access-control-allow-headers: Accept, Accept-Language, Authorization, Client-Id, Twitch-Api-Token, X-Forwarded-Proto, X-Requested-With, X-Csrf-Token, Content-Type, X-Device-Id, X-Twitch-Vhscf
x-cache-hits: 2, 0

OPTIONS
H2 200 streams Show response
api.twitch.tv/helix/ 0
155 B 265ms
180ms Fetch 151.101.114.214
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.twitch.tv/helix/streams?user_login=mrmouton

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.214 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Access-Control-Request-Method: GET
Origin: https://controlc.com
Referer: https://controlc.com/9e337e10
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: client-id

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
vary: Accept-Encoding
x-cache: HIT, MISS
x-ctxlog-logid: 1-5e7a4af8-677cf4ee363daf3c1ae0da58
status: 200
strict-transport-security: max-age=300
content-length: 0
x-served-by: cache-sea4422-SEA, cache-hhn4047-HHN
pragma: no-cache
twitch-trace-id: 03899683b2c96058fc190e486f63a86e
server: envoy
x-timer: S1585073110.143595,VS0,VS0,VE140
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: *
expires: 0
cache-control: no-cache, no-store, must-revalidate, private
timing-allow-origin: https://www.twitch.tv
access-control-allow-headers: Accept, Accept-Language, Authorization, Client-Id, Twitch-Api-Token, X-Forwarded-Proto, X-Requested-With, X-Csrf-Token, Content-Type, X-Device-Id, X-Twitch-Vhscf
x-cache-hits: 3, 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a4f0e8c39215f22253ccbba8d94aaf7d5cce967a7f746234af6750de3df5af3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "465 / 958 of 1000 / last-modified: 1585062257"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14409
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H/1.1 200
OK CKYIKK7U.json Show response
srv.carbonads.net/ads/ 598 B
691 B 129ms
58ms Script
application/javascript 178.128.255.192
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CKYIKK7U.json?segment=placement:pasteco&callback=_carbonads_go
Requested by: Host: cdn.carbonads.com
URL: https://cdn.carbonads.com/carbon.js?serve=CKYIKK7U&placement=pasteco
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.255.192 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-9.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 5f6fd23179ce90bd76fe145db6f5f42383fc338458aaefdac542cb1f2932bd3c

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 24 Mar 2020 18:05:10 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Content-Length: 452
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a4f0e8c39215f22253ccbba8d94aaf7d5cce967a7f746234af6750de3df5af3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "465 / 395 of 1000 / last-modified: 1585062257"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14409
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
5 KB 105ms
104ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1387900447960567&correlator=1523316077610391&output=ldjh&impl=fifs&adsid=NT&eid=21065764%2C21065517%2C21065639&vrg=2020032302&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200324&iu_parts=1025874%2CPasted_1x1%2CPasted_728x90_Top%2CPasted_160x600%2CPasted_728x90_Bottom&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1x1%2C728x90%2C160x600%2C728x90&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1585073110&dt=1585073110095&dlt=1585073109421&idt=566&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C50%2C1390%2C50&adys=-9%2C162%2C177%2C739&adks=765271295%2C1406371575%2C2762401180%2C3486010406&ucis=99d5801f65be6265da6ddd2677a9953c%7Cbd8c14d101649ec6242cd84e2b1b2c6f%7Ceabd83be90984691abe81e7f292d1284%7C9a8a2727e8802054ee55de2f1ed60eea&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F9e337e10&dssz=24&icsg=65708170&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C1500x90%7C160x600%7C1520x723&msz=0x-1%7C1500x90%7C160x600%7C728x-1&ga_vid=931922687.1585073110&ga_sid=1585073110&ga_hid=925172961&fws=2%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

31cc8647294d84a6e713ae8ea1d09db2519d06e8e92ee9d97a6410b6d847f0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 4121
x-xss-protection: 0
google-lineitem-id: -2,5214351027,5215140857,4655064465
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138293538274,138293261120,138231937338
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020032302.js Show response
securepubads.g.doubleclick.net/gpt/ 67 KB
25 KB 47ms
46ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

a07183e063a79a699b732e200a3accdf4716cbc6e8bf8a6a709b9adba07d998d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 17:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25234
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5195
date: Tue, 24 Mar 2020 16:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Tue, 24 Mar 2020 18:38:35 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=925172961&t=pageview&_s=1&dl=https%3A%2F%2Fcontrolc.com%2F9e337e10&ul=en-us&de=UTF-8&dt=BOBUSTA%20-%209e337e10&sd=24-bit&sr=1600x1200&vp=1600...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62963607-1&cid=931922687.1585073110&jid=783478604&_gid=1510692674.1585073110&gjid=520237003&_v=j81&z=1913838932
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=931922687.1585073110&jid=783478604&_v=j81&z=1913838932
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=931922687.1585073110&jid=783478604&_v=j81&z=1913838932&slf_rd=1&random=664932095

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=931922687.1585073110&jid=783478604&_v=j81&z=1913838932&slf_rd=1&random=664932095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:10 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=931922687.1585073110&jid=783478604&_v=j81&z=1913838932&slf_rd=1&random=664932095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK CK7DT53I.json Show response
srv.carbonads.net/ads/ 600 B
692 B 63ms
62ms Script
application/javascript 178.128.255.192
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CK7DT53I.json?segment=placement:pasteco&callback=_carbonads_go
Requested by: Host: cdn.carbonads.com
URL: https://cdn.carbonads.com/carbon.js?serve=CKYIKK7U&placement=pasteco
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.255.192 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-9.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 9e2d9ca4747e0ea62d8c385aded4ae6a6ec015d8b610275b97c175bc617e8509

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 24 Mar 2020 18:05:10 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Content-Length: 453
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B9F 0
0 45ms
45ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9bSX7_heXHVR3KU7VeqcBuvL9LoLqEaf1RpqWPg0SCP0PgmSbn0A3R5bPZEwyGPUktDuIFiWfEY6lvzJ-ZEh6pgaeF84YcgCWRVhG8_KJmS1veyltnUhs0cM7V11Aell2mgn0WVIJUPVgVnwUfo4gRfhctO8m3TnGa6oeVPpjrCG0tsdebfXvdu-SqYX9zK8p7J7hCNQfXzdYzWfUvb29dy_p0jnBrwTYZXM4uI8xYwvJM7Ed9It9tKrwinZUheh46FjoxeFWDYSDpQ7hUVq8O1olpPMu6Q&sai=AMfl-YQqgfwXNlJWuhVfYelDmx4kxN9qGOERbT59-m24NxIP1AWGoBPVp5LU11ZJZzMDWh3G1iVOKPNgUxCuNWrHqAY46hNzHFS2BEWuoR0q_w&sig=Cg0ArKJSzO2UIYOrypuyEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Tue, 24 Mar 2020 18:05:10 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 t.js Show response
yadloop.com/ Frame 5B9F 16 KB
16 KB 181ms
74ms Script
application/javascript 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=5328151585073110217
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash: 0a75f3388199fd2a59219cf709eb5cdf7bb8f6080314a02e89cb87330482ad13

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Tue, 24 Mar 2020 18:05:10 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: xEHyLp5gQcca9p1qssQ0J0Z_CrMO3TY2ECwQD6NaZ2BV9DtcsrCWeA==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B9F 74 KB
28 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a1b118736ba9dc41f144f350574bec748a1ba0e8b355a99cbfe570ad236b50e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1584962844677376"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28201
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

351e508c1da4f9d1535747086accb41121466a52044aa868eba4a36009fdb101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1584962844677376"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27941
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 302A 0
0 44ms
44ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssj9htzipsxDG7yN3gqfCxkgTYDpRPczWe6JqVEyifWWe_7yp1gtuMGTF0zymDoCQvdO-YSR-jbXXTFJce_v-b9picjNLRDfjkcd3hZTxqcQ1XE13IB9Mb5GnMAFgN2mWM4XNrV5ygHnRWbH2fbOtRcD6KCEtGCe9WL8ZPsmiMPIwako_quqxAZZZBrNv0pedvgD98WvLhgl2L-cJRqXlS419kzYMPhOf1dYOUNFtwBK_PEuaHF89PS4oXRs8jjPbh4suWBXr7Nibr85KRdq_cd5Tfqig&sai=AMfl-YR0Zc6SzgpgE8ne2AgPOpulDviPQMYyDDnmcb-wkOBSMZQZh0czDhizYubPEAygs7smlVKzG3jeiFYe9BCeB1zMXaWiEgG9mjZAqw1rmw&sig=Cg0ArKJSzBaik1djci1eEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Tue, 24 Mar 2020 18:05:10 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 t.js Show response
yadloop.com/ Frame 302A 16 KB
16 KB 199ms
97ms Script
application/javascript 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=3743011585073110222
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash: 50d427c9781620c9c79232b1a4db8265f429a170f2b01752378c45bda462f204

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Tue, 24 Mar 2020 18:05:10 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: wZFUZZOWiKAHz45xEfg0cMgOcFwtvHDzhDQNr39vHcIkaIgYf1rPyA==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 302A 74 KB
28 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a1b118736ba9dc41f144f350574bec748a1ba0e8b355a99cbfe570ad236b50e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1584962844677376"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28201
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 031C 0
0 47ms
46ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXoVn8H2wSVfe3jl2bvhw09LXenhcmyuFOtj-IWM40Yi3qxa1TnzlnTK1xd4ItmAuBZwuSY3zldQrFyYOpsIoqKGVArwDpOW-AQolgbSP8BJ6fnXB5BJbhlF8L4RSrcSbDWnXtxa_QoDCMgKv9H2R9KpEyH_jMoq6I7DlgDhtkHYEDF2V0DhARnWHHs9ZSvsAB7ZF6k3Vpw9QtSD3vgMap5-8kdW7cPOn7pQhyT9kHv3uvD_dN7owhuNRNzCPOeEuLvixjOWC2xNT5w4U&sai=AMfl-YSJla782g36WJCk2ySurq1qaFOeBqPEZgZP2XEhUjh-NrCcWXMPpYGRyJ0l_BcIitF92sHGLJT5dGmRVXZVP9ZD7ZMlhQKbdt_ZarN1Cw&sig=Cg0ArKJSzIM7XLFpPYRUEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Tue, 24 Mar 2020 18:05:10 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 031C 8 KB
3 KB 585ms
127ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.mthsense.com/RenderAd.aspx?id=14896&width=728&height=90
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a34c05a07f4961b4adc12ca51a9b77ca4133021bccab54c5eb44e84d5ea38d5d

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 24 Mar 2020 18:05:10 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 2970

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 031C 74 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a1b118736ba9dc41f144f350574bec748a1ba0e8b355a99cbfe570ad236b50e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1584962844677376"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28201
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 19ms
19ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020032302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a25981122fae9b74f9cabe06d1f134ba8320b62095fdb6543118f0e60b52bb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5205
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 0066 0
0 6ms
6ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Tue, 24 Mar 2020 17:59:03 GMT
expires: Wed, 24 Mar 2021 17:59:03 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 5B9F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11b66ed164137ad0570f93469e4da941237ac0633a612098f8652b3d369d251c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 302A 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1583a06197cc39cc76c4e70e30dce315c3cc6d310cd1c09d2574b8ef9685cc0d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 streams Show response
api.twitch.tv/helix/ 27 B
191 B 197ms
196ms Fetch
application/json 151.101.114.214
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.twitch.tv/helix/streams?user_login=harkdan

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.214 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

31c70fc4fa7dee6db3f53f0c1db540813dfc6523f0226634179a701062d3e616

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
Client-ID: jzkbprff40iqj646a697cyrvl0zt2m6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ratelimit-reset: 1585073114
vary: Accept-Encoding
x-cache: MISS, MISS
x-ctxlog-logid: 1-5e7a4bd6-32d35553e1b2f035ec496b8e
status: 200
ratelimit-limit: 30
content-length: 27
x-served-by: cache-sea4483-SEA, cache-hhn4047-HHN
pragma: no-cache
twitch-trace-id: f9af16f5d59c577009694108b52ea393
server: envoy
x-timer: S1585073110.327005,VS0,VS0,VE159
date: Tue, 24 Mar 2020 18:05:10 GMT
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
access-control-allow-origin: *
expires: 0
cache-control: no-cache, no-store, must-revalidate, private
timing-allow-origin: https://www.twitch.tv
ratelimit-remaining: 28
x-cache-hits: 0, 0

GET
H2 200 streams Show response
api.twitch.tv/helix/ 27 B
268 B 193ms
193ms Fetch
application/json 151.101.114.214
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.twitch.tv/helix/streams?user_login=mrmouton

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.214 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

31c70fc4fa7dee6db3f53f0c1db540813dfc6523f0226634179a701062d3e616

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
Client-ID: jzkbprff40iqj646a697cyrvl0zt2m6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ratelimit-reset: 1585073112
vary: Accept-Encoding
x-cache: MISS, MISS
x-ctxlog-logid: 1-5e7a4bd6-1274be14f99d23365d596dac
status: 200
ratelimit-limit: 30
content-length: 27
x-served-by: cache-sea4465-SEA, cache-hhn4047-HHN
pragma: no-cache
twitch-trace-id: 0ae392796596246197378658c75a6ca2
server: envoy
x-timer: S1585073110.327252,VS0,VS0,VE154
date: Tue, 24 Mar 2020 18:05:10 GMT
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
access-control-allow-origin: *
expires: 0
cache-control: no-cache, no-store, must-revalidate, private
timing-allow-origin: https://www.twitch.tv
ratelimit-remaining: 29
x-cache-hits: 0, 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020032302&jk=1387900447960567&bg=!3t2l3cVYb8d8zbXw6L4CAAAAM1IAAAAJmQFY3dOmGR_eRSI3_aA6AWB5vMZF47aomvzur4zrsVRT6neczo2WWQYKS8vizhgvQ_Ey9hUInAKA_rrnRWHSHrMhrQ-qGI89xfwPWmoLMaac7PLkOsvBh-s6RWFV084GqLhPxvr-XL8Qxjk1EKStrtMVPdqkw0ZWGY5ru6TnX0kp8NuxqFi6AmwFnUS6qUWXFKu9GJRIGdlQXVrhllSoVLFsquSGiWYa0sVFu3y9pGR4vFTmlpPwnhahREgojQUp4EMKmbktFHkAO2MIZ-mEjd-R_fLePCEvKxrLwzPrFAgMjtu-cw2InIt23y1WmDD7xj7CDr4tYW_Kdl3X0J0PqVvw8exouW3oVa5aDwPu633psLjOI4noigSp99fk7sZBatW9JZ_CZSOu9fqG52zlxTyvqEiFx-OC7RsHvql7YfEN77B_K--7GCxdhYI0SVLrZ1gNliCHmM30Zck

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:10 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C355 43 KB
14 KB 43ms
42ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=5328151585073110217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

9a78a17b8317bd16e045805ab8a175f47e5c0ebcdef50619ab70fa10e63d4474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "465 / 611 of 1000 / last-modified: 1585062257"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14412
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 d
yadloop.com/ Frame C3AF 0
0 101ms
101ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e701&cb=5021611585073110434
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=5328151585073110217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=qwpqn1ipjtdny52xwe&a=e7e3edf67bbbf355f3842002df325e701&cb=5021611585073110434
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 551
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Igst-q1_D9NN4TtsnHsHNnrCHs-uV7rV9VPObTVu8QIDWgri0_yhxg==

GET
H2 200 d
yadloop.com/ Frame E097 0
0 71ms
70ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b5&cb=8823461585073110435
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=5328151585073110217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=qwpqn1ipjtdny52xwe&a=8d24bfb2399fef67eb4853127e98e35b5&cb=8823461585073110435
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 397
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: nkVUs93Hletus5ALTJlMa3pfJHf3y7EVr5hVwexRCId1icJzUe-wsQ==

GET
H2 200 d
yadloop.com/ Frame 4792 0
0 100ms
100ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1757&cb=0803161585073110436
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=5328151585073110217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=qwpqn1ipjtdny52xwe&a=583c97bffda9e861eef744bb729bd1757&cb=0803161585073110436
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 311
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 6WH4uniXCT8IZT0X0u9Wmz5i3loMnYFwBb686RgDHp0N779kdMjSYg==

GET
H2 200 d
yadloop.com/ Frame DD32 0
0 73ms
72ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d87&cb=0924831585073110437
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=5328151585073110217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=qwpqn1ipjtdny52xwe&a=1656d8b86daf5f9b3fdb48a71ff5c5d87&cb=0924831585073110437
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: fkRmae-gNCSUG1C1UKbyiqIQqhV9eG0CrthaE0535ftFRPmmLx5-kA==

GET
H2 200 d
yadloop.com/ Frame 7218 0
0 93ms
93ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260883&cb=0500681585073110438
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=5328151585073110217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=qwpqn1ipjtdny52xwe&a=042aae3d103cb2cf8bf5aeb73e4260883&cb=0500681585073110438
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 730
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: xB86P5X57-CDwYyBqi9oevwJxc52xVGvkvEAGMaz-uasUMwPhEjv3w==

GET
H2 200 d
yadloop.com/ Frame FB46 0
0 90ms
89ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a37&cb=2327841585073110439
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=5328151585073110217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=qwpqn1ipjtdny52xwe&a=0387d5c886ab43851b17668d431a22a37&cb=2327841585073110439
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 345
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: HxXI-SdlVuOovxvDZ-lVXTGf_buFtfjYISN7MpwGBID-RAWfwUIdRA==

GET
H2 200 d
yadloop.com/ Frame E222 0
0 90ms
90ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e79&cb=9636401585073110440
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=5328151585073110217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=qwpqn1ipjtdny52xwe&a=65a147f60ac39ee42ddc15357e3357e79&cb=9636401585073110440
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 505
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: YYelDfAzGi2P5KdAUqTsx-1_0thnMKtwNu-IpePKXZWuvxq51NNB_A==

GET
H2 200 d
yadloop.com/ Frame AA39 0
0 91ms
90ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d31&cb=9874081585073110440
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=5328151585073110217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=qwpqn1ipjtdny52xwe&a=a00eaa3d258ea605d646e840c2abc7d31&cb=9874081585073110440
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 2016
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: vWKLx2pUDnplupA0NgBkFZ0UHmtUvCuJg4YMbt9-HAzs327cub5eWQ==

GET
H2 200 d
yadloop.com/ Frame 24E4 0
0 92ms
92ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc5&cb=5918261585073110441
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=5328151585073110217
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=qwpqn1ipjtdny52xwe&a=c45d735e03062c906bf91a597b0779fc5&cb=5918261585073110441
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 388
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: pHY2imF-m1jo2E9tKfhibMN5snUH3JIqxAsvxzc7_OAPNj9UuINSQw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D050 43 KB
14 KB 42ms
42ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=3743011585073110222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

9a78a17b8317bd16e045805ab8a175f47e5c0ebcdef50619ab70fa10e63d4474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "465 / 326 of 1000 / last-modified: 1585062257"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14412
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 d
yadloop.com/ Frame 28E4 0
0 89ms
89ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f7&cb=1512851585073110451
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=3743011585073110222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=uml4x413apkiqmcvre&a=e96e60777be2b11b557710600480737f7&cb=1512851585073110451
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 400
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 7nuvUZPdrFLsmsVGQw0dew8V9vtgEp955vWhmzU_VjYbohzfMEummg==

GET
H2 200 d
yadloop.com/ Frame DB23 0
0 88ms
88ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475217&cb=6145411585073110456
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=3743011585073110222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=uml4x413apkiqmcvre&a=de81326896952138509daec1d52475217&cb=6145411585073110456
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 505
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 4p1KbGogf2x61fipldwtG6JRF7Uhbf2IkUBeU0IBhMYq-hdmX704mA==

GET
H2 200 d
yadloop.com/ Frame 2344 0
0 90ms
89ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb31&cb=4248981585073110457
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=3743011585073110222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=uml4x413apkiqmcvre&a=b31361440c2a950248d2363fce3fbbb31&cb=4248981585073110457
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 388
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 84LKLgJXqjgoo0ryOzgKxkE3ITz9UfAl9ioQJoyqBkqDPY4BIKbSvw==

GET
H2 200 d
yadloop.com/ Frame 6E95 0
0 85ms
84ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a97&cb=0183031585073110458
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=3743011585073110222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=uml4x413apkiqmcvre&a=13a1170b1c068c33ae22a9f83844b6a97&cb=0183031585073110458
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 731
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: ZW4yfKxlhaAPI7iksWdndnjWLcTuxKzKrJL34LnQZG2eYpsZVR_tZA==

GET
H2 200 d
yadloop.com/ Frame 67AA 0
0 87ms
87ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a9&cb=4565971585073110458
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=3743011585073110222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=uml4x413apkiqmcvre&a=c3e802620f6403d56cdd9b1c4db4b99a9&cb=4565971585073110458
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 2017
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: omjUHs9f6mjW2BnC_67jNsSvafzAA1ijS6-o6MivHRU79YXZstROSg==

GET
H2 200 d
yadloop.com/ Frame 594B 0
0 91ms
91ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab307&cb=7693161585073110459
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=3743011585073110222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=uml4x413apkiqmcvre&a=dc5fa123d65922e149a00c2e664fab307&cb=7693161585073110459
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 345
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: NJeH-SdOOXW37YAMS93AKu_Nc8oaL_pi7PTvAyeY_SRs7tYBqTE22w==

GET
H2 200 d
yadloop.com/ Frame F215 0
0 91ms
90ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f3&cb=2475701585073110460
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=3743011585073110222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=uml4x413apkiqmcvre&a=6c56023cc6501990db7bccf2badeea2f3&cb=2475701585073110460
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 311
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: pj71swM2G78U4xjQ59ZSUKu1H0Zr9fGxqVLPs18R6yOIMaf-t_8utQ==

GET
H2 200 d
yadloop.com/ Frame 8473 0
0 93ms
92ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe481&cb=9866381585073110461
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=3743011585073110222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=uml4x413apkiqmcvre&a=f4437de7861e6bc4a24fefe57aebbe481&cb=9866381585073110461
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: _wnhGOKPdWe7nR5Adve4PA8vu1HO8ILP5jWDBuoApaFSJPh-RR5_3g==

GET
H2 200 d
yadloop.com/ Frame F3D8 0
0 94ms
94ms Document
text/html 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/d?i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba027&cb=8751821585073110461
Requested by: Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=3743011585073110222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: yadloop.com
:scheme: https
:path: /d?i=uml4x413apkiqmcvre&a=e91e892c69af5862965671314669ba027&cb=8751821585073110461
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSID=f65946b0a0dd38a1168714f60aa09bdde4f5dd0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 552
date: Tue, 24 Mar 2020 18:05:10 GMT
x-cache: Miss from cloudfront
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: XNthKycrOlYL1X95wkNo1WLUIj0wn1av0olurCHOxhCZrOE4AWm44Q==

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame C355 109 B
839 B 40ms
18ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C355 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C355 165 KB
60 KB 42ms
42ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 61481
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame D050 109 B
171 B 29ms
20ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D050 109 B
171 B 18ms
18ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D050 165 KB
60 KB 50ms
50ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 61481
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 pxl.jpg
yadloop.com/ Frame 5B9F 597 B
830 B 65ms
65ms Image
image/jpeg 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yadloop.com/pxl.jpg?i=qwpqn1ipjtdny52xwe&s=3082&p=https%3A%2F%2Fcontrolc.com%2F9e337e10&h=6388411585073110543
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: C63dlw8lu1rtcb1lTOHjz2ALWhVznDkq-yIkMMoHcGAvIOAnkKUEhg==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C355 77 KB
25 KB 395ms
394ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3229183867110938&correlator=1294647385899644&output=ldjh&impl=fifs&adsid=NT&eid=21062833%2C21065138%2C44716867&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200324&iu_parts=21671350435%2C728x90-controlc.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3Ddb76b3373b0e5255%3AT%3D1585073110%3AS%3DALNI_MYumhs6BxlAJT5gxuITDd0qOF24Iw&cdm=controlc.com&bc=31&abxe=1&lmt=1585073110&dt=1585073110570&dlt=1585073110432&idt=123&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=50&adys=162&adks=1088513110&ucis=n1ra0j4tfwz1&ifi=1&ifk=4259585176&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F9e337e10&top=https%3A%2F%2Fcontrolc.com%2F9e337e10&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=931922687.1585073110&ga_sid=1585073111&ga_hid=1888688521&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

804fa9160ddf64b80e76c1651e3b98f9155c783e30dc9db74287c2c56e1caf4b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11495890406114736535/cs2002l0006_005_338340_uk_cs_sb_fy20q4_oa_modena_728x90_msft.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11495890406114736535/cs2002l0006_005_338340_uk_cs_sb_fy20q4_oa_modena_728x90_msft.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPfqzr3Zs-gCFY2B3godJy4Ktw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11495890406114736535/cs2002l0006_005_338340_uk_cs_sb_fy20q4_oa_modena_728x90_msft.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11495890406114736535/cs2002l0006_005_338340_uk_cs_sb_fy20q4_oa_modena_728x90_msft.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11495890406114736535/cs2002l0006_005_338340_uk_cs_sb_fy20q4_oa_modena_728x90_msft.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPfqzr3Zs-gCFY2B3godJy4Ktw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11495890406114736535/cs2002l0006_005_338340_uk_cs_sb_fy20q4_oa_modena_728x90_msft.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25272
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Tue, 24 Mar 2020 18:05:10 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C355 69 KB
25 KB 83ms
82ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25689
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame C355 0
0 6ms
6ms Other
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 pxl.jpg
yadloop.com/ Frame 302A 597 B
829 B 81ms
80ms Image
image/jpeg 99.86.7.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yadloop.com/pxl.jpg?i=uml4x413apkiqmcvre&s=3082&p=https%3A%2F%2Fcontrolc.com%2F9e337e10&h=8132251585073110591
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.7.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-26.fra6.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: 3d8Huu_Mm70irv-iRL_dVa1YbQWpl47Hnj8AwmAVDHk7lMArzepj8g==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D050 52 KB
12 KB 341ms
339ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3293226023399321&correlator=503679326545169&output=ldjh&impl=fifs&adsid=NT&eid=21062832%2C21064371%2C21065638&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200324&iu_parts=21671350435%2C160x600-controlc.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&cookie=ID%3Ddb76b3373b0e5255%3AT%3D1585073110%3AS%3DALNI_MYumhs6BxlAJT5gxuITDd0qOF24Iw&cdm=controlc.com&bc=31&abxe=1&lmt=1585073110&dt=1585073110605&dlt=1585073110449&idt=149&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adxs=1390&adys=177&adks=2407567311&ucis=3f2534f4a0e5d7eadc08351e725aa0aa&ifi=1&ifk=528331712&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F9e337e10&top=https%3A%2F%2Fcontrolc.com%2F9e337e10&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x-1&ga_vid=931922687.1585073110&ga_sid=1585073111&ga_hid=1178994667&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

41048ad6f6b38dd8ee1133f6d4089bfbe00a49b12a6e08e5edd1ffec387d0aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 11713
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D050 69 KB
25 KB 54ms
53ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25689
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame D050 0
0 52ms
51ms Other
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H/1.1 200
OK prebid3.12.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 86EA 224 KB
224 KB 2685ms
47ms Script
application/javascript 13.224.89.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Requested by: Host: ads3.mthsense.com
URL: https://ads3.mthsense.com/RenderAd.aspx?id=14896&width=728&height=90
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.89.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-118.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98de3f600c4ff915204d27a70fd224d9b428158a28c7b6d8e8d63ba2a0f6c374

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 24 Mar 2020 15:28:24 GMT
Via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
Last-Modified: Wed, 18 Mar 2020 22:27:12 GMT
Server: AmazonS3
Age: 9410
ETag: "c7e13df4edfbc8f3b857a7aefaf19731"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: ZRH50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 229297
X-Amz-Cf-Id: 5Ja_cL13t6GhCaysN3vXEeF0qEOV9bkLeE1gKIq_OMdTWXZdH1uw1A==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 86EA 43 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee89179632a5cc3c8841b16c3ba6bff551eb6179c7c7d025ec97c210178f8e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "465 / 506 of 1000 / last-modified: 1585062300"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14409
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
DATA 200
OK truncated
/ Frame 031C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3ff9d7997b146210855bc695e1004c041080e328a28f6b1c65e97bd1abd42ee

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 86EA 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controlc.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 86EA 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 86EA 165 KB
60 KB 43ms
43ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065761

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 61481
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ Frame F853 200 KB
55 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
Origin: https://controlc.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 14372
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55811
x-xss-protection: 0
server: sffe
date: Tue, 24 Mar 2020 14:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "789295de90cb321e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Mar 2021 14:05:38 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ Frame F853 200 KB
55 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 14372
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55811
x-xss-protection: 0
server: sffe
date: Tue, 24 Mar 2020 14:05:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "789295de90cb321e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Mar 2021 14:05:38 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012003101714470/v0/ Frame F853 16 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d0c18b56d3b9bd3640250af1ce1e624bda890531f830d64c99d45e6c07bb349

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22324
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5728
x-xss-protection: 0
server: sffe
date: Tue, 24 Mar 2020 11:53:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "36d96c2d19cb35a6"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Mar 2021 11:53:06 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003101714470/v0/ Frame F853 92 KB
28 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 14364
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28328
x-xss-protection: 0
server: sffe
date: Tue, 24 Mar 2020 14:05:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f4788313c10056ed"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Mar 2021 14:05:46 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012003101714470/v0/ Frame F853 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b8ef4f3c2daa40e68de70096105302da24a586c1d75b620dff0ff579db73ba8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22308
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1414
x-xss-protection: 0
server: sffe
date: Tue, 24 Mar 2020 11:53:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ea7b1c90fec06498"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Mar 2021 11:53:22 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012003101714470/v0/ Frame F853 46 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eada136c924874367d33d22fb496800b3f6f4e97f457829d2c18b5d41f1019a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22286
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14863
x-xss-protection: 0
server: sffe
date: Tue, 24 Mar 2020 11:53:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "db7c050f8b3f760d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Mar 2021 11:53:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F853 5 KB
776 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 24 Mar 2020 18:05:10 GMT
server: ESF
date: Tue, 24 Mar 2020 18:05:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Mar 2020 18:05:10 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8578129967820296872/ Frame F853 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8578129967820296872/downsize_200k_v1?w=300&h=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd67767c31dc810b77952c560b17434acdcf7037101f63d20994ae7960ea5076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 05 Feb 2020 04:24:40 GMT
x-content-type-options: nosniff
age: 4196430
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 3096
x-xss-protection: 0
last-modified: Tue, 08 Jan 2019 00:33:08 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 04:24:40 GMT

GET
DATA 200
OK truncated
/ Frame F853 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1a1cafdfb016091489e6045f6ee6178493a7af98f9d3f2dcef7cf354e5916ed

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ Frame D050 20 KB
7 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2b0d171a4179bf00898c430c1c15464e528aff5762fc70a5d02184834c82eff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3280
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 7178
x-xss-protection: 0
server: sffe
date: Tue, 24 Mar 2020 17:10:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9d3d923337ef7e9b"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Mar 2021 17:10:30 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F853 2 KB
3 KB 7ms
5ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 11:08:58 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 24972
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 25 Mar 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F853 295 B
406 B 7ms
6ms Image
image/png 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 12:55:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 18589
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 25 Mar 2020 12:55:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F853 0
0 14ms
13ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkV9HFwbUns-88nBWmJjE4BZ1O7qKqsuY9LJmsJGHns44Wu_HKf2t8yiYQPE5-oo9TbCFQhzkkKde7lFcIRZpWhp9ieg
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2

200

B22124189.255020799;dc_pre=COjqp77Zs-gCFaDluwgdp8MOFw;dc_trk_aid=450807297;dc_trk_cid=121088478;ord=3610075644;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame F853
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.255020799;dc_trk_aid=450807297;dc_trk_cid=121088478;ord=3610075644;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.255020799;dc_pre=COjqp77Zs-gCFaDluwgdp8MOFw;dc_trk_aid=450807297;dc_trk_cid=121088478;ord=3610075644;dc_lat=;dc_rdid=;tag_for_ch...

42 B
120 B

55ms
55ms

Image
image/gif

216.58.207.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.255020799;dc_pre=COjqp77Zs-gCFaDluwgdp8MOFw;dc_trk_aid=450807297;dc_trk_cid=121088478;ord=3610075644;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.255020799;dc_pre=COjqp77Zs-gCFaDluwgdp8MOFw;dc_trk_aid=450807297;dc_trk_cid=121088478;ord=3610075644;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F853 0
0 47ms
47ms Image
text/html 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHD531kt6Xo_1KMPtgAeFu4eACKy1u-Zb9sy2_4EKr4G649cCEAEg1ubFWGC7vq6D0AqgAdL4y-IDyAEB4AIAqAMBqgTNAU_Q81PbYEooJDuN9wLflhik5KOhmBe9lF555HHR9ly3CEwInIW5StUWdRJn3jTPKuLSMX0nNfevsEW8kgQyA6j1Ik0N1AzW8zTpJz9zQo9U4rPpuoziBn9nrs8C-W7uqM5JcimJonqG6gXXNw9wfvShG2F5C6xCfbAfYIFj7-Px-wh1qLn2KsJ3FHuorbJ6y8g3QTGfaWAr4LCe56zh7t9DJZXsmm5F0hNrx-Q1jY65AEtWErJK2KXla78R4DRgRMsz6MmMmbW81jwumVzABJOsl6yUAuAEAYAHgYjWQ6gHjs4bqAfVyRuoB5PYG6gHn9sbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEO_NDNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTI5MzQ0NzU5MDcwNjk5MYAKA8gLAdgTA4gUBA&sigh=jNTlgx1kUJM&template_id=5001&tpd=AGWhJmshLmNKEr9LPdm7mtu4hpRZscRl2IXcb6fP0q_gtJqoEA
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s14-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D050 7 KB
5 KB 17ms
16ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020030501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdec621389e32233d64418022a23c898c24b3ac19a0399246bb954dc614e4aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5207
x-xss-protection: 0

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 507D 0
0 6ms
6ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Tue, 24 Mar 2020 12:25:01 GMT
expires: Wed, 24 Mar 2021 12:25:01 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 20409
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C355 74 KB
27 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

351e508c1da4f9d1535747086accb41121466a52044aa868eba4a36009fdb101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1584962844677376"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27941
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:11 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C355 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020030501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ea72cb36422f947702cdb12eff5c45440e31c05c58f9ff5ed38c2533b7fcafa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Mar 2020 18:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5182
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F853 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin: https://controlc.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 03:12:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1695151
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Fri, 05 Mar 2021 03:12:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F853 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin: https://controlc.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 08:47:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2279884
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 26 Feb 2021 08:47:06 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D050 14 KB
5 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:11 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C355 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:11 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012003101714470/ 20 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003101714470/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2b0d171a4179bf00898c430c1c15464e528aff5762fc70a5d02184834c82eff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3281
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 7178
x-xss-protection: 0
server: sffe
date: Tue, 24 Mar 2020 17:10:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9d3d923337ef7e9b"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Mar 2021 17:10:30 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F853
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
40ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Tue, 24 Mar 2020 18:05:11 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame C2B8 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Tue, 24 Mar 2020 17:59:03 GMT
expires: Wed, 24 Mar 2021 17:59:03 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 368
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 2C77 0
0 6ms
6ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Tue, 24 Mar 2020 17:59:03 GMT
expires: Wed, 24 Mar 2021 17:59:03 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 368
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D050 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020030501&jk=3293226023399321&bg=!aGula3NYN15kUNpmQjcCAAAAaFIAAAAPmQF0qX7CSHP9_I1itx43jABUO9LCwsZ46Vd-5P0pucDToB9aoVsIGM7_MkhwsfPnA1n5W8eHg6iJSYKqmHONVAHLPEi4Dpimq9ePV-BiV-8PyTUm-vjGTBfuwYwwsd83Ik76xNrYT0ZRnxWsv0uT2cpsK6ls9EnyV4ci5udmMtkT6Krnrod61urx2uTRDF1H-CUbBysKIt8dTYJBG22YohJepgH_4UtIuNckZtEBxfiiH8jHjZtt4dCAJhUAexOeePjwJo4eMsrX2Toa29Nb8Vg8Z102oId2T6-YjbX8B-POgDg4hYaHB0erRp70tit0tASDqxoj3xvPcHt24CQ8g2Rt4xEe4iTRTEJIFi_yZcuhqFSxwFaFB-G5sAVDJD9cjS9ZA98ofIR3vokT8Q5vSaYyLgVtf8M5icpNY4-J2ZwjsW29XlEAyVSRH7qYt5G3fSYN4raWVhO5qxOs8TxDwzDR2iklRoDPnCErc_SjzgAQiJ6CrsXp

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C355 0
58 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020030501&jk=3229183867110938&bg=!ERKlEgpYHZ-J7sfmZ6cCAAAAVVIAAAANmQF0zFrfCjZz7HuIcCXXC8YJDY-sHiLqEhdJgmWub2QPFAyBchPOR8HvF_DYAbEJJRCmI5YHbDpuDKkG8h-PWhk49sfnrMqS4dS2hHVmpvjp-5lMjAzoR0lmLJMSBVgolBOVQCwlWi_sckUxrzgpxVZgLjm_2tpL20Ky7M7mAKWcswvo6o-Q3UGprUo7a_R2ZaKao4jViGuDLAuoo7AxxLHRxqdgIr3eS8AV7ibft8BLLoy31lk2yOR1C51cirM-keu9n75ZbXY1ov7csy4Qlqrx5nKeAJoTNEF2aHhtEt6qD6j8MZmBxFikzxBzuxejQC9cL8OxVPqsx5j6NX-F7q798Bv8UHw2Lj8oJ8wmRVrmfScPAFSwH53YEgVP2hVUosGZvkVJbsxRyxXoxslLBbGhO_ym7Rtp9HvggmDS48SA5nNbzoi21oE4I4-9Tma8_LTIZjv2h4_8nMDj57pbHe6bpZujt0g1iVS9X91LGW_2VmyQwYuh

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5B9F 42 B
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm9ZOyCjAQEQ7LXTkNFRfq4AB9kgetsu6co9op_HGt6HaiYV7pFa2SZ2uQ7utR-fZxSb0G1_VcKXc-zT1AtBPL7gtHllS3BLawABnqf2g&sig=Cg0ArKJSzEx93IVBmJDdEAE&adk=1406371575&tt=-1&bs=1600%2C1200&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&p=162,50,252,778&mcvt=1026&rs=0&ht=0&tfs=209&tls=1235&mc=1&lte=0&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1585073110218&dlt&rpt=154&isd=0&msd=0&ext&xdi=0&ps=1600%2C1145&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-4-11-11-0-0-0&tvt=1232&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2F9e337e10&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200323

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 302A 42 B
110 B 17ms
17ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLzuKOOAnLi4cXs3tCTdRb1X0OaRf3mFgj1jrK5dokhlHDIGjSdLm-FCi1cLj_b8MFKemFylB5xipAugqZHlOtYKwijOXgcDX8fALZK6w&sig=Cg0ArKJSzNK2S715Q7_5EAE&adk=2762401180&tt=-1&bs=1600%2C1200&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&p=177,1390,777,1550&mcvt=1018&rs=0&ht=0&tfs=204&tls=1222&mc=1&lte=0&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1585073110222&dlt&rpt=164&isd=0&msd=0&ext&xdi=0&ps=1600%2C1145&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=1221&is=160%2C600&iframe_loc=https%3A%2F%2Fcontrolc.com%2F9e337e10&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200323

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 031C 42 B
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHRt2OGeMMkizzxLyYoJPNabmuPnIU0ATxm9_UH3yUA80yE9vR-UZ7H_Yyv53Jlj9x74I3NM8yNai5Hv53OOoKQ8CfeMnqOI4cQfAXOPU&sig=Cg0ArKJSzPpHPtUgptFVEAE&adk=3486010406&tt=-1&bs=1600%2C1200&mtos=0,1098,1098,1098,1098&tos=0,1098,0,0,0&p=739,50,833,778&mcvt=1098&rs=0&ht=0&tfs=102&tls=1200&mc=0.95&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1585073110225&dlt&rpt=597&isd=0&msd=0&ext&xdi=0&ps=1600%2C1145&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1200&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2F9e337e10&r=v&id=osdim&vs=4&uc=12&upc=0&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200323

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F853 0
0 49ms
49ms Image
text/html 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHD531kt6Xo_1KMPtgAeFu4eACKy1u-Zb9sy2_4EKr4G649cCEAEg1ubFWGC7vq6D0AqgAdL4y-IDyAEB4AIAqAMBqgTNAU_Q81PbYEooJDuN9wLflhik5KOhmBe9lF555HHR9ly3CEwInIW5StUWdRJn3jTPKuLSMX0nNfevsEW8kgQyA6j1Ik0N1AzW8zTpJz9zQo9U4rPpuoziBn9nrs8C-W7uqM5JcimJonqG6gXXNw9wfvShG2F5C6xCfbAfYIFj7-Px-wh1qLn2KsJ3FHuorbJ6y8g3QTGfaWAr4LCe56zh7t9DJZXsmm5F0hNrx-Q1jY65AEtWErJK2KXla78R4DRgRMsz6MmMmbW81jwumVzABJOsl6yUAuAEAYAHgYjWQ6gHjs4bqAfVyRuoB5PYG6gHn9sbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEO_NDNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTI5MzQ0NzU5MDcwNjk5MYAKA8gLAdgTA4gUBA&sigh=jNTlgx1kUJM&vt=1&template_id=5001
Requested by: Host: controlc.com
URL: https://controlc.com/9e337e10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s14-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F853 42 B
110 B 27ms
26ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRdeMHLXFa8-rrTrushhWBDNRFtLUTMX7jjj3m9ONPMUc4d1M9sAIYRPXg0AvOA6aY1vk7KKvmPNUxsKi0YtYOLvkrudfV3OmtRbqVn741SC4ooFo6lhxdMlgH-EtCtmUpvQYAh0wGN_3k4PTDjQgf&sai=AMfl-YSYuCihCHWxOHemkbxz5jO_dPVvkNoFHtsYI2GrWAIbsE-PVAl-tyze_PKsWQcDwQT6pSeF6D8Jo5TT_o8LVOwEjpQgb0I-jxJ3ly20CcG1DCpYGKEXbABKPELg&sig=Cg0ArKJSzFDEldsn48xXEAE&cid=CAASF-RoM_-E5FX-FSOwW0zmWXbLJA1U9JXD&id=ampim&o=1390,267&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=181&tls=1181&g=100&h=100&tt=1181&r=v&adk=2407567311&avms=ampa

Requested by

Host: controlc.com
URL: https://controlc.com/9e337e10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 auction Show response
exchange.bidphysics.com/ Frame 86EA 1 KB
2 KB 1416ms
157ms XHR
application/json 54.236.169.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.bidphysics.com/auction
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.169.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-169-205.compute-1.amazonaws.com
Software: /
Resource Hash: bd3a3136be4915947956c6be4e2c0c1fefb9d4368ddd619afe8d611b936c1580

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:14 GMT
status: 200
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://controlc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1341
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 86EA 19 B
706 B 89ms
29ms XHR
application/json 185.33.223.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.216 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 24 Mar 2020 18:05:15 GMT
X-Proxy-Origin: 185.44.76.84; 185.44.76.84; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.111:80
AN-X-Request-Uuid: 881c4221-bf0e-4fd4-bc27-64d9435ee635
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ Frame 86EA 16 B
166 B 329ms
132ms XHR
application/json 206.189.254.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Tue, 24 Mar 2020 18:05:13 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://controlc.com
content-length: 16
vary: Origin
content-type: application/json

GET fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 86EA 0
0

GET cygnus
as-sec.casalemedia.com/ Frame 86EA 0
0

POST hb
ssc.33across.com/api/v1/ Frame 86EA 0
0

POST bid
ap.lijit.com/rtb/ Frame 86EA 0
0

GET
H2 200 arj Show response
os4m-d.openx.net/w/1.0/ Frame 86EA 173 B
566 B 1111ms
39ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcontrolc.com%2F9e337e10&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=98e6a365-58be-40bd-952e-b5b14e92b2ed&nocache=1585073113592&aus=728x90&divIds=URL_Pasted_728x90_BTF__86&auid=540529560&aumfs=300&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.179.0 /
Resource Hash: b3b896527ac9e8e1f99a2283eff9f02c317fe16e29e71dd44616231e46dbfe87

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:14 GMT
content-encoding: gzip
server: OXGW/16.179.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://controlc.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/74190/0/ Frame 86EA 0
267 B 1144ms
31ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/74190/0/mvo?z=1r&hbv=3.12,2.1
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://controlc.com
Pragma: no-cache
Date: Tue, 24 Mar 2020 18:05:14 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 86EA 338 B
249 B 79ms
78ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1450834116111809&correlator=906307225956872&output=ldjh&impl=fifs&adsid=NT&eid=21065761%2C21064411&vrg=2020030501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200324&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=hb_name%3DURL_Pasted_728x90_BTF__86%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie=ID%3Ddb76b3373b0e5255%3AT%3D1585073110%3AS%3DALNI_MYumhs6BxlAJT5gxuITDd0qOF24Iw&cdm=controlc.com&bc=31&abxe=1&lmt=1585073113&dt=1585073113601&dlt=1585073110813&idt=114&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=50&adys=919&adks=554702876&ucis=41598kd2jl4b&ifi=1&ifk=4259585176&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F9e337e10&top=https%3A%2F%2Fcontrolc.com%2F9e337e10&dssz=11&icsg=554&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=931922687.1585073110&ga_sid=1585073114&ga_hid=1510556898&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

bb2a0bf7558f2f3523bb91c6464ddcad9c80f1f0677d6ea2e1ce8a0640ea179c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Mar 2020 18:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 159
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020030501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 86EA 69 KB
25 KB 43ms
42ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js?21065761

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Mar 2020 14:08:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25689
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:13 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 86EA 0
0 5ms
5ms Other
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030501.js?21065761
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 86EA 7 KB
5 KB 18ms
17ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020030501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js?21065761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae805373a1103863650e44160c57e0448b8854f6d5f86a7014fbadd8a8a8c31a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Mar 2020 18:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5264
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 86EA 14 KB
5 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030501.js?21065761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 18:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Tue, 24 Mar 2020 18:05:13 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 4F3F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://controlc.com/9e337e10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/9e337e10

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Tue, 24 Mar 2020 17:59:03 GMT
expires: Wed, 24 Mar 2021 17:59:03 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 370
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 86EA 0
58 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020030501&jk=1450834116111809&bg=!y8ilyNBYTtGnqmgWV8QCAAAAPFIAAAALmQF0GkCN3FFh-Sou0HpCqDRSNkgFS9L_dgHqGflTKFhJLcDF4jqNztZsN6dquoO9AKcPEnNO0wRP3mjtd1RiEg_fOGz_JyHrgUtYJoXdi5C5QBOX5dmGyx75JI4yJOgFrl6ha3u008cGt2aDwXlKXmAu_Bid7CxzR4nNjEqraxxwKXVdvOj3VSmintDkFJWouZyZUaKqWs2jN5G4vsw_dP-AIKgxDaW25qzbFfO6i3Z_WsPrcYPwoZp72nUJLm1KzsaQkmAzO8fiLu_3BsLPK93WoZZOTRnlQWwOu87OYMtdX3Q3B5LUfZDjdOGkmTMhfQDG-4JQHwjWIigz8XxCYDbwd_GAAm8bKiqJHTvZtDk3V0mudevdh0NJNR-zHuVVydB3URiajaHNOfHspcXY7aAT217RTSLjpIEmCmzMwxVnI_MYE79ZHmvNGKsuPsqYhkzVdsdllISH7G4-yntxwt1nfAFqE4_QdUlLSCBp57aBgkMKm8u0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 view.php Show response
controlc.com/api/tinypaste/ 2 B
220 B 45ms
45ms XHR
text/html 2606:4700:3031::681c:a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/api/tinypaste/view.php
Requested by: Host: controlc.com
URL: https://controlc.com/public/js/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873

Request headers

Accept: */*
Referer: https://controlc.com/9e337e10
Origin: https://controlc.com
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 24 Mar 2020 18:05:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.5.38
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 579251b96b372748-FRA

GET
H2

200

setuid
exchange.bidphysics.com/ Frame 86EA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fexchange.bidphysics.com%252Fsetuid%253Fbidder%253Dappnexus%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
https://exchange.bidphysics.com/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=6871446738144590781

0
478 B

97ms
97ms

Image
text/plain

54.236.169.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.bidphysics.com/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=6871446738144590781
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.169.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-169-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Tue, 24 Mar 2020 18:05:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 24 Mar 2020 18:05:21 GMT
AN-X-Request-Uuid: a2d8fe30-32ae-43a0-954b-92b684c60322
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://exchange.bidphysics.com/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=6871446738144590781
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.44.76.84; 185.44.76.84; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.43:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 86EA
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHpFPJo9e1oq9yakUHgtJho&google_cver=1

43 B
117 B

32ms
32ms

Image
image/gif

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHpFPJo9e1oq9yakUHgtJho&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.179.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:19 GMT
via: 1.1 google
server: OXGW/16.179.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:19 GMT
server: HTTP server (unknown)
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHpFPJo9e1oq9yakUHgtJho&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
exchange.bidphysics.com/ Frame 86EA
Redirect Chain

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BUID%5D
https://exchange.bidphysics.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&uid=dbccc4a1-3f46-478f-9397-096720491c75

0
385 B

97ms
97ms

Image
text/plain

54.236.169.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.bidphysics.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&uid=dbccc4a1-3f46-478f-9397-096720491c75
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.169.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-169-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Tue, 24 Mar 2020 18:05:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 24 Mar 2020 18:05:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://exchange.bidphysics.com/setuid?bidder=sonobi&gdpr=0&gdpr_consent=&uid=dbccc4a1-3f46-478f-9397-096720491c75
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
exchange.bidphysics.com/ Frame 86EA
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D&ox_sc=1
https://exchange.bidphysics.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=30d14805-e8fb-4973-9eee-bfa3c6f36aea

0
385 B

97ms
97ms

Image
text/plain

54.236.169.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.bidphysics.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=30d14805-e8fb-4973-9eee-bfa3c6f36aea
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.169.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-169-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/9e337e10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Tue, 24 Mar 2020 18:05:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Mar 2020 18:05:19 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
location: https://exchange.bidphysics.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=30d14805-e8fb-4973-9eee-bfa3c6f36aea
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: ob4cjrj11odo87cijb9e7o91vp2enr9l

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710558&size_id=2&rf=https%3A%2F%2Fcontrolc.com%2F9e337e10&tk_flint=pbjs_lite_v3.12.0&x_source.tid=98e6a365-58be-40bd-952e-b5b14e92b2ed&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4830978560337964

Domain: as-sec.casalemedia.com
URL: https://as-sec.casalemedia.com/cygnus?s=303653&v=7.2&r=%7B%22id%22%3A%22928ef08609f12f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221031544f5c0c61e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303653%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcontrolc.com%2F9e337e10%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.12.0

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			controlc.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: df72e7d9aaa8ffcb6f34a67bbbaaf135
			.controlc.com/	1970-01-19 09:01:05	Name: __cfduid Value: dd7cbaafc0f7857f5ed963cfaafaae4451585073109

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js(Line 6) Message: GPT does not support passback slots on the top window. Each passback slot should be defined and rendered within an iframe.
console-api	log	URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=5328151585073110217(Line 34) Message: %c [object HTMLImageElement]
console-api	log	URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=3743011585073110222(Line 34) Message: %c [object HTMLImageElement]
console-api	log	(Line 10) Message: [object Object]
console-api	log	(Line 10) Message: [object Object]
console-api	info	URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003101714470 https://controlc.com/9e337e10
console-api	warning	URL: https://cdn.ampproject.org/rtv/012003101714470/amp4ads-v0.js(Line 20) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=CHD531kt6Xo_1KMPtgAeFu4eACKy1u-Zb9sy2_4EKr4G649cCEAEg1ubFWGC7vq6D0AqgAdL4y-IDyAEB4AIAqAMBqgTNAU_Q81PbYEooJDuN9wLflhik5KOhmBe9lF555HHR9ly3CEwInIW5StUWdRJn3jTPKuLSMX0nNfevsEW8kgQyA6j1Ik0N1AzW8zTpJz9zQo9U4rPpuoziBn9nrs8C-W7uqM5JcimJonqG6gXXNw9wfvShG2F5C6xCfbAfYIFj7-Px-wh1qLn2KsJ3FHuorbJ6y8g3QTGfaWAr4LCe56zh7t9DJZXsmm5F0hNrx-Q1jY65AEtWErJK2KXla78R4DRgRMsz6MmMmbW81jwumVzABJOsl6yUAuAEAYAHgYjWQ6gHjs4bqAfVyRuoB5PYG6gHn9sbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEO_NDNIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTI5MzQ0NzU5MDcwNjk5MYAKA8gLAdgTA4gUBA&sigh=jNTlgx1kUJM&vt=1&template_id=5001
console-api	warning	(Line 1) Message: NO prebid responses1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads3.mthsense.com
adservice.google.co.uk
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ap.lijit.com
api.twitch.tv
as-sec.casalemedia.com
cdn.ampproject.org
cdn.carbonads.com
cdn.fancybar.net
cm.g.doubleclick.net
controlc.com
d2tbmvllb55wxq.cloudfront.net
e.serverbid.com
eu-u.openx.net
exchange.bidphysics.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
os4m-d.openx.net
pagead2.googlesyndication.com
rtb.openx.net
securepubads.g.doubleclick.net
srv.carbonads.net
ssc.33across.com
stats.g.doubleclick.net
sync.go.sonobi.com
tag.1rx.io
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
yadloop.com
ap.lijit.com
as-sec.casalemedia.com
fastlane.rubiconproject.com
ssc.33across.com
13.224.89.118
151.101.114.214
172.217.22.2
178.128.255.192
178.162.133.149
185.33.223.216
206.189.254.17
213.19.147.210
216.58.207.38
216.58.207.66
23.111.10.140
23.111.10.144
2606:4700:3031::681c:a81
2606:4700::6811:4104
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:808::2004
2a00:1450:4001:814::2003
2a00:1450:4001:816::200a
2a00:1450:4001:819::2002
2a00:1450:4001:81b::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:821::2001
2a00:1450:4001:821::2002
2a00:1450:400c:c06::9d
34.95.120.147
35.241.44.144
40.84.148.247
54.236.169.205
99.86.7.26
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea
0a75f3388199fd2a59219cf709eb5cdf7bb8f6080314a02e89cb87330482ad13
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2
11b66ed164137ad0570f93469e4da941237ac0633a612098f8652b3d369d251c
1583a06197cc39cc76c4e70e30dce315c3cc6d310cd1c09d2574b8ef9685cc0d
1a25981122fae9b74f9cabe06d1f134ba8320b62095fdb6543118f0e60b52bb1
1a4f0e8c39215f22253ccbba8d94aaf7d5cce967a7f746234af6750de3df5af3
26fd020a6c1f169eab6b6232014e6e6d067788f63a8995b682ee77d6f41b56cd
2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6
31c70fc4fa7dee6db3f53f0c1db540813dfc6523f0226634179a701062d3e616
31cc8647294d84a6e713ae8ea1d09db2519d06e8e92ee9d97a6410b6d847f0b3
351e508c1da4f9d1535747086accb41121466a52044aa868eba4a36009fdb101
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3d0c18b56d3b9bd3640250af1ce1e624bda890531f830d64c99d45e6c07bb349
41048ad6f6b38dd8ee1133f6d4089bfbe00a49b12a6e08e5edd1ffec387d0aa1
439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986
4486f4e70d7321e8f64da51c38b50767e846bdaf4ef3441d628f27a4f8952c10
467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea72cb36422f947702cdb12eff5c45440e31c05c58f9ff5ed38c2533b7fcafa
50d427c9781620c9c79232b1a4db8265f429a170f2b01752378c45bda462f204
5a1b118736ba9dc41f144f350574bec748a1ba0e8b355a99cbfe570ad236b50e
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5ebbb37c6498cc132b7f7d84b5757060c763fa670456b72cfd8d2eb721831958
5f6fd23179ce90bd76fe145db6f5f42383fc338458aaefdac542cb1f2932bd3c
72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9
770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718
7b8ef4f3c2daa40e68de70096105302da24a586c1d75b620dff0ff579db73ba8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
804fa9160ddf64b80e76c1651e3b98f9155c783e30dc9db74287c2c56e1caf4b
86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced
8ee04e0441c9e51785d17ac835a93cf4d30d90826f87350b42ba233496a26f55
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
98de3f600c4ff915204d27a70fd224d9b428158a28c7b6d8e8d63ba2a0f6c374
9a78a17b8317bd16e045805ab8a175f47e5c0ebcdef50619ab70fa10e63d4474
9d4c7e29b87c8f2f556b17136fb1595f4befce5192f75e2281fea853ae3358d4
9e2d9ca4747e0ea62d8c385aded4ae6a6ec015d8b610275b97c175bc617e8509
a07183e063a79a699b732e200a3accdf4716cbc6e8bf8a6a709b9adba07d998d
a34c05a07f4961b4adc12ca51a9b77ca4133021bccab54c5eb44e84d5ea38d5d
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
ae805373a1103863650e44160c57e0448b8854f6d5f86a7014fbadd8a8a8c31a
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1a1cafdfb016091489e6045f6ee6178493a7af98f9d3f2dcef7cf354e5916ed
b3b896527ac9e8e1f99a2283eff9f02c317fe16e29e71dd44616231e46dbfe87
b6a57a4f1907adf3d6a1640c8b1302862cdb93def66215280b11e4ef2ed9059a
bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2
bb2a0bf7558f2f3523bb91c6464ddcad9c80f1f0677d6ea2e1ce8a0640ea179c
bd3a3136be4915947956c6be4e2c0c1fefb9d4368ddd619afe8d611b936c1580
bdec621389e32233d64418022a23c898c24b3ac19a0399246bb954dc614e4aef
c2b0d171a4179bf00898c430c1c15464e528aff5762fc70a5d02184834c82eff
c3ff9d7997b146210855bc695e1004c041080e328a28f6b1c65e97bd1abd42ee
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd
dab1b4b8c847f3e82a6f6a9a276b1d7a4ffa5e1a735e0f3b433a77ce18cdd142
dd67767c31dc810b77952c560b17434acdcf7037101f63d20994ae7960ea5076
e17e03dc3ff1767a8d185975a2bf392068a0b2f2848503c38ceaa3f10fb0ea84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eada136c924874367d33d22fb496800b3f6f4e97f457829d2c18b5d41f1019a5
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ee89179632a5cc3c8841b16c3ba6bff551eb6179c7c7d025ec97c210178f8e0e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b
f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3
fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08
ffdc18ac8f47bcd50dd9c33532c334e7073717a62b367d95b9cb1561048547dc

controlc.com Open in urlscan Pro 2606:4700:3031::681c:a81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

145 Requests

97 %HTTPS

47 %IPv6

29 Domains

39 Subdomains

29 IPs

6 Countries

1386 kBTransfer

3608 kBSize

2 Cookies

0 Outgoing links

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

controlc.com Open in urlscan Pro
2606:4700:3031::681c:a81 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

97 %
HTTPS

47 %
IPv6

29
Domains

39
Subdomains

29
IPs

6
Countries

1386 kB
Transfer

3608 kB
Size

2
Cookies

145 HTTP transactions
4 data transactions