imgtu.com Open in urlscan Pro
104.21.88.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.imgchr.com/
Effective URL:
https://imgtu.com/
Submission: On February 27 via api (February 27th 2021, 3:50:59 am UTC) from US

Summary HTTP 39 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 39 HTTP transactions. The main IP is 104.21.88.185, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgtu.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 2nd 2021. Valid for: a year.

This is the only time imgtu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	129.146.44.23 129.146.44.23	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
9	104.21.88.185 104.21.88.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
39	13

1 129.146.44.23 (Phoenix, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

www.imgchr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.21.88.185 (United States)

ASN13335 (CLOUDFLARENET, US)

imgtu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	185 KB
9	imgtu.com imgtu.com	509 KB
4	doubleclick.net googleads.g.doubleclick.net	28 KB
2	googletagservices.com www.googletagservices.com	61 KB
2	google-analytics.com www.google-analytics.com	126 B
2	baidu.com hm.baidu.com	15 KB
1	gstatic.com www.gstatic.com	11 KB
1	google.com adservice.google.com	243 B
1	google.de adservice.google.de	546 B
1	googleadservices.com partner.googleadservices.com	637 B
1	googletagmanager.com www.googletagmanager.com	53 KB
1	imgchr.com 1 redirects www.imgchr.com	74 B
39	12

	Domain	Requested by
9	imgtu.com	imgtu.com
8	pagead2.googlesyndication.com	imgtu.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com
2	hm.baidu.com	imgtu.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	imgtu.com
1	www.imgchr.com	1 redirects
39	13

This site contains links to these domains. Also see Links.

Domain
imgsha.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-02` - `2022-01-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-10-20` - `2021-07-26`	9 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://imgtu.com/
Frame ID: D7AF8DFF911A42A8988947C873B36125
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html
Frame ID: 53A5DA82A460829F2B0DBBFF343820AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&adk=3895348141&adf=3876334049&lmt=1614397832&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fimgtu.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614397832722&bpp=13&bdt=1086&idt=82&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5802724025214&frm=20&pv=2&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=99
Frame ID: 6E6C3257FCBD336FCDF3542D235AF1C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98
Frame ID: 92EFAA03F6D6A9FA6D5F28B490006D93
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Frame ID: F2308C3FA65415C3E41248EF8B2C18E5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: E7F21BAE96CEA837B52DB501EAFB7AA7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.imgchr.com/ HTTP 301
https://imgtu.com/ Page URL

Detected technologies

Chevereto (Photo Galleries) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Chevereto ?([0-9.]+)?$/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Chevereto ?([0-9.]+)?$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

39
Requests

100 %
HTTPS

69 %
IPv6

12
Domains

13
Subdomains

13
IPs

3
Countries

863 kB
Transfer

2083 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://imgsha.com/page/buy
Title: 付费套餐

Search URL Search Domain Scan URL

URL: https://imgsha.com/
Title: 电商图床

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.imgchr.com/ HTTP 301
https://imgtu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
imgtu.com/
Redirect Chain

https://www.imgchr.com/
https://imgtu.com/

163 KB
41 KB

2379ms
1955ms

Document
text/html

104.21.88.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://imgtu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.88.185 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23e72b5c977103b1b594b8914b5c5ff244e193a838f17b467f4a685355f55a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: imgtu.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:31 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dafe8086a7f672dada3fb02608b113a6d1614397829; expires=Mon, 29-Mar-21 03:50:29 GMT; path=/; domain=.imgtu.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=l27q0b3mbj3ops8ff1olkc5pq0; path=/; HttpOnly
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
x-via: 1.1 us31-ovh (random:557565 opencache/3.8.2)
x-cache: MISS
cf-cache-status: DYNAMIC
cf-request-id: 0883350a4300002056a011f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LXRns1MySRUYoAwGOK8sRska65VKE7JBPUWt1MIUaWUWtfXj5wDvbq54o8gtPFKIvGy%2FS8ioD1EtT%2BbgXDBP2VF2PmDEgxnXHLA%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 627ef1239c7b2056-AMS
content-encoding: br

Redirect headers

server: nginx
date: Sat, 27 Feb 2021 03:50:29 GMT
content-type: text/html
content-length: 162
location: https://imgtu.com/

GET
H2 200 peafowl.min.css
imgtu.com/lib/Peafowl/ 117 KB
22 KB 983ms
983ms Stylesheet
text/css 104.21.88.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgtu.com/lib/Peafowl/peafowl.min.css?4f362777f18c8fe23c33a40c511461ce
Requested by: Host: imgtu.com
URL: https://imgtu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.88.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83db129de3b734e69485dacab90e05d6994156f82b48929aba9983320e02c709

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:32 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 26 Sep 2020 01:32:22 GMT
server: cloudflare
etag: W/"5f6e9a26-1d42d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uznWxVr%2FVIeU99PsNCbwRmzBfjrHjjd8Vum9%2Bp0Ep%2FXRrCmuNRJlocjwYxZG0REwbdiPuRsFPupKm5JPcb%2FCkmvk5S2P4%2B8q2BY%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ef12fefbe2056-AMS
cf-request-id: 08833511ec00002056c104e000000001

GET
H2 200 style.min.css
imgtu.com/app/themes/Peafowl/ 35 KB
8 KB 958ms
958ms Stylesheet
text/css 104.21.88.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgtu.com/app/themes/Peafowl/style.min.css?4f362777f18c8fe23c33a40c511461ce
Requested by: Host: imgtu.com
URL: https://imgtu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.88.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37864592c4e760e4a857bb9040ddd70d451e87c3fcff719907c3d36779eb49b

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:32 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 26 Sep 2020 01:32:26 GMT
server: cloudflare
etag: W/"5f6e9a2a-8d70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jTWsWHDxGY%2F%2BzGrNn5Ch%2Fx8Yj6B05GSbCaDD3zy5VgTlcX%2FCG9N%2BzDC3atEnAG77YKPfO5qA81C5i4epGhTscJCi62DmJdPK2sg%3D"}],"max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ef12fefbf2056-AMS
cf-request-id: 08833511ed000020568f861000000001

GET
H2 200 logo_homepage_1614099241093_2dd41b.png
imgtu.com/content/images/system/ 3 KB
3 KB 50ms
49ms Image
image/png 104.21.88.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgtu.com/content/images/system/logo_homepage_1614099241093_2dd41b.png

Requested by

Host: imgtu.com
URL: https://imgtu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.88.185 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85c389d195d34739496f687adb6e31853b1ff24e24b5ea05a874e4be89a69635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 210201
content-length: 2938
cf-request-id: 08833515ae0000205695183000000001
last-modified: Tue, 23 Feb 2021 16:54:00 GMT
server: cloudflare
etag: "60353328-b7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pU17M%2FU%2FLQYK9PxCbQ%2FtyuxTReTlavaef4Q8iRnnxwe2bdE86ZMdeeQZmf%2FL7Ox0YRizbC7BEYg1fDaS9kILig1nxnLjziHKJSg%3D"}],"max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 627ef135ed1e2056-AMS
expires: Fri, 26 Mar 2021 17:27:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 40ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: imgtu.com
URL: https://imgtu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2467a9fefa378b8d57d62d9108794bcd476de6ce2cc1ba42ea85200fd73960b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49420
x-xss-protection: 0
server: cafe
etag: 13386428730629145965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 27 Feb 2021 03:50:32 GMT

GET
H2 200 scripts.min.js Show response
imgtu.com/lib/Peafowl/js/ 246 KB
74 KB 729ms
728ms Script
application/javascript 104.21.88.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgtu.com/lib/Peafowl/js/scripts.min.js?4f362777f18c8fe23c33a40c511461ce
Requested by: Host: imgtu.com
URL: https://imgtu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.88.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bbfa667aeb7a0ae9eb507af934f21bf61d1f1c57fbcccf8fb0370e76576f55b

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 26 Sep 2020 01:32:22 GMT
server: cloudflare
etag: W/"5f6e9a26-3d770"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uIZK%2BovW9XESQ8a8vvmFHHVThzTVcqRhRX%2Bzm6VohgWhuZOJsUN0Qxon3szcZXYG2kDa%2BDbopoD1MZt%2FiSCvz%2B9GZnwaPfGRovw%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ef1361d5b2056-AMS
cf-request-id: 08833515d300002056fc3cf000000001

GET
H2 200 peafowl.min.js Show response
imgtu.com/lib/Peafowl/ 186 KB
50 KB 702ms
701ms Script
application/javascript 104.21.88.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgtu.com/lib/Peafowl/peafowl.min.js?4f362777f18c8fe23c33a40c511461ce
Requested by: Host: imgtu.com
URL: https://imgtu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.88.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d49a395a3a10dffbed4c811e3ad5dcaa8e64c4ceadacde32233aca5301dda0f1

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 26 Sep 2020 01:32:22 GMT
server: cloudflare
etag: W/"5f6e9a26-2e690"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s7oLk9WgwWPRjHe6n1kiO2Tq7fbYJLiSNwLcUjx0B%2BopooFl62F%2FRZfUkV%2FHARmeG5lR2%2BTBKxhNw0l%2FW8OyeRKp%2B58SVpnGfuY%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ef1361d5d2056-AMS
cf-request-id: 08833515d3000020568f889000000001

GET
H2 200 chevereto.min.js Show response
imgtu.com/app/lib/ 118 KB
26 KB 718ms
718ms Script
application/javascript 104.21.88.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgtu.com/app/lib/chevereto.min.js?4f362777f18c8fe23c33a40c511461ce
Requested by: Host: imgtu.com
URL: https://imgtu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.88.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38ae34649a3dfaf9019a142c952801d0ef833bdcb012a2019b8bd3e6eaa24f5c

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 28 Nov 2020 11:02:17 GMT
server: cloudflare
etag: W/"5fc22e39-1d9f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8777jkhlR5%2FWtYJMvk7LyU7ensHJ7yr69QuZ5x%2BDODsjQt%2BdIemGtBYmkag4CqGqnxU1A63Wg3RFlT9U2pdXcFBOojOvTR9ZD8A%3D"}],"max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 627ef1361d5e2056-AMS
cf-request-id: 08833515d30000205699bfb000000001

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 137 KB
53 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2L1GG84H04

Requested by

Host: imgtu.com
URL: https://imgtu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad182ff5d6bf1176d22dc8bbd1f8ad5544efbaf691fdfaea815b93b84309c796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53672
x-xss-protection: 0
expires: Sat, 27 Feb 2021 03:50:32 GMT

GET
H2 200 icomoon.woff
imgtu.com/lib/Peafowl/fonts/ 120 KB
120 KB 741ms
741ms Font
font/woff 104.21.88.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://imgtu.com/lib/Peafowl/fonts/icomoon.woff?x4x4bl
Requested by: Host: imgtu.com
URL: https://imgtu.com/lib/Peafowl/peafowl.min.css?4f362777f18c8fe23c33a40c511461ce
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.88.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 733b969fbec87646d0d657e46b46e3fb3b97e7afa65043798b6df8dffe0305b9

Request headers

Origin: https://imgtu.com
Referer: https://imgtu.com/lib/Peafowl/peafowl.min.css?4f362777f18c8fe23c33a40c511461ce
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:33 GMT
cf-cache-status: REVALIDATED
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 122496
cf-request-id: 08833515d5000020568f2a3000000001
last-modified: Sat, 26 Sep 2020 01:32:22 GMT
server: cloudflare
etag: "5f6e9a26-1de80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mKWmS5hmmWnwoO31483eyfxg9rxNwUx6bGfx7OQSdUtehLP37LeNQqomBRJ5lKxBNi2x9JCQhcXm%2FEOq7g7Nz1%2FfPD7Y%2FAngBqg%3D"}],"max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 627ef1362d642056-AMS

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 39 KB
14 KB 1102ms
427ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?55b3353e0477d9e68e0af53ac08c3c42

Requested by

Host: imgtu.com
URL: https://imgtu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cbcfe8a0f554bcd23833402b4e54091800809ba6f0d105402673b26ab82324b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 27 Feb 2021 03:50:33 GMT
Content-Encoding: gzip
Server: apache
Etag: eadcf9ef116e0548d5c6ad8a1acd56be
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14038

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ 227 KB
86 KB 62ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5667490404514937&plah=imgtu.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 27 Feb 2021 03:50:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/ Frame 53A5 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210224/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imgtu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imgtu.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 27 Feb 2021 00:12:56 GMT
expires: Sat, 13 Mar 2021 00:12:56 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 13056
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 collect
www.google-analytics.com/g/ 0
67 B 13ms
13ms Other
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2L1GG84H04&gtm=2oe2h0&_p=768100242&sr=1600x1200&ul=en-us&cid=456158825.1614397833&_s=1&dl=https%3A%2F%2Fimgtu.com%2F&dt=%E8%B7%AF%E8%BF%87%E5%9B%BE%E5%BA%8A%20-%20%E5%85%8D%E8%B4%B9%E5%9B%BE%E7%89%87%E4%B8%8A%E4%BC%A0%2C%20%E4%B8%93%E4%B8%9A%E5%9B%BE%E7%89%87%E5%A4%96%E9%93%BE%2C%20%E5%85%8D%E8%B4%B9%E5%85%AC%E5%85%B1%E5%9B%BE%E5%BA%8A&sid=1614397832&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2L1GG84H04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 03:50:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgtu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
637 B 96ms
39ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=imgtu.com&callback=_gfp_s_&client=ca-pub-5667490404514937

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5667490404514937&plah=imgtu.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0759ea47cfd4b12e397888c41f2ae188e5239efdbeeb99733b17157b8137c768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
546 B 24ms
23ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imgtu.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 03:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
243 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imgtu.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 03:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 38ms
38ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fimgtu.com%2F&tn=HEADER&id=top-bar&cls=top-bar%20transparent%20black&ign=false

Requested by

Host: imgtu.com
URL: https://imgtu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 03:50:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E6C 3 KB
1 KB 83ms
70ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&adk=3895348141&adf=3876334049&lmt=1614397832&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fimgtu.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614397832722&bpp=13&bdt=1086&idt=82&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5802724025214&frm=20&pv=2&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=99

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fef86734b7a7213e0341ebb20a7ee781506d80c3b91b802b34bb717ec98a794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5667490404514937&output=html&adk=3895348141&adf=3876334049&lmt=1614397832&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fimgtu.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614397832722&bpp=13&bdt=1086&idt=82&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5802724025214&frm=20&pv=2&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imgtu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imgtu.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 27 Feb 2021 03:50:32 GMT
server: cafe
content-length: 575
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 27-Feb-2021 04:05:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Feb 2021 03:50:32 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sat, 27 Feb 2021 03:50:32 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 92EF 65 KB
22 KB 280ms
277ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c126a9a0d9618abbc56e1b15e6284b994021c2045890dd9232ab5faeb82423a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imgtu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imgtu.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 27 Feb 2021 03:50:33 GMT
server: cafe
content-length: 22723
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 27-Feb-2021 04:05:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 27 Feb 2021 03:50:33 GMT
cache-control: private

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 92EF 2 KB
1002 B 31ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 02:33:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Mar 2021 02:33:01 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 92EF 18 KB
8 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 02:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Mar 2021 02:55:23 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 92EF 3 KB
2 KB 29ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Mar 2021 03:21:55 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92EF 107 KB
33 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Sat, 27 Feb 2021 03:50:33 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 92EF 14 KB
6 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Mar 2021 03:46:34 GMT

GET
H2 200 5d4b6918ba53c75bacf90c3e9a55021e.js Show response
www.gstatic.com/mysidia/ Frame 92EF 25 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d4b6918ba53c75bacf90c3e9a55021e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 14:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Feb 2021 08:27:31 GMT
server: sffe
age: 135514
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10833
x-xss-protection: 0
expires: Wed, 26 May 2021 14:11:59 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 92EF 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPPiDiME5YNOjNZeqmLAPvPCsgAi41b61YeaM6o6aDcGX5ODcDhABIMXa3gZglQKgAZyv-6gCyAEJqAMByAPLBKoEowFP0G-5lPO2YG10cbG5d0xsSj9o8ntnI8u9oXP2aT0nON8yp9xo6-dRXfjieTZ4hEXG9xt4RZw5P6BYgO4nrLqiLQjP1bUyrWKRN0Ob6qMfJeJx8UB919rUEXJDvwJDRoqX9uEwhRsP310p6G-TQ6bGBwJHO2haogrSGTDaYF6hzCpuVHsfCrn83k7HElhK-wwxZ0AdSJ1oQ0f_JvEpPocaXHc8wATQt9DTzwOSBQQIBBgBkgUECAUYBKAGLoAHzNCE1wGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ-Poz0ggJCIDhgBAQARgfgAoByAsB2BMNiBQBshcaChgIABIUcHViLTU2Njc0OTA0MDQ1MTQ5Mzc&sigh=Lu9m8AUfNjg&template_id=484&tpd=AGWhJmuPIAGRhv96jedF9ygmSsVUve4Fm_g5lbIjBeWLkit7-w

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Feb 2021 03:50:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Feb 2021 03:50:33 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7995395839725261445/ Frame 92EF 3 KB
3 KB 25ms
12ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7995395839725261445/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84a343c2906d2596e84833484bb2ebb5fca2d316e0225cac509e308309cc0629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 15:30:58 GMT
x-content-type-options: nosniff
age: 476375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2879
x-xss-protection: 0
last-modified: Fri, 09 Oct 2020 11:56:23 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 15:30:58 GMT

GET
DATA 200
OK truncated
/ Frame 92EF 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 92EF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8415bcc325eb88fc67f2b0f01235b304bcb84f252c502815699f7281286341d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame F230 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 17:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 210699
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Thu, 24 Feb 2022 17:18:54 GMT

GET
H2 200 home_cover_1601010270144_8921bc.jpg
imgtu.com/content/images/system/ 164 KB
165 KB 53ms
53ms Image
image/jpeg 104.21.88.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgtu.com/content/images/system/home_cover_1601010270144_8921bc.jpg

Requested by

Host: imgtu.com
URL: https://imgtu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.88.185 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9f665e64965f274ba7829d43ca13adc2ded862630e8e32fe9c757c4e742cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 266428
content-length: 167959
cf-request-id: 08833518fc0000205692008000000001
last-modified: Fri, 25 Sep 2020 05:04:30 GMT
server: cloudflare
etag: "5f6d7a5e-29017"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=acpIM%2Bu1i%2FuMXdj68mBawnSxii10kbXTSxQIi%2BrRdky2XH1A9C%2FJUVLvd4aLj25P79foSRm%2BnPrJMD0WY6RgJqdS9xOBbR7B7rE%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 627ef13b2a432056-AMS
expires: Fri, 26 Mar 2021 01:50:05 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 92EF 42 B
501 B 59ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvc0ehXjn919FCwr_SmaIONO-sx4Ng4ypUdrkO2-K7PvlKbsELaXFnRDRHS_tWlUobKaqKbRc90t0ML1CKeSuJSazxk1vKLUgSUob8xz-0vVyFIcvfDjU46ixWRpg&sai=AMfl-YQq7X5P9KWCuqiYqiIeGnqO6r-4ERBBwUj5RRMJvRj6v1YVfH7DK-T84Rlvb4_gTgBOZTXHcFiZwx49&sig=Cg0ArKJSzAEVgvGLQxLCEAE&id=osdim&mcvt=1002&p=654,566,714,1034&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210226&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2194909659&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614397832835&dlt=282&rpt=49&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667490404514937&output=html&h=60&slotname=3640527447&adk=2194909659&adf=2429043108&pi=t.ma~as.3640527447&w=468&lmt=1614397832&psa=0&format=468x60&url=https%3A%2F%2Fimgtu.com%2F&flash=0&wgl=1&dt=1614397832735&bpp=3&bdt=1099&idt=93&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5802724025214&frm=20&pv=1&ga_vid=456158825.1614397833&ga_sid=1614397833&ga_hid=768100242&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=566&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44737536%2C44736524&oid=3&pvsid=878182771945703&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9pYKKkU86y&p=https%3A//imgtu.com&dtd=98
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 03:50:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 413ms
413ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1076499152&si=55b3353e0477d9e68e0af53ac08c3c42&v=1.2.80&lv=1&sn=8645&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fimgtu.com%2F&tt=%E8%B7%AF%E8%BF%87%E5%9B%BE%E5%BA%8A%20-%20%E5%85%8D%E8%B4%B9%E5%9B%BE%E7%89%87%E4%B8%8A%E4%BC%A0%2C%20%E4%B8%93%E4%B8%9A%E5%9B%BE%E7%89%87%E5%A4%96%E9%93%BE%2C%20%E5%85%8D%E8%B4%B9%E5%85%AC%E5%85%B1%E5%9B%BE%E5%BA%8A

Requested by

Host: imgtu.com
URL: https://imgtu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Feb 2021 03:50:34 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
32ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce6b9835143c6645d18fe484cdb08d790f9ccdb0d76b63f03e35c67b2b898ca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Feb 2021 03:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6452
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 03:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 27 Feb 2021 03:50:35 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame E7F2 12 KB
5 KB 34ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imgtu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imgtu.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 26 Feb 2021 18:17:50 GMT
expires: Sat, 26 Feb 2022 18:17:50 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 34365
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame E7F2 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 17:18:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 210701
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Thu, 24 Feb 2022 17:18:54 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=878182771945703&bg=!GRqlGlnNAAXB_3NtwTsAKQB2-DxaEcToKtFnloIECfi33WCGp5xH43EBV0L8yrn026kf4BBO3SY9AgAAAHhSAAAADGgBBwoBIWZRZ0QLMzUQnhYfkh0u5BHhMxHjQ8g-9-1edUVydmpriJumwWxxHUs1dQIYlfVj1kcJGrBk9SnQskcOUJDIMY4K56FfsMjtqrluPZADgegUK6qpZ2eEdUwGeQwm-Oo9Q9vHCRpw0yCVIyGWuzKbZAx5MztpU1PpRm4LE8_Sj3cYa7lRyDoPF_NsU9mHdD6QrqZm-o3gExhNby2NXWdgrE9EuOi-IbIpnTCcsb9gRH26p-ZBVZHpqga40Ypk5YAj5U6rIIe4rTYxP9FYa14Q7uc-bMTtiTcXFMtVX7Gg_upyHZTg3QRQRB5TYidSMRk4gBnH_t-GEBio1QaHWs0g6Z5-F5k-KUCcH4jTaJAfZDVaSo96sixpdh3p74MCsfi3J3aZAc33hIaItgEubct1Fg6PKpnSJW7BN6pZ7PtTD914kopY-InCQqQF1ZSlOhtqGm6171TeElzw3TFdqjyIOpFtWEOfIdXCuc4UHoWUYoud-zMNwlDeDt4VMNUo8SWCc6F3AmWd3xbrWckPgpTgJZ0u3Vk06aYGuEcrzS_JAykf0EliX-1TsJL2WN17MIXt2FL6blQLheTbUm-b4GdB-hoTuhFQU1qgaT262iw3xmDUnkawPdsH9YAcjSGQJ6XfqGBOMyoyCeHz3ZLBze3DujnPmLCSFdpraOOqM9UJMDtAL8ycTXF_QJsVYAxJGarubXvyFHkBl_W5dcsin5dEuq4ApT4gSaGHqB_B0pqmRiAjcwUSLA8utjHnI86yTBYc1cgs9eMUy3C5qr0aVw50O3-waqI-BRNdlzzhVbq4JE4k6drHQ6Ic5KFpQXs4xgOT5xGfDuHtmH-xWEvxBoMVlTpiU_orMhMJDG1-tl7xGw5lVlRh5Y12AHN19Jtpm2P3JqsB4ixhsopnZiR5503yk9xWuVvhx7hrSushqYX7Ik2dP81jBWCboggNMxhogoqrQ3vl6v5k_h6Okl3GkAaeoBFdNDkzrsqkkMwA6gOjVbxPIw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 03:50:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
59 B 13ms
12ms Other
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2L1GG84H04&gtm=2oe2h0&_p=768100242&sr=1600x1200&ul=en-us&cid=456158825.1614397833&_s=2&dl=https%3A%2F%2Fimgtu.com%2F&dt=%E8%B7%AF%E8%BF%87%E5%9B%BE%E5%BA%8A%20-%20%E5%85%8D%E8%B4%B9%E5%9B%BE%E7%89%87%E4%B8%8A%E4%BC%A0%2C%20%E4%B8%93%E4%B8%9A%E5%9B%BE%E7%89%87%E5%A4%96%E9%93%BE%2C%20%E5%85%8D%E8%B4%B9%E5%85%AC%E5%85%B1%E5%9B%BE%E5%BA%8A&sid=1614397832&sct=1&seg=0&en=scroll&_et=2421&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2L1GG84H04
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imgtu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 03:50:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://imgtu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.imgtu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_55b3353e0477d9e68e0af53ac08c3c42 Value: 1614397835
			.imgtu.com/	1970-01-20 01:12:13	Name: Hm_lvt_55b3353e0477d9e68e0af53ac08c3c42 Value: 1614397835

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
hm.baidu.com
imgtu.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.imgchr.com
103.235.46.191
104.21.88.185
129.146.44.23
142.250.186.162
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
0759ea47cfd4b12e397888c41f2ae188e5239efdbeeb99733b17157b8137c768
1bbfa667aeb7a0ae9eb507af934f21bf61d1f1c57fbcccf8fb0370e76576f55b
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
23e72b5c977103b1b594b8914b5c5ff244e193a838f17b467f4a685355f55a31
2467a9fefa378b8d57d62d9108794bcd476de6ce2cc1ba42ea85200fd73960b3
292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
38ae34649a3dfaf9019a142c952801d0ef833bdcb012a2019b8bd3e6eaa24f5c
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
5fef86734b7a7213e0341ebb20a7ee781506d80c3b91b802b34bb717ec98a794
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
733b969fbec87646d0d657e46b46e3fb3b97e7afa65043798b6df8dffe0305b9
83db129de3b734e69485dacab90e05d6994156f82b48929aba9983320e02c709
84a343c2906d2596e84833484bb2ebb5fca2d316e0225cac509e308309cc0629
85c389d195d34739496f687adb6e31853b1ff24e24b5ea05a874e4be89a69635
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8c126a9a0d9618abbc56e1b15e6284b994021c2045890dd9232ab5faeb82423a
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
a37864592c4e760e4a857bb9040ddd70d451e87c3fcff719907c3d36779eb49b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ad182ff5d6bf1176d22dc8bbd1f8ad5544efbaf691fdfaea815b93b84309c796
cbcfe8a0f554bcd23833402b4e54091800809ba6f0d105402673b26ab82324b1
ce6b9835143c6645d18fe484cdb08d790f9ccdb0d76b63f03e35c67b2b898ca5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d49a395a3a10dffbed4c811e3ad5dcaa8e64c4ceadacde32233aca5301dda0f1
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de9f665e64965f274ba7829d43ca13adc2ded862630e8e32fe9c757c4e742cb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
f8415bcc325eb88fc67f2b0f01235b304bcb84f252c502815699f7281286341d
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

imgtu.com Open in urlscan Pro 104.21.88.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

69 %IPv6

12 Domains

13 Subdomains

13 IPs

3 Countries

863 kBTransfer

2083 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

imgtu.com Open in urlscan Pro
104.21.88.185 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

69 %
IPv6

12
Domains

13
Subdomains

13
IPs

3
Countries

863 kB
Transfer

2083 kB
Size

2
Cookies

39 HTTP transactions
2 data transactions