galatruc.net Open in urlscan Pro
2606:4700:3032::ac43:a734 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://galatruc.net/telecharger-kmspico/
Submission: On March 04 via manual (March 4th 2021, 7:43:02 am UTC) from MG

Summary HTTP 237 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 64 IPs in 8 countries across 62 domains to perform 237 HTTP transactions. The main IP is 2606:4700:3032::ac43:a734, located in United States and belongs to CLOUDFLARENET, US. The main domain is galatruc.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2020. Valid for: a year.

This is the only time galatruc.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
87	2606:4700:303... 2606:4700:3032::ac43:a734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::6815:3d31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	99.86.3.28 99.86.3.28	16509 (AMAZON-02) (AMAZON-02)
4	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
16	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	18.156.95.187 18.156.95.187	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1 3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	213.19.147.210 213.19.147.210	3356 (LEVEL3) (LEVEL3)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	18.192.15.110 18.192.15.110	16509 (AMAZON-02) (AMAZON-02)
3 7	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:20e... 2600:9000:20eb:2e00:1f:df94:f9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
6	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	54.36.109.166 54.36.109.166	16276 (OVH) (OVH)
2	23.218.208.200 23.218.208.200	16625 (AKAMAI-AS) (AKAMAI-AS)
3	143.204.93.227 143.204.93.227	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:ac00:1f:2473:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
6	52.8.165.105 52.8.165.105	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.153.71 35.156.153.71	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3 4	34.246.149.44 34.246.149.44	16509 (AMAZON-02) (AMAZON-02)
2 6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	213.155.156.185 213.155.156.185	1299 (TELIANET ...) (TELIANET Telia Carrier)
1 21	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5 5	54.228.192.197 54.228.192.197	16509 (AMAZON-02) (AMAZON-02)
5 7	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	87.98.242.60 87.98.242.60	16276 (OVH) (OVH)
1	63.251.232.170 63.251.232.170	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
2 2	35.157.48.14 35.157.48.14	16509 (AMAZON-02) (AMAZON-02)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.190.106 185.64.190.106	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2 2	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
2 2	185.29.133.199 185.29.133.199	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
3 3	18.194.69.213 18.194.69.213	16509 (AMAZON-02) (AMAZON-02)
2 2	52.50.99.220 52.50.99.220	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
3 4	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	52.17.137.119 52.17.137.119	16509 (AMAZON-02) (AMAZON-02)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
2	52.217.85.228 52.217.85.228	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:fa00:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:6200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
237	64

87 2606:4700:3032::ac43:a734 (United States)

ASN13335 (CLOUDFLARENET, US)

galatruc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:3d31 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-28.fra6.r.cloudfront.net

static.tapfiliate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.95.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (United States)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.210 (United Kingdom)

ASN3356 (LEVEL3, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.15.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-15-110.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.87 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:2e00:1f:df94:f9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a7274220a39571815c8bde3aa4b978a1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.166 (France)

ASN16276 (OVH, FR)
PTR: p10.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.93.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-227.fra50.r.cloudfront.net

video.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:ac00:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.8.165.105 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-165-105.us-west-1.compute.amazonaws.com

usr.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.153.71 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.246.149.44 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.142 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.151 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.228.192.197 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.98.242.60 (Saarbrücken, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip60.ip-87-98-242.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.48.14 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.106 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.253 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.133.199 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.194.69.213 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.99.220 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.49 (Frankfurt am Main, Germany) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.243 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.137.119 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.85.228 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

charity-ads.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:fa00:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:6200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	galatruc.net galatruc.net	600 KB
27	pubmatic.com 1 redirects hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com aud.pubmatic.com image4.pubmatic.com	48 KB
23	doubleclick.net 5 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net	127 KB
12	rubiconproject.com 6 redirects secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	16 KB
9	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	24 KB
9	wp.com stats.wp.com pixel.wp.com i1.wp.com i0.wp.com i2.wp.com	69 KB
9	google.com adservice.google.com	2 KB
8	google.ch adservice.google.ch	2 KB
8	undertone.com hb.undertone.com cdn.undertone.com usr.undertone.com	4 KB
7	googlesyndication.com a7274220a39571815c8bde3aa4b978a1.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	24 KB
7	criteo.com 1 redirects gum.criteo.com mug.criteo.com bidder.criteo.com dis.criteo.com	2 KB
5	bidr.io 5 redirects match.prod.bidr.io	2 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	4 KB
5	unrulymedia.com targeting.unrulymedia.com video.unrulymedia.com usermatch.targeting.unrulymedia.com	7 KB
4	everesttech.net 3 redirects sync-tm.everesttech.net	1 KB
4	adsrvr.org 3 redirects match.adsrvr.org	2 KB
4	advertising.com 2 redirects ads.adaptv.advertising.com pixel.advertising.com	1 KB
4	gravatar.com secure.gravatar.com	16 KB
3	quantserve.com 1 redirects pixel.quantserve.com secure.quantserve.com	10 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	ezoic.net g.ezoic.net go.ezoic.net	1 KB
2	amazonaws.com charity-ads.s3.amazonaws.com	82 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	947 B
2	scoota.co 2 redirects r.scoota.co	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	adform.net 2 redirects c1.adform.net	824 B
2	fiftyt.com 2 redirects visitor.fiftyt.com	994 B
2	semasio.net 1 redirects uipglob.semasio.net	720 B
2	tapad.com 1 redirects pixel.tapad.com	616 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	560 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	contextweb.com 2 redirects bh.contextweb.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	634 B
2	openx.net 2 redirects us-u.openx.net	610 B
2	criteo.net static.criteo.net	51 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	1rx.io 1 redirects tag.1rx.io sync.1rx.io	641 B
2	onetag-sys.com onetag-sys.com	1 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	6 KB
1	quantcount.com rules.quantcount.com	345 B
1	rlcdn.com id.rlcdn.com	66 B
1	gumgum.com 1 redirects rtb.gumgum.com	337 B
1	playground.xyz 1 redirects ads.playground.xyz	492 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	turn.com 1 redirects ad.turn.com	518 B
1	simpli.fi um.simpli.fi	609 B
1	zeotap.com mwzeom.zeotap.com	596 B
1	adgrx.com cm.adgrx.com	408 B
1	erne.co 1 redirects green.erne.co	325 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com	775 B
1	admanmedia.com 1 redirects cs.admanmedia.com	413 B
1	id5-sync.com id5-sync.com	1 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	a-mo.net prebid.a-mo.net	758 B
1	facebook.com graph.facebook.com	641 B
1	onesignal.com cdn.onesignal.com	3 KB
1	tapfiliate.com static.tapfiliate.com	13 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	ezodn.com go.ezodn.com	78 KB
237	62

	Domain	Requested by
87	galatruc.net	galatruc.net
16	securepubads.g.doubleclick.net	galatruc.net securepubads.g.doubleclick.net
13	simage2.pubmatic.com	1 redirects image6.pubmatic.com ads.pubmatic.com
9	adservice.google.com	galatruc.net securepubads.g.doubleclick.net
8	image2.pubmatic.com	image6.pubmatic.com ads.pubmatic.com
8	adservice.google.ch	securepubads.g.doubleclick.net
7	cm.g.doubleclick.net	5 redirects eus.rubiconproject.com
7	ib.adnxs.com	3 redirects go.ezodn.com cdn.undertone.com acdn.adnxs.com
6	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
6	usr.undertone.com	cdn.undertone.com eus.rubiconproject.com
5	match.prod.bidr.io	5 redirects
4	sync-tm.everesttech.net	3 redirects ads.pubmatic.com
4	match.adsrvr.org	3 redirects eus.rubiconproject.com
4	secure.gravatar.com	galatruc.net secure.gravatar.com
3	token.rubiconproject.com	3 redirects
3	x.bidswitch.net	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	video.unrulymedia.com	go.ezodn.com video.unrulymedia.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	i1.wp.com	galatruc.net
3	gum.criteo.com	1 redirects static.criteo.net
2	charity-ads.s3.amazonaws.com
2	pixel-sync.sitescout.com	2 redirects
2	pixel.quantserve.com	1 redirects
2	r.scoota.co	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	c1.adform.net	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	pixel.tapad.com	1 redirects image6.pubmatic.com
2	pm.w55c.net	2 redirects
2	bh.contextweb.com	2 redirects
2	d5p.de17a.com	2 redirects
2	pixel.advertising.com	2 redirects
2	us-u.openx.net	2 redirects
2	eus.rubiconproject.com	cdn.undertone.com eus.rubiconproject.com
2	ads.pubmatic.com	go.ezodn.com ads.pubmatic.com
2	static.criteo.net	go.ezodn.com static.criteo.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	i0.wp.com	galatruc.net
2	ads.adaptv.advertising.com	go.ezodn.com
2	onetag-sys.com	go.ezodn.com
2	mug.criteo.com	galatruc.net
2	pixel.wp.com	galatruc.net
2	g.ezoic.net	galatruc.net
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	go.ezoic.net
1	go.ezoic.net	galatruc.net
1	id.rlcdn.com	eus.rubiconproject.com
1	rtb.gumgum.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	match.taboola.com	image6.pubmatic.com
1	trc.taboola.com	1 redirects
1	s.tribalfusion.com	image6.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	cm.adgrx.com	image6.pubmatic.com
1	sync.1rx.io	1 redirects
1	green.erne.co	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	dis.criteo.com	image6.pubmatic.com
1	usermatch.targeting.unrulymedia.com	video.unrulymedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	cs.admanmedia.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	acdn.adnxs.com	go.ezodn.com
1	cdn.undertone.com	go.ezodn.com
1	id5-sync.com	go.ezodn.com
1	fonts.gstatic.com	fonts.googleapis.com
1	a7274220a39571815c8bde3aa4b978a1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	ajax.googleapis.com
1	i2.wp.com	galatruc.net
1	prebid.a-mo.net	go.ezodn.com
1	hb.undertone.com	go.ezodn.com
1	tag.1rx.io	go.ezodn.com
1	hbopenbid.pubmatic.com	go.ezodn.com
1	targeting.unrulymedia.com	go.ezodn.com
1	bidder.criteo.com	go.ezodn.com
1	graph.facebook.com	galatruc.net
1	ajax.googleapis.com	galatruc.net
1	stats.wp.com	galatruc.net
1	cdn.onesignal.com	galatruc.net
1	static.tapfiliate.com	galatruc.net
1	www.googletagmanager.com	galatruc.net
1	go.ezodn.com	galatruc.net
237	95

This site contains links to these domains. Also see Links.

Domain
silktide.com
www.facebook.com
twitter.com
www.linkedin.com
www.tumblr.com
pinterest.com
reddit.com
api.whatsapp.com
www.cormghana.org
www.microsoft.com
techliter.com
vk.com
galatruc.com
support.microsoft.com
www.sswjjj.com
www.schwimmschule-wien.at
www.ezoic.com
telegram.me
www.redcrossblood.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-10` - `2021-07-10`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
tapfiliate.com Amazon	`2020-11-20` - `2021-12-21`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
ezoic.net R3	`2021-01-23` - `2021-04-23`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
onetag-sys.com R3	`2021-02-10` - `2021-05-11`	3 months	crt.sh
*.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-16` - `2021-11-16`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.undertone.com Amazon	`2020-11-03` - `2021-12-02`	a year	crt.sh
*.a-mo.net R3	`2021-01-11` - `2021-04-11`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.id5-sync.com R3	`2020-12-26` - `2021-03-26`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.ramp-ut.io Amazon	`2020-11-07` - `2021-12-06`	a year	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.semasio.net Sectigo ECC Domain Validation Secure Server CA	`2020-03-09` - `2021-03-27`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh
h2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-11` - `2021-04-20`	2 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.ezoic.net Amazon	`2021-02-15` - `2022-03-16`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://galatruc.net/telecharger-kmspico/
Frame ID: E1BCCE1BFB3F300C24EAC52CE60E3F9B
Requests: 172 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 76DC53FB1371209DD53E2A95D567A1DD
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=galatruc.net
Frame ID: 1890F566E77579BDBCFF9EF97B56BFE8
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1614843746001
Frame ID: F908CE50DCFEFD04CDFCAEEBC930F211
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2BBB2E818D84428DF9CA9BB801FCA38A
Requests: 24 HTTP requests in this frame

Frame: https://video.unrulymedia.com/iframes/third-party-iframes.html
Frame ID: E2C0F716B7EEA95D77F85F389DD3A568
Requests: 4 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 2B9399A994835B16A317FF42F61075FE
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 24D90B376BAABD43FB8E1B167C7E6EFB
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 8A1C8D5C58CBC322CE999F4B40C4DD1D
Requests: 11 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 352F8280AF54DCD484EAFD11B133436B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=876621298304288530
Frame ID: 5DD59DA44C3BAFD03BE4C5AB7157EB9E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACrlk7AgR8AABEVkDXQog
Frame ID: A391A5EE91DE3957EA19A4760CEAE2E3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6935701094408124565
Frame ID: B7E31869DC113B6E61CDB18D46C0F123
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uc43nBlBPLQHCbjHe2NiWafO
Frame ID: 02B06472D3EAE0ED814111382FC2439C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: EBA30980B2B81ED6A3A707772F306974
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: ECB3B0EF6B5F534631024B8FA2ADBB04
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 390B79B5947166FEFD1F709164C4F42E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=cncsZCD5G2rN&pid=557219
Frame ID: 7D63F99AB57B3AFB9D837F8F014BED9E
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c5557433-167e-44af-a0ee-732a7a75feff-tuct73a14e6&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 8EE81665B75E671740AD24086FA9A975
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:zufENYmh1LhICX5&gdpr=0&gdpr_consent=
Frame ID: A2CB45D48A6CE80B5E81553663538631
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 09C7290487D462DFF5ACA15C75646F1E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

script /googleapis\.com\/.+webfont/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

237
Requests

100 %
HTTPS

33 %
IPv6

62
Domains

95
Subdomains

64
IPs

8
Countries

1263 kB
Transfer

3301 kB
Size

27
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://galatruc.net/telecharger-kmspico/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=KMSPico%20Activateur%20Office%20et%20Windows%20%26%238211%3B%20derni%C3%A8re%20version%202021&url=https://galatruc.net/telecharger-kmspico/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://galatruc.net/telecharger-kmspico/&title=KMSPico%20Activateur%20Office%20et%20Windows%20%26%238211%3B%20derni%C3%A8re%20version%202021
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https://galatruc.net/telecharger-kmspico/&name=KMSPico%20Activateur%20Office%20et%20Windows%20%26%238211%3B%20derni%C3%A8re%20version%202021
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://galatruc.net/telecharger-kmspico/&description=KMSPico%20Activateur%20Office%20et%20Windows%20%26%238211%3B%20derni%C3%A8re%20version%202021&media=https://i1.wp.com/galatruc.net/wp-content/uploads/2019/05/t%C3%A9l%C3%A9charger-KMSpico.jpg?resize=780%2C470&ssl=1
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://galatruc.net/telecharger-kmspico/&title=KMSPico%20Activateur%20Office%20et%20Windows%20%26%238211%3B%20derni%C3%A8re%20version%202021
Title: Reddit

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=KMSPico%20Activateur%20Office%20et%20Windows%20%26%238211%3B%20derni%C3%A8re%20version%202021%20https://galatruc.net/telecharger-kmspico/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.cormghana.org/sponsor?utm_source=ezoic

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/fr-fr/windows/
Title: version officielle de Windows 10

Search URL Search Domain Scan URL

URL: https://techliter.com/kmspico-activateur-windows-office/
Title: Télécharger KMSpico 2021 – Activateur Office et Windows gratuit

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/fr-fr/download/office.aspx
Title: Office 2016

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https://galatruc.net/telecharger-kmspico/
Title: VKontakte

Search URL Search Domain Scan URL

URL: https://galatruc.com/
Title: Website

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/fr-fr/office/installer-les-mises-%C3%A0-jour-d-office-2ab296f3-7f03-43a2-8e50-46de917611c5
Title: Cette méthode

Search URL Search Domain Scan URL

URL: http://www.sswjjj.com/
Title: Yanira Galdamez

Search URL Search Domain Scan URL

URL: https://www.schwimmschule-wien.at/
Title: gay xxx porn

Search URL Search Domain Scan URL

URL: https://galatruc.com/telecharger-kmsauto-net-portable/
Title: KMS Auto Net Portable

Search URL Search Domain Scan URL

URL: https://galatruc.com/telecharger-kms-activator-kms-tools/
Title: KMS Tools

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/?tap_a=66672-d4051b&tap_s=947936-45f2d4

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://galatruc.net/telecharger-kmspico/&text=KMSPico%20Activateur%20Office%20et%20Windows%20%26%238211%3B%20derni%C3%A8re%20version%202021
Title: Telegram

Search URL Search Domain Scan URL

URL: https://galatruc.com/politique-de-confidentialite/
Title: En savoir plus

Search URL Search Domain Scan URL

URL: https://www.redcrossblood.org/donate-blood/dlp/plasma-donations-from-recovered-covid-19-patients.html?utm_source=ezoic

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgalatruc.net%2F&domain=galatruc.net&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=2Raq2nxtaXltdWhvVUs3am9vbTJBanF5YTVZZjVrMkVWdGMyNndQY2JaL29uY2FZYUl6Tk50MHlYVWFSc3dQckJOdXVaVHA5TDdlSVc0aWxGY2w3eENaV0M1RG5JTUhXT1o5YXAzSS9qb05UNUZEaGppNTBoaVQ2TW03R0p3a2dZVGNkcUNXalZEQWVhZlh0TmwzK3FBKzF4ZDNES3R4YmloMkVFcTlGMnZFeFlrKzdFNTh3SzUzakQ2dlRIdEdIVVdlak5vcldidGkxcjJMTzkwMnZFQzZKV0dzS2pNM0JhSlZSaCtwdjhVU2xyV1NZPXw&cppv=2

Request Chain 147

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 149

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=10dd4628-addd-4891-adaa-4c1929d5446c

Request Chain 150

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP2c6f0afa-7cbd-11eb-b21c-028514db8b5a HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP2c6f0afa-7cbd-11eb-b21c-028514db8b5a&verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-IrH8oaV1l2Y7Tr1la5TIlfqeGNR1A6r7~UP2c6f0afa-7cbd-11eb-b21c-028514db8b5a

Request Chain 151

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=41b7c0a5-6c7c-4aca-83ba-700539a51e98&ttl=1617435750

Request Chain 152

https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLUK9W5C-16-6TET

Request Chain 153

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451

Request Chain 160

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 167

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=876621298304288530

Request Chain 168

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDcmxrN0FnUjhBQUJFVmtEWFFvZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACrlk7AgR8AABEVkDXQog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACrlk7AgR8AABEVkDXQog&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACrlk7AgR8AABEVkDXQog&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6754046255932460792 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACrlk7AgR8AABEVkDXQog

Request Chain 169

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6935701094408124565

Request Chain 170

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uc43nBlBPLQHCbjHe2NiWafO

Request Chain 171

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT

Request Chain 173

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 174

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=cncsZCD5G2rN&pid=557219

Request Chain 175

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c5557433-167e-44af-a0ee-732a7a75feff-tuct73a14e6&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 176

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:zufENYmh1LhICX5&gdpr=0&gdpr_consent=

Request Chain 177

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wpV28G5oQyCjewvYEW4vuw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 180

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C29576F0-6E68-4320-A37B-0BD8116E2FBB&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C29576F0-6E68-4320-A37B-0BD8116E2FBB&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 181

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C29576F0-6E68-4320-A37B-0BD8116E2FBB&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C29576F0-6E68-4320-A37B-0BD8116E2FBB&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C29576F0-6E68-4320-A37B-0BD8116E2FBB&addseg=31

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzI5NTc2RjAtNkU2OC00MzIwLUEzN0ItMEJEODExNkUyRkJC&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDizVoz1ESCmd5kW2V3tt4g&google_cver=1

Request Chain 185

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8735255031151438193

Request Chain 186

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:144b6040-8f66-4300-b702-0c778272e24b&gdpr=0&gdpr_consent=

Request Chain 187

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41b7c0a5-6c7c-4aca-83ba-700539a51e98

Request Chain 188

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1022542375022904365&gdpr=0&gdpr_consent=

Request Chain 189

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C29576F0-6E68-4320-A37B-0BD8116E2FBB&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Dsmf3ml1l2I3pzVeoV_vcmM_.9REDuo-&gdpr=0&gdpr_consent=

Request Chain 191

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2337793192791666484&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 192

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=8978d54a-0d3b-49c1-88a7-6867c05c0066&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1cfbb25a-7ab9-442a-a010-0fb510d57523&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 193

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=94nONPnfzDLsgZw0-Y7XYKWByWHsjZ5moI33Vm5T

Request Chain 194

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YECPZwAAAGZd9SrK

Request Chain 195

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=a4de5b90-bc8d-450c-b7a7-bb937d0d3d4d-60408f66-4348&gdpr=0&gdpr_consent=

Request Chain 197

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a681220b-70a7-4945-91fe-876940b5e0a0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 198

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1022542375022904365

Request Chain 199

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_5324732c-98de-43b9-8098-13bb89278cf0

Request Chain 201

https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLUK9W5C-16-6TET

Request Chain 202

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xVSzlXNUMtMTYtNlRFVA==

Request Chain 204

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQ4NDFiMDY4ODAxNDcwY2Y2MzE4MjI2OTdlNTdmNjQxNTExZWNkZQ

Request Chain 205

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/v-brg69xx0HPKi47Mqu7dcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2168407048673278168

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENctb12hKnsisW7TLv8fsxM&google_cver=1

Request Chain 207

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae216040-8f66-4400-a081-3b7bcb938d73

Request Chain 209

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YECPZwAAAFNYOizr HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YECPZwAAAFNYOizr&_test=YECPZwAAAFNYOizr

Request Chain 221

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

237 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
galatruc.net/telecharger-kmspico/ 367 KB
54 KB 1427ms
1391ms Document
text/html 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6938409882a9f78027c6546691bf234eb7b2e7409ca3c599a6138982d3aac5

Request headers

:method: GET
:authority: galatruc.net
:scheme: https
:path: /telecharger-kmspico/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d5704ccccd26607764438adf76f8995c41614843743; expires=Sat, 03-Apr-21 07:42:23 GMT; path=/; domain=.galatruc.net; HttpOnly; SameSite=Lax ezoadgid_197000=-1; Path=/; Domain=galatruc.net; Expires=Thu, 04 Mar 2021 08:12:23 UTC ezoref_197000=; Path=/; Domain=galatruc.net; Expires=Thu, 04 Mar 2021 09:42:23 UTC ezoab_197000=mod61; Path=/; Domain=galatruc.net; Expires=Thu, 04 Mar 2021 09:42:23 UTC active_template::197000=pub_site.1614843743; Path=/; Domain=galatruc.net; Expires=Sat, 06 Mar 2021 07:42:23 UTC ezopvc_197000=1; Path=/; Domain=galatruc.net; Expires=Thu, 04 Mar 2021 08:12:24 UTC ezepvv=0; Path=/; Domain=galatruc.net; Expires=Fri, 05 Mar 2021 07:42:24 UTC lp_197000=https://galatruc.net/telecharger-kmspico/; Path=/; Domain=galatruc.net; Expires=Thu, 04 Mar 2021 09:42:24 UTC ezovid_197000=1189232918; Path=/; Domain=galatruc.net; Expires=Thu, 04 Mar 2021 08:12:24 UTC ezovuuidtime_197000=1614843744; Path=/; Domain=galatruc.net; Expires=Sat, 06 Mar 2021 07:42:24 UTC ezovuuid_197000=285660a3-c8a4-49df-56e7-73665ed8574a; Path=/; Domain=galatruc.net; Expires=Thu, 04 Mar 2021 08:12:24 UTC ezCMPCCS=true; Path=/; Domain=galatruc.net; Expires=Fri, 04 Mar 2022 07:42:24 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate, no-cache, no-store
display: pub_site_sol
expires: Wed, 03 Mar 2021 07:42:24 GMT
link: <https://galatruc.net/wp-json/>; rel="https://api.w.org/", <https://galatruc.net/wp-json/wp/v2/posts/424>; rel="alternate"; type="application/json", <https://wp.me/paLDia-6Q>; rel=shortlink
pagespeed: off
response: 200
vary: Accept-Encoding Accept-Encoding
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-pingback: https://galatruc.net/xmlrpc.php
x-sol: pub_site
cf-cache-status: DYNAMIC
cf-request-id: 089dc9243700004aa46402e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BuOGO%2FDU5OGATCVzj2BkpoPlqpR%2FlFFKSz0%2B6T5%2Bq3Jt1%2B0Hlxs4titgBBJdQPXVgyCv6nHpybk36ScFxo5RXj%2F4qw5VO2%2F8RUCL058tAsdiTKO5dP8RObU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62a977b388084aa4-FRA
content-encoding: br

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=galatruc.net

Requested by

Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 266 KB
78 KB 39ms
24ms Script
application/javascript 2606:4700:3034::6815:3d31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3d31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bc616391fc965520fddd1bb34a8621a4f11839c3ea70459b5a06d91e23b1fc8

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 87117
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q9mGUlgn73zDKs%2B465RQtw5BGr7ClkR6c8N6YEZ3UxmueVJXwiRSr5ykbblQNSDQe%2FJsCki0IVbQIUQSIcJ6PYYTtY%2BvgaWRzSEJWlzkfiMBfSwt7c4Rurc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 62a977bc5aba4aaa-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929ba00004aaa4c17d000000001

GET
H2 200 boise.js Show response
galatruc.net/detroitchicago/ 983 B
897 B 21ms
15ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/boise.js?gcb=192-2&cb=1
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1787253
cf-ray: 62a977bd4e664aa4-FRA
x-middleton-display: sol-js
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5200004aa49c83a000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=abwqD290RFQX7LXrkFdKE5ig1U%2FreVbckCccIms0zugjK8vkb1OfZx6yfE54NJT91QyRyt2gK%2FouRnjaY6RjPS6kGXKItrCrmxztg1p9q6TmD1W1oZl%2F38s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 style.min.css
galatruc.net/wp-includes/css/dist/block-library/ 50 KB
8 KB 21ms
15ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,Origin
cf-cache-status: HIT
x-sol: orig
age: 154866
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b400004aa44e893000000001
response: 200
last-modified: Tue, 02 Mar 2021 00:41:26 GMT
server: cloudflare
etag: W/"c88a-60345fd8-bfcbe;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OlzYzBp0E6WwVbW8VEjSLwSCIMaOMGpOEN%2F4%2FQ9J9MCCLQADG9WmOHOFSTirqtpEu5JOFKpsYSRxvCkX3m2Ybb2m4lvFq6nZWNwHDyJZI5%2FB3KmMKjgIFeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d034aa4-FRA
display: staticcontent_sol, orig_site_sol
expires: Tue, 09 Mar 2021 12:41:18 GMT

GET
H2 200 theme.min.css
galatruc.net/wp-includes/css/dist/block-library/ 2 KB
1 KB 77ms
71ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/css/dist/block-library/theme.min.css?ver=5.6.2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,Origin
cf-cache-status: EXPIRED
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b400004aa4c19dc000000001
response: 200
last-modified: Thu, 04 Mar 2021 07:16:22 GMT
server: cloudflare
etag: W/"8f9-5fd47cde-bfcb9;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MnJd07uyXd3e4TXiWNgO%2BxrknqtbdhrbwZCyzbMNWGUtzLlW3d2xIthhdLKxzhVdWkCmiUnYs3uDjBoz1kQRZFXqunuew0sx1tGN9U38ZtcPXZDtACby06c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d044aa4-FRA
expires: Thu, 11 Mar 2021 07:42:24 GMT

GET
H2 200 styles.css
galatruc.net/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 21ms
15ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f918adfae4672ad3160e57cc94881753f1c4ee02c9f7e3f569c17b4c8109594a

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 236127
x-ezoic-cdn: Hit ds;mm;d2a1ca7861125542479351915abdd6eb;2-197000-0;2c439a7e-20f1-4dc0-60f6-9b6878c22264
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b400004aa476aa7000000001
response: 200
last-modified: Mon, 01 Mar 2021 07:02:47 GMT
server: cloudflare
etag: W/"a46-603c9197-1b9e7f;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZSooS9P0ZYjMkmOLq8AtMz5MwVNjEVvZhSu26mE6S%2BNCxgfItcbK3%2Fk31jWtZMyc7DgdCIv%2BQO8GQ9NwXaFcc6vQR8NNT3Z66Z9AkZ3BZT7a7jpb126e53s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d054aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 cookie-law-info-public.css
galatruc.net/wp-content/plugins/cookie-law-info/public/css/ 3 KB
1 KB 19ms
13ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.0
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 469626
x-ezoic-cdn: Hit ds;md;7ee81502449fc5bc0926bad298624a5e;2-197000-0;d5cfa256-12c2-4881-7c9d-43094f45ba64
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b500004aa4a9115000000001
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: cloudflare
etag: W/"c25-602f8ab1-1ba156;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=78b8vaAneS0v29Zm%2BKlyV0Cy9gbBUQSAMivgapNE6EoR2%2F%2BLdF7aahVy00eA5L6mVd2yTnVfMFL%2FWMSMdUeptMpT8kHEh9OnYaxyHVfN0YjG4YKwnSpHoJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d064aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 cookie-law-info-gdpr.css
galatruc.net/wp-content/plugins/cookie-law-info/public/css/ 28 KB
5 KB 18ms
12ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.0
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a82fb0df229ab511ba5e585874443b97a62bfbd76c369a6944ed9e0750ebf698

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 323755
x-ezoic-cdn: Hit ds;mm;42cef2ab40d020cd4c157ac9e59ae266;2-197000-0;97523615-db6d-4ca1-5695-f3b57e7f26f0
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b500004aa4949da000000001
response: 200
last-modified: Sun, 28 Feb 2021 07:13:20 GMT
server: cloudflare
etag: W/"6ecf-602f8ab1-1ba155;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XOzN%2Bv4vtMroIl3llKZ6ZNJwsIQovtS1byCrBInuaXtFAIp0HN10kJuFtPyofIVNQRQrFWKjOMvDa3zHGlo9gSXM%2BLj6M%2BRMRq8bGTkBs7MR4L8SHK1A4ss%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d074aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 ezoic-integration-public.css
galatruc.net/wp-content/plugins/ezoic-integration/public/css/ 98 B
596 B 16ms
10ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/ezoic-integration/public/css/ezoic-integration-public.css?ver=1.3.14
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
x-sol: orig
age: 485046
x-ezoic-cdn: Hit ds;mm;a76bf751b7b66d1413621b91db0e965e;2-197000-0;c94b287b-c824-4fee-41b4-60d787268476
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b500004aa45e1e8000000001
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: cloudflare
etag: W/"62-6024f86f-1b9fc0;;;-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FCnmAufzIYyt3n%2BLAoMN7hrhYCvpzOCDfhX91d3Xqn%2BA5napxFq0SRuCaKzTfGWdAKrNgQJo%2BNIW%2FWYFngmW0JVq0h34Vlyo4yCEOSubNwZBi1r2aWe8ZDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d084aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 font-awesome.min.css
galatruc.net/wp-content/plugins/subscribe-to-comments-reloaded/includes/css/ 30 KB
7 KB 21ms
15ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/subscribe-to-comments-reloaded/includes/css/font-awesome.min.css?ver=5.6.2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 154865
x-ezoic-cdn: Hit ds;mm;a0518111e55b8c48673f160ec55ff14c;2-197000-0;85469a9a-0d6a-40d3-7e46-d74aa68959fa
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b500004aa46995a000000001
response: 200
last-modified: Tue, 02 Mar 2021 00:41:29 GMT
server: cloudflare
etag: W/"7918-6013cbca-1bb391;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u3Bh9fJaWmsybMxtH2SRm%2B8JAxfvqKT6RrdWZHxAiMyBGJl9enb83UcmcDmIGAOpHe%2BBKpUQLLyA7P2QAh%2FvNMm82mMQSBZEMTKSvRWQPrG3Yb58gNvecbI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d094aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 screen.min.css
galatruc.net/wp-content/plugins/table-of-contents-plus/ 1 KB
887 B 17ms
11ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2002
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 314637
x-ezoic-cdn: Hit ds;dd;dfacbeb8d79c17d29dedfc0a5c57e1ca;2-197000-0;c36f971d-ce35-4598-45e5-3e97cdd6160a
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b500004aa48f93c000000001
response: 200
last-modified: Sun, 28 Feb 2021 02:10:34 GMT
server: cloudflare
etag: W/"484-5e47aed5-1ba08b;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BaMd8lVWVH%2Bv%2BpsYS9LhKuRDkguA%2FOIsRbdNPkj42VrKZ%2FyPfOSjd2WD7O%2FQZPoGNs%2BvUpIhGo9XusptvQP%2FS%2F%2BDx8tTTvEr1%2Fg4E658yPdbG9KC6BPYU58%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d0a4aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 style.css
galatruc.net/wp-content/plugins/taqyeem-buttons/assets/ 4 KB
1 KB 85ms
79ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/taqyeem-buttons/assets/style.css?ver=5.6.2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8d9a0657d362b643911315b35c57552d07d9a7b95df06bd8cb463b507a4fe6f

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,Origin
cf-cache-status: EXPIRED
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b500004aa46c864000000001
response: 200
last-modified: Thu, 04 Mar 2021 00:11:26 GMT
server: cloudflare
etag: W/"102e-5f213f18-1bb457;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HCISjnh14KEcGNT8X5XPNn6SgSZsK79B%2BGlAL3b6g4fPS%2FKVmM7U%2BcSw%2BacsSDhsFv%2F1Ej%2BEdkvBeN%2FFoTQA2FGKcsUQtIpwdLw01pL85nXFlwcvVqpJMQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d0b4aa4-FRA
expires: Thu, 11 Mar 2021 07:42:24 GMT

GET
H2 200 base.min.css
galatruc.net/wp-content/themes/jannah/assets/css/ 33 KB
7 KB 19ms
13ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/css/base.min.css?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e7aae8d330ce078517f5befe48160e260f4bd7ed98c7d22731a71b8d18f748c

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 154865
x-ezoic-cdn: Hit ds;dm;f7ac3fca773a3356a20bf48f91d9ff58;2-197000-0;b96efa85-ee8a-420a-7d13-f64ae36df7e9
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b600004aa4858eb000000001
response: 200
last-modified: Tue, 02 Mar 2021 06:02:50 GMT
server: cloudflare
etag: W/"84a1-5d909150-13c77d;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5T5DMIa0aTZaq9%2FIyu%2BPJ4K%2FoA7u0iCrCyDhIv3JMRHQYN1W3kDkcshUlK1GERJoW2d9VpieuPSiR7bGmRKSOfiP8ootKrOUQBzxa%2BaDfUvFIMFJd13uZF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d0c4aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 style.min.css
galatruc.net/wp-content/themes/jannah/assets/css/ 163 KB
26 KB 23ms
18ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/css/style.min.css?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29543f7139388e58f40739e985dc1581e93b898ab23390a72bc8a798ff95405f

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 569216
x-ezoic-cdn: Hit ds;dd;ba3680090f1354d59391d8d29d213d58;2-197000-0;45ab39ce-2653-4e49-66de-f49f9dcf87bd
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b600004aa4c2a6b000000001
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: cloudflare
etag: W/"28a69-5d909150-13c902;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xCDIwsVDJXAFzA0zq8Z7AfUEQ968ugsMltkD%2F76eKShw3w5hbmzJSgH902JnDlXx2XHbZjHAbzywrgenUWwTmHGM3cRjplROT3z3PJZ0AEf5NF2fwoQs51g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d0d4aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 widgets.min.css
galatruc.net/wp-content/themes/jannah/assets/css/ 49 KB
8 KB 20ms
15ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/css/widgets.min.css?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e32706fd8c8f272c7f35536d9fda75fe12535f4c896d846bc07a16a08d21c35a

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 314637
x-ezoic-cdn: Hit ds;dm;f8d4f275f205747a2e4d31f2e403fd06;2-197000-0;e78547d4-503b-4e5d-4ef6-60b5ba6874f4
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b600004aa48c1fa000000001
response: 200
last-modified: Sun, 28 Feb 2021 05:43:20 GMT
server: cloudflare
etag: W/"c51f-5d909150-13c904;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wRlEvCNTKxZaXWMb1AtZBgilIe8UkLeiMSTMmt447%2FN4LvsnWhh8ZnvG7wIVqQF3%2FNY96qQviXccUbvFsN0s17bsONatxKJFmSEisUREeXwu0NQM3NGFm1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d0e4aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 helpers.min.css
galatruc.net/wp-content/themes/jannah/assets/css/ 48 KB
10 KB 21ms
17ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/css/helpers.min.css?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7200216e311971f53cd868b982dd48cd5cbb4530013756b2dfb7eff6e6f87c2

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 154865
x-ezoic-cdn: Hit ds;dm;a95bbe042e93e7e332f7853fc2ff4a8b;2-197000-0;06038e0c-91a9-451a-797f-ad2201b6a553
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b600004aa485294000000001
response: 200
last-modified: Tue, 02 Mar 2021 04:57:47 GMT
server: cloudflare
etag: W/"c137-5d909150-13c780;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jHXCt4TRafS5F4G1ssOWbI6HhBiQjK3FtEjvDXgl4ESxaSIVjfidaBG4Ue57U%2BLTGSFiTsgowXvoDBHHsU8SZeuWtugcgxqCLLH%2FZtK2erML0TxpN6H9qJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d0f4aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 skin.css
galatruc.net/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 12 KB
2 KB 17ms
12ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eff7ef51c0e92016b98dc5eb8f6a3fa9778af21bcb3fdf8112f621469bbef510

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 154865
x-ezoic-cdn: Hit ds;dm;994c8d1145812757ceb3b6e9f03f5e4c;2-197000-0;f4b9b262-4ef1-462e-5399-04d1a1c6d5cc
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929b600004aa4a6908000000001
response: 200
last-modified: Tue, 02 Mar 2021 05:57:31 GMT
server: cloudflare
etag: W/"2fc4-5d909150-13c929;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LhkyvKqZjAfygq%2BV%2Fr9Q56W7OGyeupg5Ah25b8Rl%2F%2F%2FQCd2DDnxh5pQeHW1XtrP6jbi1eWLeeFp5JecL0hrY4htRUbvNOV2qC%2FkrTG7AawdD7QUI9vue8Qk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d114aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 shortcodes.min.css
galatruc.net/wp-content/themes/jannah/assets/css/plugins/ 9 KB
3 KB 21ms
17ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e65125045af843daa39232e1d36389a820a1ce24f3f595552747c277f6d13a3e

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 128909
x-ezoic-cdn: Hit ds;dd;b130100c9bf3cd91cf4a61ffc9101be6;2-197000-0;1de25064-3f4f-480e-7846-ebbee6dae144
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929ba00004aa451108000000001
response: 200
last-modified: Tue, 02 Mar 2021 16:20:35 GMT
server: cloudflare
etag: W/"233d-5d909150-13c798;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xvi1hsXpAnPcahyY4IYBvayGg9OZ7DwyNBFXFxGfavl9feIhPZzVb6jtutRbymE6qLY6GquTpgd%2FiDAElT2vAn6OGVb6TsQNvBC3NAxgykAYIJGPWTQ7tr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d204aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 single.min.css
galatruc.net/wp-content/themes/jannah/assets/css/ 34 KB
7 KB 23ms
19ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/css/single.min.css?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b886d8713bbf2db8b9f02d47d69e152f15a70b023b53e124054b8087cfc12d99

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 562151
x-ezoic-cdn: Hit ds;dm;52c457db0a2e93c8702e39591118bae2;2-197000-0;8484c38a-7eac-4695-7d70-e6151a30439c
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929bc00004aa499031000000001
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: cloudflare
etag: W/"88ea-5d909150-13c900;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UIIOOS9C8cwPSQ01VKiM0d19KSBVvzySjv4haTMNHf2yvfrFtYUvbVvgBMiS5AajDYyFB%2F2LB4YcSKC6daoC8WeViVXpJm%2FzkRO6eSurqLgYF8RNDl7ubVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d224aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 taqyeem.min.css
galatruc.net/wp-content/themes/jannah/assets/css/plugins/ 7 KB
2 KB 24ms
20ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/css/plugins/taqyeem.min.css?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c850920c471e5a0df733bac8ef08e035348893922377260c7438085ffb7bd2d5

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 562151
x-ezoic-cdn: Hit ds;dm;aecaae43ca2a36b25a0bd3977bd7ceb0;2-197000-0;51837353-a33d-4078-4b5b-6ee705148551
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929ba00004aa47b0a1000000001
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: cloudflare
etag: W/"1db5-5d909150-13c79a;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u1ZNH6dDe0i554gF%2FD9bk5XBeI74aiFMcyu2ZJJc6FuS%2FkiTf6LaV1kTXM1hQXmWlJR%2Bd2LBxg6ebZTKBO3WxDBvqz14Ms%2FyCfzcuE9%2BCdNm2FVfns2oQb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d234aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 social-logos.min.css
galatruc.net/wp-content/plugins/jetpack/_inc/social-logos/ 12 KB
8 KB 26ms
22ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=9.5
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 88903
x-ezoic-cdn: Hit ds;mm;9b17f7f5728c356e9b337a970e7b6986;2-197000-0;17088f3a-3201-4a36-6c27-8b2975383f20
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929ba00004aa4b68de000000001
response: 200
last-modified: Wed, 03 Mar 2021 05:20:15 GMT
server: cloudflare
etag: W/"2f4a-603eec13-1bc876;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MX9GvfQn%2B%2FYVnJ%2FYeocW043%2Fk1cBJgZn4HETFZiZrBRDYNvQFnbe9FHOEM%2BDwkOcjHcQ9tpHJG5j64z4iAPNbYM4x7k%2FMZAlalRIp%2FTjBFPZry1Uhfhtejw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d244aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 jetpack.css
galatruc.net/wp-content/plugins/jetpack/css/ 75 KB
13 KB 23ms
20ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/jetpack/css/jetpack.css?ver=9.5
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
cf-cache-status: HIT
x-sol: orig
age: 51144
x-ezoic-cdn: Hit ds;dm;a6973d5135091482bbf3ce4f8a2db1b6;2-197000-0;917d6cb5-494f-4ceb-493f-a809115b701c
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929ba00004aa492b39000000001
response: 200
last-modified: Wed, 03 Mar 2021 06:52:27 GMT
server: cloudflare
etag: W/"12d1e-603eec13-1bb32e;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wT4cOrsVRKzrhllgHaULGpi5QdFqlOQiQhZiYvTogo8qYFPpxhL7bwnCGkBIvD63kWniQxlc8Abl57xWHngepIpE%2BiWOaS4O%2FpXvstYJMFGKssOyM5k5uo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bc5d254aa4-FRA
display: staticcontent_sol, orig_site_sol

GET
H2 200 jquery.min.js Show response
galatruc.net/wp-includes/js/jquery/ 87 KB
30 KB 132ms
129ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929ba00004aa49bb07000000001
response: 200
last-modified: Wed, 03 Mar 2021 20:35:54 GMT
server: cloudflare
etag: W/"15d98-5fd47cde-c127c;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LMDv95lu8hTiHPgPxKL%2F8JscimEk%2F%2BuB%2BTp4LrU089la%2FFp083yYL%2BZxOie5JpwIFYSdMzGysQDMo5Dma%2BYLimEjemqRT9g630GtPLpbgStMk3Y9xy0uRcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bc5d274aa4-FRA
expires: Thu, 11 Mar 2021 07:42:24 GMT

GET
H2 200 jquery-migrate.min.js Show response
galatruc.net/wp-includes/js/jquery/ 11 KB
4 KB 25ms
22ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 562151
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929bc00004aa47b0a2000000001
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: cloudflare
etag: W/"2bd8-5fd47cde-bfb2c;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ny1D%2F6%2B70s0NUU6iUTJGzidLJM8Q2%2BKcNYetgngCbD1g5jruidbjGgca1NeE6KOgmmbzLgfEwwnAcYnNsNecso8YcyDcEPkFm4Fi9I5YTz6%2FsZgW45bTOMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bc5d284aa4-FRA
display: staticcontent_sol, staticcontent_sol
expires: Thu, 04 Mar 2021 19:33:13 GMT

GET
H2 200 cookie-law-info-public.js Show response
galatruc.net/wp-content/plugins/cookie-law-info/public/js/ 34 KB
8 KB 22ms
19ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.0
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c96a4e8e5c17e860ba23499da982857936823deba867697fd327f97d95025cfc

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 501872
x-ezoic-cdn: Hit ds;mm;d2267ba91d8ebb11c63c91625f13ee80;2-197000-0;dd261498-d040-4765-5fbe-f902382de9ab
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929bb00004aa49c833000000001
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: cloudflare
etag: W/"889f-602f8ab1-1ba153;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZiunaI0cwqQhN14wEQArgRzIQNXu2DpPe4ycrlICiOc8d2vDdQ0I9AseOYJ%2BvFp23RUP8Wr4cqXZvR1sSVicQ2PJPIDK1JqvPjErn1jdFhIjg4%2BUYrrnepE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bc5d294aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 53ms
19ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113455433-2

Requested by

Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2d045dc2413ae15a141fa9b7a1cee8395892572937da92582895b7d1b96815c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39414
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Mar 2021 07:42:24 GMT

GET
H2 200 cookieconsent.min.js Show response
galatruc.net/ezoic/ 4 KB
2 KB 22ms
20ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/ezoic/cookieconsent.min.js
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 560278
cf-ray: 62a977bc5d2a4aa4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc929bb00004aa4ca285000000001
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: cloudflare
etag: W/"11a4-5bbb86a0a74c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TXkce2oUk%2BhE35yzxWWO6G6UADaID6CHc%2BE0RRwFW9OuuSKEotiUkDYGJts5Np4ZGBXMd98RZG73PeTGcGwUKbToj587H%2FepCewQvG%2FsD9RkrsKkdu5x6vs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
expires: Fri, 25 Feb 2022 20:04:26 GMT

GET
H2 200 logoGT-New.png
galatruc.net/wp-content/uploads/2020/07/ 15 KB
16 KB 24ms
18ms Image
image/png 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galatruc.net/wp-content/uploads/2020/07/logoGT-New.png
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e028ccd6ff3467d236a13abdc3d4c2e6375157ab5160a327c380186709609c09

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 154862
x-ezoic-cdn: Hit ds;dm;2348483a1ad6bbf1fb90d2c052f6ac8f;2-197000-0;b0270b9b-2fa1-4758-4394-517efeda30ed
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5400004aa4ca28f000000001
response: 200
last-modified: Tue, 02 Mar 2021 07:09:17 GMT
server: cloudflare
etag: W/"3cd4-5f217343-1bbb79;;;-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iBZXXYZCUyoDxrYOLlHzdCLn8wRTw1lwpaor2N5DmPdMAAdcIbIK8zIS0jvOmUl02guFn%2BxOdNSQirm3mPhN6f6aMtV7KxicadAdaGEijuOa3icf0uNRtJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
cf-ray: 62a977bd4e674aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 5e6ade4959e67.jpg
static.tapfiliate.com/ 13 KB
13 KB 106ms
38ms Image
image/jpeg 99.86.3.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tapfiliate.com/5e6ade4959e67.jpg?a=66672-d4051b&s=947936-45f2d4
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-28.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27a2e47560b4f5b5e06c23350092879d32d19a88beaebafc25ba53b0e84b26a0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 22:55:46 GMT
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
last-modified: Fri, 13 Mar 2020 01:13:46 GMT
server: AmazonS3
age: 31599
etag: "a1a4d88e9aff599dba31d6f5ae185231"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 13443
x-amz-cf-id: nRkBd76TcjkoFv3FgahqYkMb2VsXwJZVzv88OJRAat95Ud-lBzQedw==

GET
H2 200 email-decode.min.js Show response
galatruc.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 8ms
7ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://galatruc.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 089dc92a0e00004aa44d3ea000000001
last-modified: Thu, 18 Feb 2021 13:46:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"602e6fce-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Dxh3fdD03ZdzocIDAgIJ%2BdnZF%2BDo6kzrXiZQ6Y0R13mAgDftrY3VFB3v1PtZWL%2BfKoYz2TJF7DJ1d26z1VH5ZxWPRcKMNfPnWgaeKqmfZhqKPvvDtodUA%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 62a977bcedd94aa4-FRA
expires: Sat, 06 Mar 2021 07:42:24 GMT

GET
H2 200 photon.min.js Show response
galatruc.net/wp-content/plugins/jetpack/_inc/build/photon/ 758 B
874 B 11ms
11ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 154864
x-ezoic-cdn: Hit ds;dd;9e408053df5e59de3bb5e92583d1a37e;2-197000-0;f0afc680-24e5-4756-5a76-f475cf579a2c
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a1700004aa4c19e3000000001
response: 200
last-modified: Tue, 02 Mar 2021 05:57:39 GMT
server: cloudflare
etag: W/"2f6-6019890f-1bdd98;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rSl8UVcw8F5s8wkMLabrRF4H3ft4NJ%2BtKzmS0pdlmse5ZSHOL9%2B4grUeoQdjkeveBCwyVasRzHwl51YANmQaU5qNxui4LK9zvFDxu5n5RbHWxV4d3RE7F7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bcfdea4aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 wp-polyfill.min.js Show response
galatruc.net/wp-includes/js/dist/vendor/ 97 KB
32 KB 16ms
16ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 236123
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a2200004aa4aeaab000000001
response: 200
last-modified: Sat, 27 Feb 2021 22:40:54 GMT
server: cloudflare
etag: W/"183ee-5f33f2f1-bfba0;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=woSKZzBddv1H0K0PBkkupBctJWUFmGWy39PsawSfWYRUjTZxlUHTsKPD1g9mc9qZPO3uL%2BaWeRo6y7gZZLHLGOdpR6JctMWEXwQRbxWZJWsRKAfhi5dOnp4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd0dfe4aa4-FRA
display: staticcontent_sol, staticcontent_sol
expires: Mon, 08 Mar 2021 14:07:01 GMT

GET
H2 200 i18n.min.js Show response
galatruc.net/wp-includes/js/dist/ 9 KB
4 KB 13ms
12ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/js/dist/i18n.min.js?ver=ac389435e7fd4ded01cf603f3aaba6a6
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c52c11cc9338b3eab968a005a5a0d6cbb9f80da1016d4f755078a8ecfd089bcb

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 236123
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a3800004aa47bb53000000001
response: 200
last-modified: Sat, 27 Feb 2021 22:40:54 GMT
server: cloudflare
etag: W/"253c-601b536e-bfb96;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WeIJJ8AA%2Fb1Cm5Kd4xCKJjiHmQR7HfGlLS0912PWgZuJJDDpoiSQIM%2FFD5Ed96G%2BIQMaNDm0uwy2r1VBhlJxLVcQRFEBgbP9GH0SLz2SMIwyIQqcZQAtQos%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd2e274aa4-FRA
display: staticcontent_sol, staticcontent_sol
expires: Mon, 08 Mar 2021 14:07:01 GMT

GET
H2 200 lodash.min.js Show response
galatruc.net/wp-includes/js/dist/vendor/ 71 KB
25 KB 14ms
14ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 236123
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a3b00004aa48529a000000001
response: 200
last-modified: Sat, 27 Feb 2021 22:40:54 GMT
server: cloudflare
etag: W/"11c65-5f33f2f1-bfbaf;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ivy5adowj45b7OM%2FFxfL%2F2dPIKMbdUpT4iRTrF%2BrDxssEMKqTEWCuQBx1eFY2uXRTnIj%2F00XA3zt3koUirJPJMFNxww8x46onF1x3IeASSEQ%2B%2FaAcBsrmF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd2e2b4aa4-FRA
display: staticcontent_sol, staticcontent_sol
expires: Mon, 08 Mar 2021 14:07:01 GMT

GET
H2 200 url.min.js Show response
galatruc.net/wp-includes/js/dist/ 13 KB
5 KB 20ms
12ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/js/dist/url.min.js?ver=98645f0502e5ed8dadffd161e39072d2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5d1de019f464e8279bd2003b66defb192aee756b3675dacf468a9d39e7a7240

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 236123
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a4d00004aa4599d0000000001
response: 200
last-modified: Sat, 27 Feb 2021 22:40:54 GMT
server: cloudflare
etag: W/"35f3-601b536e-bfbe8;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=55p9%2B0WXM47ZNsiFj2VMAv5majAbzLLNARAoxqbs9sdyZKKDmXbMKesUdNLNVy4p7rdMoRmSKS9tipjhJOVwJ0P3QuJJMPGlxyFbis4P8o86Xij569wVgkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e4f4aa4-FRA
display: staticcontent_sol, staticcontent_sol
expires: Mon, 08 Mar 2021 14:07:01 GMT

GET
H2 200 hooks.min.js Show response
galatruc.net/wp-includes/js/dist/ 6 KB
3 KB 86ms
79ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/js/dist/hooks.min.js?ver=84b89ab09cbfb4469f02183611cc0939
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d59bf6f772c44e0fb74fae16abb757bddf2600adc89641262accbe06d68b7de1

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a4d00004aa47181d000000001
response: 200
last-modified: Wed, 03 Mar 2021 20:35:52 GMT
server: cloudflare
etag: W/"181e-601b536e-bfbea;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tAQ56AosprGm0L3Xp1aJbOW67AfjLTd5BXibZHRgO8evVnRG0Lr3br6S62XqWy49I0gy5%2BaeGpZpIEDk8IBpTXPh01DBESyzrgSL%2BDji92POvOZBlw%2B%2Fb%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e504aa4-FRA
expires: Thu, 11 Mar 2021 07:42:24 GMT

GET
H2 200 api-fetch.min.js Show response
galatruc.net/wp-includes/js/dist/ 12 KB
4 KB 19ms
10ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87aaa11549edb8037c429c32d083c7004d4fb26db52c09ce84dc4c09cc476b9

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 236123
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a4e00004aa47bb54000000001
response: 200
last-modified: Sat, 27 Feb 2021 22:40:54 GMT
server: cloudflare
etag: W/"30a3-601b536e-bfbc7;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hasF67squWu8cBcNomDxt%2BQfWyf8vpgEKglJ19tdyIDrM%2F1LQ0MgvEZk7MEzWhgQZqbJUAJauBENuEj2hMIcL45itwImbQye%2B83ln6zTSghfak5RQUr5QxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e524aa4-FRA
display: staticcontent_sol, staticcontent_sol
expires: Mon, 08 Mar 2021 14:07:01 GMT

GET
H2 200 index.js Show response
galatruc.net/wp-content/plugins/contact-form-7/includes/js/ 11 KB
4 KB 20ms
12ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 236123
x-ezoic-cdn: Hit ds;mm;15d28ae9d1ddd340a40b1ab52d9f157e;2-197000-0;18a40104-6bfe-43b1-7736-95263a5b9201
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a4e00004aa4700f2000000001
response: 200
last-modified: Mon, 01 Mar 2021 07:02:47 GMT
server: cloudflare
etag: W/"2ac2-603c9197-1b9e68;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d768eXq7pVxIhaVD8Ya9lLQY%2FogRshb5kgTYY5mt%2FSNHzWvYPtJbcpE2%2F9foH3vRurJyq4nbil0Qfp315Q1m%2Fpppb8PovfLZGDVL8mUn8DpsSmY%2FOnCkA8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e534aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 front.min.js Show response
galatruc.net/wp-content/plugins/table-of-contents-plus/ 6 KB
2 KB 20ms
12ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2002
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 387681
x-ezoic-cdn: Hit ds;md;3fe71f395985df1d33bd8336d7fd98ed;2-197000-0;74e69788-8272-42a2-5c42-1512279ed8e9
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a4e00004aa4a38ce000000001
response: 200
last-modified: Sat, 27 Feb 2021 16:11:26 GMT
server: cloudflare
etag: W/"17cb-5e47aed5-1ba0a1;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6d%2F5EaNDHBnqCZA%2Bt58boaAY0A0IxRgTYSxbASxrk3YizGEFn%2BsqgOxL591hovVEOXOsTYVA%2FxLnE8e0vxNHUawJaddVPUKkGTbpgV827b8EjlWlhXAZuu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e544aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 gprofiles.js Show response
secure.gravatar.com/js/ 23 KB
7 KB 41ms
5ms Script
application/javascript 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/js/gprofiles.js?ver=202109
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 15:50:36 GMT
server: nginx
etag: W/"5e8609cc-5dea"
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 11 Mar 2021 07:42:24 GMT

GET
H2 200 wpgroho.js Show response
galatruc.net/wp-content/plugins/jetpack/modules/ 2 KB
1 KB 21ms
13ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/jetpack/modules/wpgroho.js?ver=9.5
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd911729403decd6e3b74702fdc4d2c1b1e3ecf35a147f7e5373669932cc708

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51144
x-ezoic-cdn: Hit ds;dd;5636f4af243d7cc93075bbf61a6b5fae;2-197000-0;a4622388-13a6-44b5-7492-37fb7c852ab0
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a4e00004aa4a0823000000001
response: 200
last-modified: Wed, 03 Mar 2021 03:06:43 GMT
server: cloudflare
etag: W/"7a1-603eec13-1b9ef5;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s0wjadTSI997avAnez0MAvZyT5mFbI6OwMyKTOf7yDSWXs0%2Bt56k3RbQUNUmzzDFI6E6f5StrBci%2FADjyHVaBD0PapLZdfKJ%2Bo4ET7zYuRCRH7sGoGkEjuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e574aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 intersectionobserver-polyfill.min.js Show response
galatruc.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 8 KB
3 KB 20ms
12ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51144
x-ezoic-cdn: Hit ds;dm;ca5b00be8900c4891c19cd26dbe683e4;2-197000-0;ddf85daf-b7ca-4d73-6d7e-3962aced865d
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a4f00004aa4c5a3e000000001
response: 200
last-modified: Wed, 03 Mar 2021 05:12:14 GMT
server: cloudflare
etag: W/"1e63-6019890f-1bc65e;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9fD0Xk51aH2nhAqk4C76SNGnhACd98668xCmY9Mz8VI3HlNU0AZE2IjIKB0YLP1CGurPbi4VnxGbaouCLYwK0qyShAxbFugm%2BhqWHR5rm7J4DkFJk3gJHaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e584aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 lazy-images.min.js Show response
galatruc.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 3 KB
2 KB 101ms
93ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a4f00004aa4b3802000000001
response: 200
last-modified: Wed, 03 Mar 2021 20:35:48 GMT
server: cloudflare
etag: W/"cb7-603eec13-1bc66d;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2uUh7kHzGbQpdLH2uA8bs29bBkwDu0aE5fpcv1qbQVhTeAPacACZ4D0DHYrxmFVw2V0TZNffjLghEqyFx22OJ2uziPqgOtLKt9dDJOIu%2FF0jhHROAjrYRPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e594aa4-FRA
expires: Thu, 11 Mar 2021 07:42:24 GMT

GET
H2 200 scripts.min.js Show response
galatruc.net/wp-content/themes/jannah/assets/js/ 18 KB
6 KB 21ms
13ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/js/scripts.min.js?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cba904507ab0b75f75846ecece69c1f04cb120b6036c1353d940852c96760770

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 569215
x-ezoic-cdn: Hit ds;dm;454422118b19a5ed2aeb2e8781204c76;2-197000-0;35815e61-e9a1-4e9f-5546-39bb845b48ba
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a4f00004aa451111000000001
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: cloudflare
etag: W/"488f-5d909150-13f50e;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FR1yiLFh1m5%2FCiNt99nj1heY8YXb7KSWmtV3PHU1rWcie109TCC9AMEdGzdwdZ50jtu8e3Lb3e5PHYD1CkGwWqeovv4172tt8YfrfBadS8UTAtFJYX6vN%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e5b4aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 lightbox.js Show response
galatruc.net/wp-content/themes/jannah/assets/ilightbox/ 79 KB
24 KB 130ms
122ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 339cfcf5a359798c1070b953988e0cc6bfec42ccff60d09bb719034416bc29ac

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5000004aa4c8021000000001
response: 200
last-modified: Wed, 03 Mar 2021 20:35:48 GMT
server: cloudflare
etag: W/"13cf7-5d909150-13f425;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QaMqIgmT7Opy1r5mOHuzoDuzVkt8zwf5RkoFpXE996SwxSTXVoQil%2FggFGSZlqKeH%2Fdl1kWaMXHJ7ztPtkv%2B%2F1yXJCQ%2FX6U9pH8ZUy5KzIYjLJSwODt9zpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e5c4aa4-FRA
expires: Thu, 11 Mar 2021 07:42:24 GMT

GET
H2 200 desktop.min.js Show response
galatruc.net/wp-content/themes/jannah/assets/js/ 61 KB
17 KB 27ms
19ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/js/desktop.min.js?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9471db8c4355560d132ae12801ab6f02de73699882d9d136e4b0d8837ca89728

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 154860
x-ezoic-cdn: Hit ds;dm;093c8c7610a659feb4ec4999c6144640;2-197000-0;180c1ecf-578c-48ee-4db4-6578b6488d07
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5000004aa4611bf000000001
response: 200
last-modified: Tue, 02 Mar 2021 00:41:26 GMT
server: cloudflare
etag: W/"f548-5d909150-13f4ff;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hIrEWeeXZKeedW%2FUjtQzLkEVaHkVz%2FouijT4oyo1mCKflDW6U%2BfndOKsdnJdeFjymFpGcLgki08SgwZKjd8EPlJoGM%2Fo81PWclLN3JeoSouKD2uInuao1D0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e5d4aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 live-search.js Show response
galatruc.net/wp-content/themes/jannah/assets/js/ 14 KB
5 KB 21ms
13ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/js/live-search.js?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00a1346c0e63df97eca33ec1ff32a778caa5b6612cde78986e391c17eeb10e87

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 311572
x-ezoic-cdn: Hit ds;dm;8aacaf89a645085d892a73599220f28a;2-197000-0;b8c6e0fb-2c3a-4384-6dde-d79efcc2cf87
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5000004aa4a911d000000001
response: 200
last-modified: Sat, 27 Feb 2021 22:40:54 GMT
server: cloudflare
etag: W/"37f3-5d909150-13f50b;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ummLO9SqmlAtJusQWTUR1jJ6TatXBRHk34jCWwMhJtvQz%2FilNQ%2FgIrx7%2BpSGEKxAnDe5z%2BYiP6qzFIasdXf%2B2CUGyQnVzNEP8%2FJbKZgWLq4sEyeB643tkuU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e5e4aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 single.min.js Show response
galatruc.net/wp-content/themes/jannah/assets/js/ 15 KB
5 KB 91ms
84ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/js/single.min.js?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39bfe0e36d071be61fe7c77eea257da3f7c5018905b4ad53756bece41f932a70

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, staticcontent_sol
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5000004aa44d3ee000000001
response: 200
last-modified: Thu, 04 Mar 2021 06:11:28 GMT
server: cloudflare
etag: W/"3b11-5d909150-13f510;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7Ls8dxWzz9063UctGFGosF6veZI3Sy5uyV3nDTzx77zQMU0yLdhLgyB617oZtMnVaKg50QPy0%2FeZ0FHKCRAFmQ3T4y3xlVFhGNyT63nKsmRR4VKJlN%2BSP18%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e5f4aa4-FRA
expires: Thu, 11 Mar 2021 07:42:24 GMT

GET
H2 200 imagesloaded.min.js Show response
galatruc.net/wp-includes/js/ 5 KB
2 KB 20ms
12ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 562150
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5000004aa44b12d000000001
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: cloudflare
etag: W/"15fd-5f33f2f1-bfc25;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r4C%2B35x3c%2FiYyH6ftpoSCZbUwRC%2FO9wEyjwLmMixeWQn4IpN%2FxAX%2B%2B3p45X9I%2BdDyk%2By%2BrOoeACzkhBxdqXsbDlMDaQ5UoMI%2BYwUWK2ynaUTR1DEgDy%2FXqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e604aa4-FRA
display: staticcontent_sol, staticcontent_sol
expires: Thu, 04 Mar 2021 19:33:14 GMT

GET
H2 200 comment-reply.min.js Show response
galatruc.net/wp-includes/js/ 3 KB
2 KB 22ms
14ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/js/comment-reply.min.js?ver=5.6.2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab21fef3ac4ee12ebb305942f85de99b290b8a24654c69060e54673d5f3a11f2

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 154860
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5100004aa47b0ab000000001
response: 200
last-modified: Tue, 02 Mar 2021 00:41:27 GMT
server: cloudflare
etag: W/"ba6-601b536e-bfb05;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CwcQyfXX5PpVrV8pc%2FeS7nmqq%2FTGeDxhMzhSkhEYAP8HfRhgSumMMSKhuXc2PqP7QRYatBplkZAv3OFs3Btxqc1OCo9kql1%2F%2BBv8%2BsQvnwkAe%2FPFRPgXyXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e614aa4-FRA
display: staticcontent_sol, staticcontent_sol
expires: Tue, 09 Mar 2021 12:41:24 GMT

GET
H2 200 wp-embed.min.js Show response
galatruc.net/wp-includes/js/ 1 KB
1023 B 22ms
15ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/js/wp-embed.min.js?ver=5.6.2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 154860
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5100004aa45bb0e000000001
response: 200
last-modified: Tue, 02 Mar 2021 00:41:29 GMT
server: cloudflare
etag: W/"592-601b536d-bfbf7;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TbcQWfnsVAtNMDZLAOu3e1PaClrHTvj%2BoNrLhbHntbjPXtnujBCEdW5BqT7aJfHTBJxOnO3NktzGmrBQ1x8P3GcsyuuUBDVG7ipheuhrZhxKLv0GgKba5Js%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e624aa4-FRA
display: staticcontent_sol, staticcontent_sol
expires: Tue, 09 Mar 2021 12:41:24 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 50ms
17ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 364
etag: W/"29e3b92597e716694def18b1f85abbfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 62a977bd7cc9980e-FRA
cf-request-id: 089dc92a6b0000980e10803000000001
expires: Thu, 04 Mar 2021 08:42:24 GMT

GET
H2 200 br-news.js Show response
galatruc.net/wp-content/themes/jannah/assets/js/ 5 KB
2 KB 21ms
14ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/js/br-news.js?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18a3637360b0c195e2cb05dda99f2e88a9745b5822189beb8c270e59c5d0e08d

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 154859
x-ezoic-cdn: Hit ds;dm;d14c02b7d62448a24086c60e4d9fcef9;2-197000-0;8871d994-e10e-4e42-600c-20ad5eabae88
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5100004aa49bb0e000000001
response: 200
last-modified: Tue, 02 Mar 2021 05:57:26 GMT
server: cloudflare
etag: W/"155e-5d909150-13f4fd;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O3xvjNWOvvCciEDGeTKDrToDz%2BxPaiIy0EH6PFI7bFAZFi1b218aikjR%2FzdO2wHxS6xSS2%2B6dshoLKJku95Zu5a2HSHpnG5MUlzNcYac2sTzp%2B%2Bk%2B7cqHFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e634aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 form.js Show response
galatruc.net/wp-content/plugins/akismet/_inc/ 700 B
684 B 32ms
26ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/akismet/_inc/form.js?ver=4.1.9
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51144
x-ezoic-cdn: Hit ds;dd;e850cccc109293130fa805dd205ed40c;2-197000-0;f8905385-c613-407a-683b-f36cdf2dbaad
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5200004aa448b86000000001
response: 200
last-modified: Wed, 03 Mar 2021 15:11:33 GMT
server: cloudflare
etag: W/"2bc-603eec0e-1bb473;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7n4mAakHn5Vui9%2F0tfACyGAtKOWZvP%2BgnilH%2BESJbktF7ZlKPzOT8gVhhuM8w0CJL4kfV7Ktv9QPMeK3n4%2BJFvEiwfg4UltoJwY6qVAg6VKNsSkpn6jOgMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e694aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 sharing.min.js Show response
galatruc.net/wp-content/plugins/jetpack/_inc/build/sharedaddy/ 12 KB
4 KB 29ms
23ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=9.5
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 88902
x-ezoic-cdn: Hit ds;dm;ca8cbfe246450c6b456a83e5bcadaeb3;2-197000-0;fba9c93f-fb42-425a-664f-ab8f737f8c97
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5100004aa4ba079000000001
response: 200
last-modified: Wed, 03 Mar 2021 05:12:18 GMT
server: cloudflare
etag: W/"2f6d-603eec13-1bdd0e;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tGreTZpTScUtrAIq14VmICN%2BoOD6hap0YROoCPvccXl5NDBDIlDS1I%2BJXu3u8G%2BDriaINugyu8zkuM3R7S7hWca8xINlfSH4yUz8UAo%2FuixBQRmuOmS512Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd4e644aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 e-202109.js Show response
stats.wp.com/ 9 KB
3 KB 90ms
28ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202109.js
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 20 Feb 2022 22:39:29 GMT

GET
H2 200 augusta.js Show response
galatruc.net/detroitchicago/ 1 KB
856 B 21ms
15ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/augusta.js?cb=3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d996911a48456da047197d69d725c4903c52e1388cb421f04c7e5a184766faf5

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 212391
cf-ray: 62a977bd4e6a4aa4-FRA
x-middleton-display: sol-js
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5200004aa4539e8000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RrXph7%2BPSz%2FDtv2Gb6SOu1pBsyaI3r4nlOjE%2F%2FkN01UJtY6plszZuS5BnSfSQfvI4jv8S%2FaLBLnLyCaDJQdy4%2BR9yXssuvyCYYbOG6zu2HP73A6qWeFbUx4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 ezcl.webp Show response
galatruc.net/utilcave_com/inc/ 1 KB
916 B 21ms
15ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/utilcave_com/inc/ezcl.webp?cb=4
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,Origin
cf-cache-status: HIT
x-sol: middleton
age: 47553
x-middleton-display: staticcontent_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5200004aa492b40000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AQJ1sEHFmKGsViJrwmsFtfJGiE1K7TBBnuxjPluwn8XVvYomgrtKVzS1jmfasA33ukQxgOZSTlglWChuf2wPdauf%2BbdJuFby15w9ZgngHcLkppK%2F0kXW05s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 62a977bd4e6c4aa4-FRA
display: staticcontent_sol

GET
H2 200 houston.js Show response
galatruc.net/detroitchicago/ 3 KB
2 KB 29ms
23ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/houston.js?gcb=2&cb=36
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08375cebca0d36f2fa3ec9e027a974146af7161553e4319a418d4cee6b38bed7

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 477379
cf-ray: 62a977bd4e6d4aa4-FRA
x-middleton-display: sol-js
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5200004aa4672fc000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9WqxhXUu7JHU1ZWmjI6r0xzT36co%2BJGUlrv4SOkJRogGtOC%2BEuHquccniHxAooq58lKJLjekMr5Laq8hSbAvKSmNpjSbZ169sOeRef6DYT57F3JhWOvjqE0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 101ms
35ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

13ad8741b47defc487fe1632ab1ed0413e893bbd99552f4e144c948bc9bdf4db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "801 / 957 of 1000 / last-modified: 1614813189"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19378
x-xss-protection: 0
expires: Thu, 04 Mar 2021 07:42:24 GMT

GET
H2 200 banger.js Show response
galatruc.net/porpoiseant/ 49 KB
11 KB 27ms
23ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/porpoiseant/banger.js?cb=192-2&bv=7&v=45&PageSpeed=off
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4b240b6e10894723f95547179c2c23bb04640447c82b0a4efa13568dacd5a48

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 154252
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iZTHFV5ppCj4phqNq1QaH4S0zH5vWCM5a7TSGuIDfvYN86CpEwo6QGUiLw7crWjQCc0IhJNFm27uwjsdP7QD2rt2d%2BZH%2BFh8JO%2FP62Smquu4TwXPVEi7cGI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 62a977bd4e6e4aa4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5300004aa44e89c000000001
x-robots-tag: noindex

GET
H2 200 memphis.js Show response
galatruc.net/detroitchicago/ 5 KB
2 KB 26ms
21ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b68431bd479f66f60cca8fef9520547c0f28390680174d8b36c5591085e8393

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1787253
cf-ray: 62a977bd4e704aa4-FRA
x-middleton-display: sol-js
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5300004aa4c19e6000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kcitywwU9AyNEUv7lcFNYRADjsP7lLD0KEUQNCAIj7QnsABVaNLFMFF%2FCk7XggCEiMO9AAFQUZ9hoUP%2FL5Cxu6bq%2BEmrA4Eepk79Rlph7UPOIBTee%2FdEyfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 minneapolis.js Show response
galatruc.net/detroitchicago/ 864 B
767 B 30ms
26ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/minneapolis.js?gcb=192-2&cb=3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1837861
cf-ray: 62a977bd4e714aa4-FRA
x-middleton-display: sol-js
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5300004aa476aae000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qit9YxoKeg7SKTlVH4e1uwtjCEEcACMYXTAnCojRoO2e%2B0kquHokDpEaIIstEvJVcJlubkpIHJxnSMcagrxsFge23M6gF5OpfWjrqwin2s3yie5Y%2FPelfz8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 rochester.js Show response
galatruc.net/detroitchicago/ 2 KB
1 KB 35ms
31ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/rochester.js?gcb=192-2&cb=2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d09e0a7a1dd10d174fcf8cab650952432c1fd1b65dd811c1ab75fb7b6cb45c0

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mh5IEADiRHqzvr3JANcEq2IoCzYh%2B%2FwC%2Bwg%2B3UklJogsFpgZZjEYKH5vxNiKH9LdGa4r2IuTEqSA8n2hMHu2zlTQo3gXBcF8uneh37t40r7DmEjO%2FW841%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
cf-ray: 62a977bd4e724aa4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5300004aa4949e2000000001
x-robots-tag: noindex

GET
H2 200 raleigh.js Show response
galatruc.net/detroitchicago/ 2 KB
1 KB 26ms
22ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/raleigh.js?gcb=192-2&cb=5
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f69dfe383fe0ef66df2c8de098fda546a826801c150ec22e7e09b8020b221dae

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 606500
cf-ray: 62a977bd4e734aa4-FRA
x-middleton-display: sol-js
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5300004aa4858f4000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FQJY5pWNixgeXNDPpflHBeMx7oB1XOZyCLKEVVLuYXKCk9YVMA4kX%2FNG5S%2FtI90R4lDoqVdhk2Oq8F%2FsOIXIffWRiTxyCUgvZcFb6qKVbLi6DKJiu4VFzas%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 tampa.js Show response
galatruc.net/detroitchicago/ 773 B
766 B 22ms
18ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/tampa.js?gcb=192-2&cb=3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c80203c7eae413cecc09a4ed0974e31a8538060cddd5bc1f1a5bfa53db672c9e

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1374228
cf-ray: 62a977bd4e744aa4-FRA
x-middleton-display: sol-js
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5300004aa45e1f1000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3jnCboBd9CW%2BgBXB1dKg074mHFwJyvCCB70d2iTun08P7ODRxDE7bvpIeIQV1P9%2BueRtrQqVLKX6ssuN%2FpehkUc%2FTt%2BTVCQtAECgi3GyMfxNImfl%2FeJXx2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 wp-emoji-release.min.js Show response
galatruc.net/wp-includes/js/ 14 KB
5 KB 27ms
23ms Script
application/x-javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 154859
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5400004aa489233000000001
response: 200
last-modified: Tue, 02 Mar 2021 00:41:29 GMT
server: cloudflare
etag: W/"3795-601b536d-bfa85;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i7PUf%2FRGtwFzhk5U9CNM7eg7nAfcVI8uloHlJwRLTrBAtHFjQTt%2BMmWRt%2BJheE1gqqgwwEmIs5KukKTujsm9SJ03s4IiJRRzc5oh3OhMrv5QBTzsmWnlqtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 62a977bd5e764aa4-FRA
display: staticcontent_sol, staticcontent_sol
expires: Tue, 09 Mar 2021 12:41:25 GMT

GET
H2 200 print.css
galatruc.net/wp-content/themes/jannah/assets/css/ 2 KB
1020 B 92ms
88ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/css/print.css?ver=4.0.3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc250db8be288e1a2b1b9590a1a312cbd8bf8eafde30baa81ed0313e1568c7f9

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding,Origin
cf-cache-status: EXPIRED
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5400004aa469963000000001
response: 200
last-modified: Thu, 04 Mar 2021 05:47:25 GMT
server: cloudflare
etag: W/"7b3-5d909150-13c79d;gz-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v85W%2F5%2FP30ykhuSPC%2FfaPohwEetbWbG6hbiWS69VQlAZILyOyoY7pA0NrIxbuf7gLEDjWhtVcIH%2Flv0E3yfYGOZADpI9ydu2cw41mPWxv9%2Bxf7e0gip5FSM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 62a977bd5e774aa4-FRA
expires: Thu, 11 Mar 2021 07:42:24 GMT

GET
H2 200 ezosuigeneris.js Show response
g.ezoic.net/ 555 B
563 B 97ms
31ms Script
text/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigeneris.js
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e4cf59c1d6d95b6cec3c20d49bdd35ee150be7fdcabb213edd50b82dc5ab3ca2

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: br
last-modified: Wed, 03 Mar 2021 20:35:53 GMT
server: nginx/1.16.0
etag: 733ba269407576e580ed62237cc207c2
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cache-control: max-age=999999, private
content-length: 277
expires: Mon, 29 Apr 2020 21:44:55 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 fontawesome-webfont.woff2
galatruc.net/wp-content/themes/jannah/assets/fonts/fontawesome/ 75 KB
76 KB 20ms
19ms Font
font/woff2 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/fonts/fontawesome/fontawesome-webfont.woff2
Requested by: Host: galatruc.net
URL: https://galatruc.net/wp-content/themes/jannah/assets/css/helpers.min.css?ver=4.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://galatruc.net
Referer: https://galatruc.net/wp-content/themes/jannah/assets/css/helpers.min.css?ver=4.0.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:24 GMT
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 393280
x-ezoic-cdn: Hit ds;mm;afa2c6a5c3a427a5bdd9d85edaf69df5;2-197000-0;ab4e6d24-2149-4f29-60ef-fe7746a06aee
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92a5400004aa4823af000000001
response: 200
last-modified: Sat, 27 Feb 2021 07:01:12 GMT
server: cloudflare
etag: W/"12d68-5d909150-13c90d;;;-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://galatruc.net
cache-control: public, max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5%2BRDEqlp%2BdPXBQtb3Lyfk1lxyInzOKI0L542ghb%2Fm4wlZAVEiII3S5qOLrM4svAXR%2Fd%2FI5Ak2io9GPUle7uyQIIUWJQAnsyb3GzVGfp76q1T3lRex3poTHc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 62a977bd5e7a4aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 simple-arrow.png
galatruc.net/wp-content/plugins/intelly-related-posts/assets/images/ 1 KB
2 KB 12ms
12ms Image
image/png 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galatruc.net/wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c87ee1e1a6878217897741f85a8048012b693a4cb6b03804a322d8fed02a88

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 395332
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1286
cf-request-id: 089dc92bc300004aa4c19fe000000001
response: 200
last-modified: Sat, 27 Feb 2021 00:15:29 GMT
server: cloudflare
etag: "506-600bc9f6-1bb9b2;;;-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R6hgs82sKrF8AIf6%2Fblp02rhX8vJ1zu62sBU0d5mJOARJxtzmVKl5l1yiDi86d1vB8u1oe6Tx4MuXCyfxUjn2%2BNcoyGRt7PO6%2FMsK9kN0ponCfIDHB4tCJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 62a977bf99f14aa4-FRA
display: staticcontent_sol, staticcontent_sol
expires: Sat, 06 Mar 2021 17:53:33 GMT

GET
H2 200 tiefonticon.woff
galatruc.net/wp-content/themes/jannah/assets/fonts/tiefonticon/ 9 KB
6 KB 12ms
12ms Font
application/font-woff 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/themes/jannah/assets/fonts/tiefonticon/tiefonticon.woff
Requested by: Host: galatruc.net
URL: https://galatruc.net/wp-content/themes/jannah/assets/css/helpers.min.css?ver=4.0.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e3349c36d26f3f07ddc1807ac6312022900cf8130a510a903c51ce07045f379

Request headers

Origin: https://galatruc.net
Referer: https://galatruc.net/wp-content/themes/jannah/assets/css/helpers.min.css?ver=4.0.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
content-encoding: br
vary: Accept-Encoding, Origin,Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 987039
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92bdd00004aa499050000000001
response: 200
last-modified: Fri, 12 Feb 2021 23:32:06 GMT
server: cloudflare
etag: W/"2320-5d909150-13c914;;;-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/font-woff
access-control-allow-origin: https://galatruc.net
cache-control: public, max-age=2592000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rOAU4EPtLMkNHaakWbpwnPD5SUSgqgfxpmqdHOlyHlXjZmg0ZZg9WfKN%2FhCIGJ4v%2BzWJU4rlLaHA74%2F%2BDhGAx92ypvsUcmbLcHx9S3YmBh0FIyBNQj%2BZW1A%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 62a977bfca374aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Origin: https://galatruc.net
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 fontawesome-webfont.woff2
galatruc.net/wp-content/plugins/subscribe-to-comments-reloaded/includes/fonts/ 75 KB
76 KB 12ms
11ms Font
font/woff2 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/wp-content/plugins/subscribe-to-comments-reloaded/includes/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: galatruc.net
URL: https://galatruc.net/wp-content/plugins/subscribe-to-comments-reloaded/includes/css/font-awesome.min.css?ver=5.6.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://galatruc.net
Referer: https://galatruc.net/wp-content/plugins/subscribe-to-comments-reloaded/includes/css/font-awesome.min.css?ver=5.6.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
vary: Accept-Encoding, User-Agent,Origin,Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 569214
x-ezoic-cdn: Hit ds;dd;5a39de8b226e849fab484a6dc493b1cd;2-197000-0;bf72d9fb-85b0-4eba-63b5-34c1f3de0265
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92dad00004aa49d041000000001
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: cloudflare
etag: W/"12d68-6013cbca-1bb3a4;;;-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://galatruc.net
cache-control: public, max-age=604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7m7dsURxOLkl3Ja%2FWoJnFNadlJ%2FAU54p4pa%2FnBKGY0Lg6%2FmVztxEp4orAqwgfnf7xngWCANFT53AtsL59Xl%2Fg4gEJEFwPqIZpXvdGnNZID8GWJSvNfWDjv8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 62a977c2ade74aa4-FRA
display: staticcontent_sol, staticcontent_sol

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 10:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74549
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Mar 2022 10:59:56 GMT

GET
H2 200 anchorfix.js Show response
galatruc.net/ezoic/ 879 B
775 B 12ms
12ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/ezoic/anchorfix.js?cb=192-2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2330554
cf-ray: 62a977c31e514aa4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92ded00004aa4b2a63000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZDFYgAKbf7gWu%2Fc8T3POmG2bstCZO2aOPxCJ6DEVAx9JuaamSnaVUHfn63D%2BKkQQjizQGLB6QLI3cvSIlrI7AnIzN%2FOiSIp4m1a2bFtFEjHHYa3K4OMLzNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex, noindex
expires: Sat, 05 Feb 2022 08:19:51 GMT

GET
H2 200 jellyfish.webp Show response
galatruc.net/porpoiseant/ 58 KB
11 KB 13ms
13ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/porpoiseant/jellyfish.webp?a=a&cb=192-2&shcb=34
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2330579
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cpLisuBbfjQpGDarstUzGZ%2BHVzg0LXr0os3xSq8Y8l7svXinKOIL%2BoMN9%2BmowN0jiAg7FIsx8VGrD9r602EGAXK8zMQi55glHJXdVkB94L4ROPJQZ3%2BnJhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62a977c31e524aa4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92ded00004aa44e8d1000000001
x-robots-tag: noindex

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 28ms
27ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.5&blog=159115818&post=424&tz=2&srv=galatruc.net&host=galatruc.net&ref=&fcp=1949&rand=0.4491166378511715
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 hovercard.min.css
secure.gravatar.com/dist/css/ 8 KB
2 KB 5ms
5ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/dist/css/hovercard.min.css?ver=202109
Requested by: Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=202109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
server: nginx
etag: W/"5fac09d6-1e86"
content-type: text/css
cache-control: max-age=604800
expires: Thu, 11 Mar 2021 07:42:25 GMT

GET
H2 200 services.min.css
secure.gravatar.com/dist/css/ 3 KB
587 B 5ms
5ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/dist/css/services.min.css?ver=202109
Requested by: Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=202109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
content-encoding: gzip
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
server: nginx
etag: W/"5ab37b5c-a54"
content-type: text/css
cache-control: max-age=604800
expires: Thu, 11 Mar 2021 07:42:25 GMT

GET
H2 200 / Show response
graph.facebook.com/ 244 B
641 B 47ms
34ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F

Requested by

Host: galatruc.net
URL: https://galatruc.net/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=9.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

469fdcb93f6dc61d42d6e09448a8b89e6773364c647393816ceb64bae3cdfd1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1003395409
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 182
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 70nL/px5IkxwcUl+oC+P3TI8vd6B0l7OX7lVFszlhbihGdFJo6m3fyq8X+RvMoMo/opZJKvlQ+L/wpRwYKxkXQ==
x-fb-trace-id: BLXdNvz5OfY
date: Thu, 04 Mar 2021 07:42:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AFceC_nhidsZ0C6ybym0paA
cache-control: no-store
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 27ms
27ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.12694037238926192
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 66ms
22ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgalatruc.net%2F&domain=galatruc.net&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://galatruc.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://galatruc.net
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 2020
date: Thu, 04 Mar 2021 07:42:24 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgalatruc.net%2F&domain=galatruc.net&cw=1
https://mug.criteo.com/sid?cpp=2Raq2nxtaXltdWhvVUs3am9vbTJBanF5YTVZZjVrMkVWdGMyNndQY2JaL29uY2FZYUl6Tk50MHlYVWFSc3dQckJOdXVaVHA5TDdlSVc0aWxGY2w3eENaV0M1RG5JTUhXT1o5YXAzSS9qb05UNUZEaGppNTBoaVQ2TW03R0...

355 B
634 B

125ms
43ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=2Raq2nxtaXltdWhvVUs3am9vbTJBanF5YTVZZjVrMkVWdGMyNndQY2JaL29uY2FZYUl6Tk50MHlYVWFSc3dQckJOdXVaVHA5TDdlSVc0aWxGY2w3eENaV0M1RG5JTUhXT1o5YXAzSS9qb05UNUZEaGppNTBoaVQ2TW03R0p3a2dZVGNkcUNXalZEQWVhZlh0TmwzK3FBKzF4ZDNES3R4YmloMkVFcTlGMnZFeFlrKzdFNTh3SzUzakQ2dlRIdEdIVVdlak5vcldidGkxcjJMTzkwMnZFQzZKV0dzS2pNM0JhSlZSaCtwdjhVU2xyV1NZPXw&cppv=2

Requested by

Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a6b1ef0d4ca430bf021cffe124e0d25fadaddbc963c026ac9d154c5f2762221c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 04 Mar 2021 07:42:25 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4862
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 04 Mar 2021 07:42:25 GMT
location: https://mug.criteo.com/sid?cpp=2Raq2nxtaXltdWhvVUs3am9vbTJBanF5YTVZZjVrMkVWdGMyNndQY2JaL29uY2FZYUl6Tk50MHlYVWFSc3dQckJOdXVaVHA5TDdlSVc0aWxGY2w3eENaV0M1RG5JTUhXT1o5YXAzSS9qb05UNUZEaGppNTBoaVQ2TW03R0p3a2dZVGNkcUNXalZEQWVhZlh0TmwzK3FBKzF4ZDNES3R4YmloMkVFcTlGMnZFeFlrKzdFNTh3SzUzakQ2dlRIdEdIVVdlak5vcldidGkxcjJMTzkwMnZFQzZKV0dzS2pNM0JhSlZSaCtwdjhVU2xyV1NZPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2848
content-length: 482
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
364 B 93ms
33ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://galatruc.net
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
142 B 130ms
42ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.27.0&cb=79663133991
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://galatruc.net
date: Thu, 04 Mar 2021 07:42:25 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 204
No Content prebid Show response
targeting.unrulymedia.com/ 0
269 B 191ms
50ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/prebid
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://galatruc.net
Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:26 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 1139ms
61ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://galatruc.net
date: Thu, 04 Mar 2021 07:00:13 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
213 B 108ms
27ms XHR
application/json 18.192.15.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=EzoicInc
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.15.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-15-110.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://galatruc.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
213 B 114ms
29ms XHR
application/json 18.192.15.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=EzoicInc
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.15.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-15-110.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://galatruc.net
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/215626/0/ 0
269 B 193ms
53ms XHR
text/plain 213.19.147.210
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/215626/0/mvo?z=1r&hbv=4.27,2.1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://galatruc.net
Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:26 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
711 B 117ms
39ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:25 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.68:80
AN-X-Request-Uuid: fba78f6c-98eb-4126-939f-b03769a0dd1d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://galatruc.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
446 B 179ms
162ms XHR
text/plain 2600:9000:20eb:2e00:1f:df94:f9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=4009&domain=galatruc.net
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2e00:1f:df94:f9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:25 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://galatruc.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
x-amz-cf-id: jng6oLVIy-wftgkGuqJZI4wxJPy_Xz43ZAPkACYc6RSatI5AYY3hhw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 c Show response
prebid.a-mo.net/a/ 773 B
758 B 360ms
134ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: f5935b7cf4ed800bb7de10fecc325a5e589e360b6b27875b18cfc8628137bcc1

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://galatruc.net
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 22
content-length: 331

GET
H2 200 ezosuigenerisc.js Show response
g.ezoic.net/ 0
77 B 44ms
43ms Script
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigenerisc.js?nogen=1
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
cache-control: max-age=300, private
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 edmonton.webp Show response
galatruc.net/detroitchicago/ 14 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/edmonton.webp?a=a&cb=192-2&shcb=34
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1374228
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AkmrqFfmbTTLwYlrnWaYE%2BC1EZFsAKWnMfaMf4XB1IIRGP8x%2FYZknGBLt3dfhlk%2FECtpRQv35xEqstsyYtdaETuM2E90KvVT4ljeO59Xf2Z4MALZTddmU8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 62a977c38ef24aa4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92e3100004aa47b0e7000000001
x-robots-tag: noindex

GET
H2 200 vitals.js Show response
galatruc.net/tardisrocinante/ 5 KB
2 KB 14ms
13ms Script
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/tardisrocinante/vitals.js?gcb=2&cb=3
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b4485584314aa0850427462143a6a28b66c982db28deb42766214fad7744c7

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2632830
cf-ray: 62a977c38ef44aa4-FRA
x-middleton-display: sol-js
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92e3100004aa45637d000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h1vZL3%2F12d1BR57By7WIdrQJ9R8rotV20yhIxFrgu4s%2FfAfknBqXIbOCaCiOSru6SxxHrXfg58gVkk4Fk0e9CKyvJrVX722GD0om3eLI33eLi35sNgYNZ3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 imp.gif Show response
galatruc.net/detroitchicago/ 43 B
355 B 211ms
211ms XHR
image/gif 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A2%2C%22ad_lazyload_version%22%3A5%2C%22ad_location_ids%22%3A%225%2C704%2C21%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A3%2C%22bidder_method%22%3A0%2C%22bidder_version%22%3A3%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A2%2C%22domain_id%22%3A197000%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22iab_category_1%22%3A%22623%22%2C%22iab_category_2%22%3A%22602%22%2C%22iab_category_3%22%3A%22239%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A30%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A0%2C%22page_ad_positions%22%3A%221100%2C1107%2C1113%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22a6e2ffb1-bed4-4e9e-7595-d67d5982b6d9%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A330484%2C%22response_time_orig%22%3A924%2C%22serverid%22%3A%223.123.128.39%3A2276%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221100%2C1107%2C1113%22%2C%22t_epoch%22%3A1614843743%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A4271%2C%22worst_bad_word_level%22%3A1%7D
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/rochester.js?gcb=192-2&cb=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:26 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BQyCCSc7s4N7iTPBnu2O67kBLYT%2FQ34vBYC8M7DZ%2F7L%2FVpKLZilufWBQhJpkY5s6B647MKS5QfmiKWYOC%2BIVJEgz26eRF%2F%2FxJ4nz4kkz8tEtW6dRPC42MVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 62a977c38efa4aa4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
cf-request-id: 089dc92e3400004aa49c873000000001

GET
H2 200 greenoaks.gif Show response
galatruc.net/detroitchicago/ 0
374 B 31ms
31ms XHR
text/plain 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhNmUyZmZiMS1iZWQ0LTRlOWUtNzU5NS1kNjdkNTk4MmI2ZDkiLCJkb21haW5faWQiOiIxOTcwMDAiLCJ0X2Vwb2NoIjoxNjE0ODQzNzQzLCJkYXRhIjpbeyJuYW1lIjoidW5pdmVyc2FsX3VzZXJfaWQiLCJ2YWwiOiI3MzNiYTI2OTQwNzU3NmU1ODBlZDYyMjM3Y2MyMDdjMiJ9XX1d
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 089dc92e3400004aa448bc4000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HUVaSS2YhwVLATbY6GHgVLVyCuahlC0VSmbfF8KmoaRR5z9uH0SB46%2BdqLG4gqWiBa0xCUX1PWHqXlA2Biqtqx%2BK35ILEfkDWnQdaIHjVKwUkPbDyxGIP7s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 62a977c38efc4aa4-FRA
expires: Wed, 03 Mar 2021 07:42:25 UTC

GET
H3-Q050 200 pubads_impl_2021022501.js Show response
securepubads.g.doubleclick.net/gpt/ 287 KB
101 KB 125ms
90ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 09:38:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103137
x-xss-protection: 0
expires: Thu, 04 Mar 2021 07:42:25 GMT

GET
H2 200 cl.gif
galatruc.net/detroitchicago/ 43 B
371 B 28ms
28ms Image
image/gif 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://galatruc.net/detroitchicago/cl.gif?pvID=a6e2ffb1-bed4-4e9e-7595-d67d5982b6d9&dID=197000
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V91fLwv39u2dk38toejAU8BUoia3BqlytXN5xGlXgKdq2PTiEHW8imEfhKE31BmB94y0ebRKWgy0yqTBcXwiiKrfO8oRF3lDvzmXghVPp20cDRWiAkE3TJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 62a977c39f174aa4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
cf-request-id: 089dc92e4200004aa459a0b000000001

GET
H2 200 nmash.js
galatruc.net/porpoiseant/ 33 KB
9 KB 14ms
14ms Other
application/javascript 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/porpoiseant/nmash.js?v=7
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 311a42892bf475bb07fdef468183033b4ed1279be748f72784859988fbd023c6

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 569214
cf-ray: 62a977c47ff34aa4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92ec700004aa47185c000000001
last-modified: Thu, 25 Feb 2021 06:16:23 GMT
server: cloudflare
etag: W/"8548-5bc23173e726e;5bbb86a0a74c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MW65KQANUY3zxJp7gDHVk6Md18h9bfbe9YrcEaN1p9FbZ87QTtUg6YvEYA3uC2rPQqZhxRoACpGW2oinGxyuxFaA%2BY6QPI1N8zERPGrSbaIZadm%2FOGu%2FFIc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 a11c12755f40b59e648eb801297b77fa
secure.gravatar.com/avatar/ 6 KB
6 KB 7ms
5ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/a11c12755f40b59e648eb801297b77fa?s=140&r=g
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 81d2b98d29a4bece076d8fb0474af2463074d0c1222b6d2524dfd83759821cfb

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 04 Mar 2021 07:42:25 GMT
last-modified: Fri, 29 May 2020 14:25:22 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="a11c12755f40b59e648eb801297b77fa.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/a11c12755f40b59e648eb801297b77fa?s=140&r=g>; rel="canonical"
content-length: 6233
expires: Thu, 04 Mar 2021 07:47:25 GMT

GET
H2 200 t%C3%A9l%C3%A9charger-KMSpico.jpg
i1.wp.com/galatruc.net/wp-content/uploads/2019/05/ 17 KB
17 KB 88ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/galatruc.net/wp-content/uploads/2019/05/t%C3%A9l%C3%A9charger-KMSpico.jpg?zoom=2&resize=780%2C470&ssl=1

Requested by

Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

04c6af34a85a13d0e98f2c7e82fb63c6f33f75baad74b2c4d84811c8117fa6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Thu, 04 Mar 2021 07:42:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 15:58:47 GMT
server: nginx
etag: "686c6f3c1b93673c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://galatruc.net/wp-content/uploads/2019/05/t%C3%A9l%C3%A9charger-KMSpico.jpg>; rel="canonical"
content-length: 17546
expires: Thu, 03 Nov 2022 03:58:47 GMT

GET
H2 200 T%C3%A9l%C3%A9charger-KMSAuto-Net.jpg
i1.wp.com/galatruc.net/wp-content/uploads/2019/10/ 8 KB
8 KB 102ms
46ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/galatruc.net/wp-content/uploads/2019/10/T%C3%A9l%C3%A9charger-KMSAuto-Net.jpg?zoom=2&resize=220%2C150&ssl=1

Requested by

Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9948141da5f826e38f4689775fa9f53dbeff8f8a9382d1a3453b1f046371b393

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Thu, 04 Mar 2021 07:42:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Mar 2021 12:00:38 GMT
server: nginx
etag: "f4a2c5d4731f0a85"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://galatruc.net/wp-content/uploads/2019/10/T%C3%A9l%C3%A9charger-KMSAuto-Net.jpg>; rel="canonical"
content-length: 8014
expires: Sat, 04 Mar 2023 00:00:38 GMT

GET
H2 200 telecharger-powerISO.jpg
i1.wp.com/galatruc.net/wp-content/uploads/2019/09/ 9 KB
9 KB 102ms
47ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/galatruc.net/wp-content/uploads/2019/09/telecharger-powerISO.jpg?zoom=2&resize=220%2C150&ssl=1

Requested by

Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

83ce2cd6856fb53d8860cd0baec5e922304afb951fde787903516844578c9e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 04 Mar 2021 07:42:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 10:26:00 GMT
server: nginx
etag: "2fa9a9fe08040969"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://galatruc.net/wp-content/uploads/2019/09/telecharger-powerISO.jpg>; rel="canonical"
content-length: 9108
expires: Thu, 02 Mar 2023 22:26:00 GMT

GET
H2 200 MyFlix-Avis.jpg
i0.wp.com/galatruc.net/wp-content/uploads/2021/03/ 3 KB
3 KB 85ms
31ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/galatruc.net/wp-content/uploads/2021/03/MyFlix-Avis.jpg?resize=220%2C150&ssl=1

Requested by

Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a98f74468356e62ff27e0f255ab19baf779125fd0c5486b811496254fe6e1aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 04 Mar 2021 07:42:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 12:40:11 GMT
server: nginx
etag: "7048f3179c1580c5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://galatruc.net/wp-content/uploads/2021/03/MyFlix-Avis.jpg>; rel="canonical"
content-length: 3268
expires: Thu, 02 Mar 2023 00:40:11 GMT

GET
H2 200 sites-de-streaming-gratuit.jpg
i2.wp.com/galatruc.net/wp-content/uploads/2019/03/ 18 KB
18 KB 94ms
35ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/galatruc.net/wp-content/uploads/2019/03/sites-de-streaming-gratuit.jpg?zoom=2&resize=220%2C150&ssl=1

Requested by

Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

35acd7b38c24a79874980170fdf434cdedefe052b4bac93210475c4cfb16ced1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Thu, 04 Mar 2021 07:42:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 13:45:51 GMT
server: nginx
etag: "9238db92ead7ff94"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://galatruc.net/wp-content/uploads/2019/03/sites-de-streaming-gratuit.jpg>; rel="canonical"
content-length: 18428
expires: Thu, 02 Mar 2023 01:45:51 GMT

GET
H2 200 T%C3%A9l%C3%A9charger-IDM-Gratuit.jpg
i0.wp.com/galatruc.net/wp-content/uploads/2019/02/ 9 KB
10 KB 82ms
28ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/galatruc.net/wp-content/uploads/2019/02/T%C3%A9l%C3%A9charger-IDM-Gratuit.jpg?zoom=2&resize=220%2C150&ssl=1

Requested by

Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

f4e950206d2c345e1ae00a17c799da2b806bd28e0379cfa0326d40d905e224d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Thu, 04 Mar 2021 07:42:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 18:58:20 GMT
server: nginx
etag: "b1cae09c7ae57b55"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://galatruc.net/wp-content/uploads/2019/02/T%C3%A9l%C3%A9charger-IDM-Gratuit.jpg>; rel="canonical"
content-length: 9422
expires: Thu, 23 Feb 2023 06:58:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113455433-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6908
date: Thu, 04 Mar 2021 05:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 04 Mar 2021 07:47:17 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 128ms
42ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1077
date: Thu, 04 Mar 2021 07:42:25 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 2 KB
627 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600&subset=latin&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9cb8dfc6a97a7b11b29ef7f41e1628b55ed219114d451e1560d72a71ba1a61b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 07:42:26 GMT
server: ESF
date: Thu, 04 Mar 2021 07:42:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Mar 2021 07:42:26 GMT

GET
H2 200 greenoaks.gif Show response
galatruc.net/detroitchicago/ 0
263 B 28ms
27ms XHR
text/plain 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhNmUyZmZiMS1iZWQ0LTRlOWUtNzU5NS1kNjdkNTk4MmI2ZDkiLCJkb21haW5faWQiOiIxOTcwMDAiLCJ0X2Vwb2NoIjoxNjE0ODQzNzQzLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTZlMmZmYjEtYmVkNC00ZTllLTc1OTUtZDY3ZDU5ODJiNmQ5IiwiZG9tYWluX2lkIjoiMTk3MDAwIiwidF9lcG9jaCI6MTYxNDg0Mzc0MywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDMtMDQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTYwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTZlMmZmYjEtYmVkNC00ZTllLTc1OTUtZDY3ZDU5ODJiNmQ5IiwiZG9tYWluX2lkIjoiMTk3MDAwIiwidF9lcG9jaCI6MTYxNDg0Mzc0MywiZGF0YSI6W3sibmFtZSI6Imxhbmd1YWdlX3RhZyIsInZhbCI6ImVuLVVTIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTZlMmZmYjEtYmVkNC00ZTllLTc1OTUtZDY3ZDU5ODJiNmQ5IiwiZG9tYWluX2lkIjoiMTk3MDAwIiwidF9lcG9jaCI6MTYxNDg0Mzc0MywiZGF0YSI6W3sibmFtZSI6Imxhbmd1YWdlX3ByaW1hcnlfc3VidGFnIiwidmFsIjoiZW4ifV19XQ==
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:26 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 089dc92f1f00004aa492b85000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NIbfwWxCr96Ev4lAj%2FKm9uO9oai2GHnHcgfFvHKjziDNLzYJp1l2JRVh2T48U9zTjOmEQHnQ583RQQ7qn0PPlBuI3A6uTDcps7QGScwZ2VnX%2FBu5OYjkVsE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 62a977c4f8c24aa4-FRA
expires: Wed, 03 Mar 2021 07:42:25 UTC

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
384 B 40ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1887342543&t=pageview&_s=1&dl=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&ul=en-us&de=UTF-8&dt=T%C3%A9l%C3%A9charger%20KMSPico%202021%20pour%20activer%20Office%202016%2C%202019%20et%20Windows%2010&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=772002878&gjid=1936845401&cid=1547898860.1614843746&tid=UA-113455433-2&_gid=1143510408.1614843746&_r=1&gtm=2ou2o0&z=997965765

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
799 B 60ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 42ms
29ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 461 B
731 B 59ms
58ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=24354714122539&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=iid2%3D108684%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C251%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dgalatruc_net-medrectangle-3-108684%26eb_br%3D78e9436ba8e29037bc31f94589331e0b%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D3%26shp%3D3%26br1%3D2500%26br2%3D1300%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C28%252C67%252C45%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D23%2C24%2C25%2C26&cookie_enabled=1&bc=31&abxe=1&lmt=1614843746&dt=1614843746162&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=450&adys=1379&adks=3586276774&ucis=1&ifi=1&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=770x250&msz=300x250&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=4&ohw=1600&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

43c810365ee6f066850b5eb95f297c8ade66657a3b48f912193c065d1d43b77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a7274220a39571815c8bde3aa4b978a1.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 46ms
14ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a7274220a39571815c8bde3aa4b978a1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 468 B
281 B 59ms
58ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=24354714122539&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-large-mobile-banner-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=iid1%3D83784%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D704%26al%3D1704%26compid%3D0%26tap%3Dgalatruc_net-large-mobile-banner-1-83784%26eb_br%3D116f73d8738ced0c5546d5313109581e%26eba%3D1%26ebss%3D10061%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26br1%3D5000%26br2%3D2500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D23%252C13%252C120%252C67%252C51%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D26&cookie_enabled=1&bc=31&abxe=1&lmt=1614843746&dt=1614843746169&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=600&adks=183383822&ucis=2&ifi=2&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=516&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

c45a962c168c3cef73e91df9c2bfe01d24fd4854d146ceed8bbf1bd3ec3a4e69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 460 B
283 B 61ms
61ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=24354714122539&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&prev_scp=iid1%3D90984%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dgalatruc_net-medrectangle-2-90984%26eb_br%3Dbfa042bdb1583c959161b7823290dc1f%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D3%26shp%3D1%26br1%3D1300%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D82%252C25%252C176%252C67%252C51%252C122%252C89%252C20%252C26%252C188%252C143%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26&cookie_enabled=1&bc=31&abxe=1&lmt=1614843746&dt=1614843746171&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1104&adks=1521088379&ucis=3&ifi=3&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ac14f5b2fbf5a1ad9cca12e66bb6f45e69029b00124a3f17a867dfcfa333dd3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://galatruc.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 20:23:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:51 GMT
server: sffe
age: 559149
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
expires: Fri, 25 Feb 2022 20:23:17 GMT

GET
H2 200 greenoaks.gif Show response
galatruc.net/detroitchicago/ 0
377 B 29ms
28ms XHR
text/plain 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhNmUyZmZiMS1iZWQ0LTRlOWUtNzU5NS1kNjdkNTk4MmI2ZDkiLCJkb21haW5faWQiOiIxOTcwMDAiLCJ0X2Vwb2NoIjoxNjE0ODQzNzQzLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjE1NjMifV19XQ==
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:26 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 089dc92fc800004aa451160000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lXVTijUHtrGqx51QGmflwEu8%2B%2FgrWoDtDtk%2FS6ov7aKPqF41TcNSRnPDqly8dlAtoNe5PGsqIQC3N1%2BWdUI0fXWuWqVWcSxqYwCYReuD8PNDUaT%2F789cKlY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 62a977c60a564aa4-FRA
expires: Wed, 03 Mar 2021 07:42:26 UTC

GET
H2 200 dark-bottom.css
galatruc.net/ezoic/styles/ 3 KB
1 KB 12ms
12ms Stylesheet
text/css 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/ezoic/styles/dark-bottom.css
Requested by: Host: galatruc.net
URL: https://galatruc.net/ezoic/cookieconsent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5170095
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089dc92fce00004aa4a3922000000001
last-modified: Wed, 23 Dec 2020 02:13:32 GMT
server: cloudflare
etag: W/"bd7-5b7183ce08b00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sHg%2BWNniHz14Z%2BgQqGCf4Kc0YT1Ms9MMeulsG3P%2F5S1%2FlO12s602YGHgPUuN%2FkJX0s1Y9746XAcAaj7FH84Ll1rKk6Q80F9L1CZrGh8Q6yET%2B07n9I9LrWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 62a977c61a644aa4-FRA

GET
H2 200 greenoaks.gif Show response
galatruc.net/detroitchicago/ 0
264 B 30ms
28ms XHR
text/plain 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhNmUyZmZiMS1iZWQ0LTRlOWUtNzU5NS1kNjdkNTk4MmI2ZDkiLCJkb21haW5faWQiOiIxOTcwMDAiLCJ0X2Vwb2NoIjoxNjE0ODQzNzQzLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImE2ZTJmZmIxLWJlZDQtNGU5ZS03NTk1LWQ2N2Q1OTgyYjZkOSIsImRvbWFpbl9pZCI6IjE5NzAwMCIsInRfZXBvY2giOjE2MTQ4NDM3NDMsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjM2In0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIxNDI3In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIxNiJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIxMDc5In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMTA4NiJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxNTU5In1dfV0=
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:26 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 089dc92fd000004aa4c1a32000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bc%2FLMEszAkPK9m2qf8p1gxoSvlyJ53ZuTuxFtl4182FKcmQ0g%2BeU%2BWu4CpCJgeCPOuFCADSetEJ5WvYi121F0fJrZLw41K7zjB5HgSjiWoRjMFlM5QsCeSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 62a977c61a6a4aa4-FRA
expires: Wed, 03 Mar 2021 07:42:26 UTC

GET
H2 200 greenoaks.gif Show response
galatruc.net/detroitchicago/ 0
329 B 31ms
30ms XHR
text/plain 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhNmUyZmZiMS1iZWQ0LTRlOWUtNzU5NS1kNjdkNTk4MmI2ZDkiLCJkb21haW5faWQiOiIxOTcwMDAiLCJ0X2Vwb2NoIjoxNjE0ODQzNzQzLCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiIxOTQ5In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTZlMmZmYjEtYmVkNC00ZTllLTc1OTUtZDY3ZDU5ODJiNmQ5IiwiZG9tYWluX2lkIjoiMTk3MDAwIiwidF9lcG9jaCI6MTYxNDg0Mzc0MywiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiIxOTQ5In1dfV0=
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:26 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 089dc92fd000004aa4b2a82000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gjyybCr9G5JWyRy%2FLn8g8yoyOIKE8dbWKXi7A8h1NSnrebEUbKLEOUBuN6P99cza1CP9rtY2xSwuzMq5B1kaVjznWu5%2FYI02U%2FFSTCAAUC8%2BdQbxGn3LO9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 62a977c61a6c4aa4-FRA
expires: Wed, 03 Mar 2021 07:42:26 UTC

GET
H2 200 greenoaks.gif Show response
galatruc.net/detroitchicago/ 0
270 B 29ms
29ms XHR
text/plain 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhNmUyZmZiMS1iZWQ0LTRlOWUtNzU5NS1kNjdkNTk4MmI2ZDkiLCJkb21haW5faWQiOiIxOTcwMDAiLCJ0X2Vwb2NoIjoxNjE0ODQzNzQzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYTZlMmZmYjEtYmVkNC00ZTllLTc1OTUtZDY3ZDU5ODJiNmQ5IiwiZG9tYWluX2lkIjoiMTk3MDAwIiwidF9lcG9jaCI6MTYxNDg0Mzc0MywiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImE2ZTJmZmIxLWJlZDQtNGU5ZS03NTk1LWQ2N2Q1OTgyYjZkOSIsImRvbWFpbl9pZCI6IjE5NzAwMCIsInRfZXBvY2giOjE2MTQ4NDM3NDMsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19XQ==
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:26 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 089dc92fd100004aa489281000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3%2BvF86mNuvx4XIKxB2Ug8XtOv9kdor%2BEbFwgxn1S1JRyGeUGUyyU1%2BEG0Ehky0CEKemozBeWv476i8zX%2Bcsy4SMRhi%2BNRqk8goJk1ksd2OiQME%2BtTpE5%2FE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 62a977c61a6d4aa4-FRA
expires: Wed, 03 Mar 2021 07:42:26 UTC

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
18ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8119f5b98c2e7d787ec00928d568d6ff79efdb15908388d0407b67755eb7243a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6502
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 04 Mar 2021 07:42:26 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 76DC 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://galatruc.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://galatruc.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 03 Mar 2021 23:45:07 GMT
expires: Thu, 03 Mar 2022 23:45:07 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 28639
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js Show response
pagead2.googlesyndication.com/bg/ Frame 76DC 14 KB
6 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 19:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 215387
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5643
x-xss-protection: 0
expires: Tue, 01 Mar 2022 19:52:39 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 40ms
40ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=1967301583074914&bg=!zs2lzY7NAAWsVXnBrDsAKQB2-DxaAGHmH6rUVSCgrhjVE98J2xbMsDhEnC-CcndSViVDqzdGy32BAgAAAF1SAAAACmgBBwoA4cUviE5HFxEcAAo_AJJIMUehAxtFAR9bb7EhJ-n5Q44g-gf937r2u7PSUo1KdGJMavEyDJsvRXgQa19AxnteVvyFtfCqbO1nJHQTjB9GzJE-y0-sT7k2i5dQPhqmszwk5KBhi9zTfMoU8C1CuZ1p6U_tA8-qkhcTRITUNz9QajxxO40vLQoV8t-zMWn-Fldmcv0znA6yxjVLBAWFU5d2Gz7J9dWkDteVRyIYHZ6Egp6bPuK2OE0NX84gpHXgkSGCxwZ9NlM8wWpx6BCYokOu0el-Se0iI4HzlBtoVZqT0hzeKJkBxiT9PFWpj6jzm1cRkw9IO67NlpiJL7CSy-bWdrPTuw0UtTqm90IqtmpSXVjMB56dQwH6NuaGNDS7HJARWnqq4XG-VWkjvqVFH89yI1TJBp1tVETkNSxcHZLmnP05V_tO3ctUpYQtihpcx5Uw_Ki--OMPHJsYIQqlZJP3tL51-OMwPQJIXgYy6axetXDCa9yXGbzGfH29E5pNg28M86r1TLqA0az4-O4tXZe6kBMbLUV3SpitcIjbKS3o7IQYiivwFbRcc16V843tteXam9lkvyElhdGXNH2WJm6epBAUK-367OSKN0Me0fyTPPqQ3R1eLUsfuiwpxFljGUKaw-xX1oh8A4b_A9XscY4ZqWZnlslH9F1fuCds4PSyFUBOqMMEds6SNNIFXnqe71kq27CASDCb3oOowW_GGHEZ8rrC00ifgcrRGJtJUP8qe1yOg4bQei3ITgSud9w7UAlUSU-EiYRouwv_ynauTK1TprOcqwCntylm5kj71jPTsyptDlVNJSq4D_0clTS2VIyMNQ44d9PIbOf8ea_ZoBhCdHFVoRcSnhpgGL-nljrKxGatQ5v2EsHpCbpC1PulqRcJXi7fc3_-7DQmbbo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 68ms
23ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:28 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 05 Mar 2021 07:42:28 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1890 0
150 B 22ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=galatruc.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=galatruc.net
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://galatruc.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://galatruc.net/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1670
date: Thu, 04 Mar 2021 07:42:28 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 83ms
41ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:28 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 05 Mar 2021 07:42:28 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
777 B 42ms
28ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 15ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 443 B
411 B 65ms
65ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=4253542265620488&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=3&rcs=1&prev_scp=iid1%3D90984%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dgalatruc_net-medrectangle-2-90984%26eb_br%3D5bac35e1a3b6adc56da706000a645484%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D3%26shp%3D1%26br1%3D650%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D82%252C25%252C176%252C67%252C51%252C122%252C89%252C20%252C26%252C188%252C143%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%26lb%3D1300%26reqt%3D1614843749558&eri=1&cookie=ID%3D75c0850b67f9d1f2-22db6034adba0036%3AT%3D1614843746%3AS%3DALNI_MZ-PK1CV4LF-x4oNwrMRGU8J9N6lQ&bc=31&abxe=1&lmt=1614843749&dt=1614843749562&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1104&adks=1521088379&ucis=4&ifi=4&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

26f2750ed674b420ea3bd51e2c1ea10c37fabd546eaf763c4a1f626c7a6f4c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 451 B
519 B 59ms
59ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=4247930100605410&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-large-mobile-banner-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ris=3&rcs=1&prev_scp=iid1%3D83784%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D704%26al%3D1704%26compid%3D0%26tap%3Dgalatruc_net-large-mobile-banner-1-83784%26eb_br%3D92831edb305b955e915a7cc2288d5df6%26eba%3D1%26ebss%3D10061%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26br1%3D3000%26br2%3D2500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D23%252C13%252C120%252C67%252C51%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D26%2C24%2C25%26lb%3D5000%26reqt%3D1614843749563&eri=1&cookie=ID%3D75c0850b67f9d1f2-22db6034adba0036%3AT%3D1614843746%3AS%3DALNI_MZ-PK1CV4LF-x4oNwrMRGU8J9N6lQ&bc=31&abxe=1&lmt=1614843749&dt=1614843749566&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=600&adks=183383822&ucis=5&ifi=5&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=516&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

80a89eec55c32db286ebe2619cd758a15a093a24955dfc43f1e472684b4f14f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 444 B
406 B 63ms
63ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=3132085634564607&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=iid2%3D108684%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C251%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dgalatruc_net-medrectangle-3-108684%26eb_br%3Dbfa042bdb1583c959161b7823290dc1f%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D3%26shp%3D3%26br1%3D1300%26br2%3D1300%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C28%252C67%252C45%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D23%2C24%2C25%2C26%2C21%2C22%26lb%3D2500%26reqt%3D1614843749568&eri=1&cookie=ID%3D75c0850b67f9d1f2-22db6034adba0036%3AT%3D1614843746%3AS%3DALNI_MZ-PK1CV4LF-x4oNwrMRGU8J9N6lQ&bc=31&abxe=1&lmt=1614843749&dt=1614843749570&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=450&adys=1379&adks=3586276774&ucis=6&ifi=6&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=770x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=4&ohw=1600&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

d14f83ccbb906ede803880742d870b9968160e7f25a07c54042419aeebe7fe3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 346 B
1 KB 111ms
28ms XHR
application/json 54.36.109.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.166 , France, ASN16276 (OVH, FR),

Reverse DNS

p10.id5-sync.com

Software

Resource Hash

620a73d276d037cbfb44be8c5c0c380562a0af7323a5a8a7fe23e3a25ae68496

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 04 Mar 2021 07:42:29 GMT
Vary: Origin
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://galatruc.net
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame F908 2 KB
818 B 32ms
31ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1614843746001

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1614843746001
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://galatruc.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://galatruc.net/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2BBB 37 KB
14 KB 112ms
48ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://galatruc.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://galatruc.net/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=94737
Expires: Fri, 05 Mar 2021 10:01:27 GMT
Date: Thu, 04 Mar 2021 07:42:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 third-party-iframes.html Show response
video.unrulymedia.com/iframes/ Frame E2C0 466 B
871 B 91ms
27ms Document
text/html 143.204.93.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/iframes/third-party-iframes.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-227.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 699dcdd5e20616716ea3f388fe831cf471d9b10517d57207ac6b4b206e2ff2ee

Request headers

:method: GET
:authority: video.unrulymedia.com
:scheme: https
:path: /iframes/third-party-iframes.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://galatruc.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://galatruc.net/

Response headers

content-type: text/html
content-length: 466
last-modified: Wed, 24 Feb 2021 12:46:40 GMT
x-amz-expiration: expiry-date="Thu, 24 Feb 2028 00:00:00 GMT", rule-id="Delete after 7 years"
accept-ranges: bytes
server: AmazonS3
date: Thu, 04 Mar 2021 07:36:46 GMT
cache-control: max-age=600
etag: "bb4c2378ae6939428f41a36e7b04cc6e"
x-cache: Hit from cloudfront
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 5F0qxDxCsycczWTV5IEsjut0XDlspoV0Lig7clE1VG2MI0b-TeyVtA==
age: 345

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame 2B93 5 KB
2 KB 43ms
6ms Document
text/html 2600:9000:214f:ac00:1f:2473:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ac00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046

Request headers

:method: GET
:authority: cdn.undertone.com
:scheme: https
:path: /js/usersync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://galatruc.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://galatruc.net/

Response headers

content-type: text/html
date: Wed, 03 Mar 2021 21:12:17 GMT
last-modified: Wed, 16 Dec 2020 12:35:23 GMT
etag: W/"8ee422394c26ec0371c4676b43dd838d"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: QjpMBgQrCZx7V3YUlLI2CFbj3N0QzvO8FuSCAr3Hqo6CdziTplILZg==
age: 37814

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 24D9 52 KB
17 KB 88ms
33ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,criteo,oftmedia,oneVideo,onemobile,onetag,pubmatic,rhythmone,undertone,unruly&cb=192-2-11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://galatruc.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://galatruc.net/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 24 Feb 2021 05:50:24 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 04 Mar 2021 07:42:30 GMT
Age: 6709
X-Served-By: cache-lga21983-LGA, cache-hhn4031-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 104019
X-Timer: S1614843750.054348,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8A1C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

291 B
559 B

117ms
41ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cdn.undertone.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cdn.undertone.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 Mar 2021 07:42:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=12776
Date: Thu, 04 Mar 2021 07:42:30 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 2B93 43 B
694 B 40ms
38ms Image
image/gif 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid: ea5ec83c-dd7e-4a8e-af2f-51952494a0b8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 2B93
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=10dd4628-addd-4891-adaa-4c1929d5446c

0
308 B

801ms
189ms

Image
text/plain

52.8.165.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=10dd4628-addd-4891-adaa-4c1929d5446c
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.165.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-165-105.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=10dd4628-addd-4891-adaa-4c1929d5446c
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 2B93
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP2c6f0afa-7cbd-11eb-b21c-028514db8b5a
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP2c6f0afa-7cbd-11eb-b21c-028514db8b5a&verify=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-IrH8oaV1l2Y7Tr1la5TIlfqeGNR1A6r7~UP2c6f0afa-7cbd-11eb-b21c-028514db8b5a

0
345 B

752ms
189ms

Image
text/plain

52.8.165.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-IrH8oaV1l2Y7Tr1la5TIlfqeGNR1A6r7~UP2c6f0afa-7cbd-11eb-b21c-028514db8b5a
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.165.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-165-105.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Thu, 04 Mar 2021 07:42:30 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-IrH8oaV1l2Y7Tr1la5TIlfqeGNR1A6r7~UP2c6f0afa-7cbd-11eb-b21c-028514db8b5a
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 2B93
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=41b7c0a5-6c7c-4aca-83ba-700539a51e98&ttl=1617435750

0
308 B

756ms
195ms

Image
text/plain

52.8.165.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=41b7c0a5-6c7c-4aca-83ba-700539a51e98&ttl=1617435750
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.165.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-165-105.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=41b7c0a5-6c7c-4aca-83ba-700539a51e98&ttl=1617435750
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 247

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 2B93
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=12776
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLUK9W5C-16-6TET

0
288 B

794ms
189ms

Image
text/plain

52.8.165.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLUK9W5C-16-6TET
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.165.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-165-105.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLUK9W5C-16-6TET
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 2B93
Redirect Chain

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451

0
312 B

760ms
189ms

Image
text/plain

52.8.165.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.165.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-165-105.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Location: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=0c71ed9c9c68ee4f9bd9c101ca551552239b6451
Date: Thu, 04 Mar 2021 07:42:30 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
146 B 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 342 B
205 B 59ms
59ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=1275190327850665&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=1&rcs=2&prev_scp=iid1%3D90984%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dgalatruc_net-medrectangle-2-90984%26eb_br%3D8de2c8ca79e8623e3cb37120a35ebaa2%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D3%26shp%3D1%26br1%3D240%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D82%252C25%252C176%252C67%252C51%252C122%252C89%252C20%252C26%252C188%252C143%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%26lb%3D650%26reqt%3D1614843750063&eri=1&cookie=ID%3D75c0850b67f9d1f2%3AT%3D1614843746%3AS%3DALNI_Ma1x12JimCw0wf1RNLP-cjrV2f3WA&bc=31&abxe=1&lmt=1614843750&dt=1614843750067&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1104&adks=1521088379&ucis=7&ifi=7&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f4432a9b54eda7e104711d3e6604e865d00c0e708bc7c8a8dfd48335f8530c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 350 B
181 B 59ms
58ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=771820249428579&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-large-mobile-banner-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ris=1&rcs=2&prev_scp=iid1%3D83784%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D704%26al%3D1704%26compid%3D0%26tap%3Dgalatruc_net-large-mobile-banner-1-83784%26eb_br%3Db2ac58e6c0c84fc65f344f47dd85768b%26eba%3D1%26ebss%3D10061%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26br1%3D2100%26br2%3D2500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D23%252C13%252C120%252C67%252C51%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D26%2C24%2C25%2C22%2C23%2C24%2C25%26lb%3D3000%26reqt%3D1614843750073&eri=1&cookie=ID%3D75c0850b67f9d1f2%3AT%3D1614843746%3AS%3DALNI_Ma1x12JimCw0wf1RNLP-cjrV2f3WA&bc=31&abxe=1&lmt=1614843750&dt=1614843750075&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=600&adks=183383822&ucis=8&ifi=8&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=516&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

667f7109c30ce4f64be82c808a04808cdddfe8bdc7b78ce544773574e0ea9f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 et_v1.0.1702-0-gdfedf7a.js Show response
video.unrulymedia.com/native/ Frame E2C0 2 KB
2 KB 35ms
33ms Script
application/javascript 143.204.93.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/et_v1.0.1702-0-gdfedf7a.js
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-227.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78cfaebbc55f09bc3db75df5bf14a37e1443070618791517d01774c3cafc779a

Request headers

Origin: https://video.unrulymedia.com
Referer: https://video.unrulymedia.com/iframes/third-party-iframes.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:46:41 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 672950
x-cache: Hit from cloudfront
access-control-allow-origin: https://video.unrulymedia.com
x-amz-expiration: expiry-date="Thu, 24 Feb 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 24 Feb 2021 12:46:28 GMT
server: AmazonS3
etag: W/"3e7efa9a74b7a21355478293abca07f2"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZLHhj4N8fIHujqpWTV9gyXiYf9sf2pAzP7znju_e147iHqiPtFO8WA==

GET
H2 200 third-party-iframes-bd5d68423172f1b8a468.js Show response
video.unrulymedia.com/native/third-party-iframes/ Frame E2C0 8 KB
4 KB 35ms
33ms Script
application/javascript 143.204.93.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bd5d68423172f1b8a468.js
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/iframes/third-party-iframes.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-227.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d344775f69bbcaf4154206ac0b4acbd87214025a5f5e3c0919890bfa4867d675

Request headers

Origin: https://video.unrulymedia.com
Referer: https://video.unrulymedia.com/iframes/third-party-iframes.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:46:41 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 672950
x-cache: Hit from cloudfront
access-control-allow-origin: https://video.unrulymedia.com
x-amz-expiration: expiry-date="Thu, 24 Feb 2028 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 24 Feb 2021 12:46:39 GMT
server: AmazonS3
etag: W/"f320bb5d6d947b6adb02140b7ef0fd67"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BJxCkiOaiFYGMCFE6ypMJCrpMkTBDtrIkJWScVbYCbYxSg0ypBb0wg==

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 24D9
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
820 B

41ms
41ms

Script
text/html

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.38:80
AN-X-Request-Uuid: 58c20a48-0420-4f27-89d3-69ccfb87b9a8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.244:80
AN-X-Request-Uuid: d685de5d-7791-44f9-a50d-af8976035dba
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
123 B 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
123 B 17ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 343 B
180 B 58ms
58ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=2941475221490398&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=2&prev_scp=iid2%3D108684%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C251%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dgalatruc_net-medrectangle-3-108684%26eb_br%3D5f2b94bb26a5aa9b1a00e66d30cfd5ec%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D3%26shp%3D3%26br1%3D500%26br2%3D1300%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C28%252C67%252C45%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D23%2C24%2C25%2C26%2C21%2C22%2C21%2C22%26lb%3D1300%26reqt%3D1614843750094&eri=1&cookie=ID%3D75c0850b67f9d1f2%3AT%3D1614843746%3AS%3DALNI_Ma1x12JimCw0wf1RNLP-cjrV2f3WA&bc=31&abxe=1&lmt=1614843750&dt=1614843750097&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=450&adys=1379&adks=3586276774&ucis=9&ifi=9&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=770x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=4&ohw=1600&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

6114293ad5f5aeecfab463a257a49d694a82ed3790279f448dc58ff0d678d318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2BBB 8 KB
9 KB 162ms
41ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19526313&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ab47f6ba21f29a52a101572d12fa2bac87a1e7b70e157aba59a42d55d5dfc7d0

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:42:28 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK checkp Show response
usermatch.targeting.unrulymedia.com/usermatch/all/ Frame E2C0 98 B
246 B 183ms
45ms Script
text/javascript 213.19.147.151
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/usermatch/all/checkp?callback=checkpCallback
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/third-party-iframes/third-party-iframes-bd5d68423172f1b8a468.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.147.151 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: d0159c2d617449a2505e5df7f713252910f2e3a81784c415c577976f45cf17a5

Request headers

Referer: https://video.unrulymedia.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:42:30 GMT
Server: Tengine
Connection: keep-alive
Content-Length: 98
Content-Type: text/javascript

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 352F 43 B
284 B 127ms
42ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19526313&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Thu, 04 Mar 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1165
date: Thu, 04 Mar 2021 07:42:29 GMT
content-length: 43

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 5DD5
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=876621298304288530

42 B
768 B

55ms
39ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=876621298304288530
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19526313&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=C29576F0-6E68-4320-A37B-0BD8116E2FBB; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1617408000%3A203%7C1615420800%3A15_67_223_2%7C1615680000%3A63%7C1616112000%3A35%7C1616025600%3A204_78_166_56_21_71_22_220_165_55_88_176_81_7_8_222_5_13_54_99_3_189_161
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Thu, 04 Mar 2021 07:42:30 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_336=5844-876621298304288530; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 07:42:30 GMT; path=/ PugT=1614843750; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 07:42:30 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 07:42:30 GMT; path=/
X-lat: lhrpug010:0:477
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=876621298304288530
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame A391
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDcmxrN0FnUjhBQUJFVmtEWFFvZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACrlk7AgR8AABEVkDXQog&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACrlk7AgR8AABEVkDXQog&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACrlk7AgR8AABEVkDXQog&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6754046255932460792
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACrlk7AgR8AABEVkDXQog

42 B
773 B

40ms
40ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACrlk7AgR8AABEVkDXQog
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19526313&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=C29576F0-6E68-4320-A37B-0BD8116E2FBB; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1617408000%3A203%7C1615420800%3A15_67_223_2%7C1615680000%3A63%7C1616112000%3A35%7C1616025600%3A204_78_166_56_21_71_22_220_165_55_88_176_81_7_8_222_5_13_54_99_3_189_161; KRTBCOOKIE_409=22966-uc43nBlBPLQHCbjHe2NiWafO&KRTB&23212-uc43nBlBPLQHCbjHe2NiWafO; PUBMDCID=3; KRTBCOOKIE_336=5844-876621298304288530; KRTBCOOKIE_57=22776-1022542375022904365; KRTBCOOKIE_80=16514-CAESEDizVoz1ESCmd5kW2V3tt4g&KRTB&22987-CAESEDizVoz1ESCmd5kW2V3tt4g&KRTB&23025-CAESEDizVoz1ESCmd5kW2V3tt4g; KRTBCOOKIE_153=19420-94nONPnfzDLsgZw0-Y7XYKWByWHsjZ5moI33Vm5T&KRTB&22979-94nONPnfzDLsgZw0-Y7XYKWByWHsjZ5moI33Vm5T; KRTBCOOKIE_188=3189-a4de5b90-bc8d-450c-b7a7-bb937d0d3d4d-60408f66-4348; PugT=1614843749
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Thu, 04 Mar 2021 07:42:30 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_699=22727-AACrlk7AgR8AABEVkDXQog; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 07:42:30 GMT; path=/ PugT=1614843750; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 07:42:30 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 07:42:30 GMT; path=/
X-lat: lhrpug008:0:502
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Date: Thu, 04 Mar 2021 07:42:30 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACrlk7AgR8AABEVkDXQog
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame B7E3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6935701094408124565

42 B
975 B

1136ms
40ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6935701094408124565
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19526313&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=C29576F0-6E68-4320-A37B-0BD8116E2FBB; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1617408000%3A203%7C1615420800%3A15_67_223_2%7C1615680000%3A63%7C1616112000%3A35%7C1616025600%3A204_78_166_56_21_71_22_220_165_55_88_176_81_7_8_222_5_13_54_99_3_189_161
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 04 Mar 2021 07:42:30 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie: KRTBCOOKIE_1101=23040-6935701094408124565; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 07:42:30 GMT; path=/ PugT=1614843750; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 07:42:30 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 07:42:30 GMT; path=/
X-lat: Pug23049:0:324
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close
Content-Type: image/gif; charset=utf-8

Redirect headers

Server: nginx
Date: Thu, 04 Mar 2021 07:42:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6935701094408124565; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6935701094408124565

GET
H/1.1

200
OK

Cookie set Pug Show response
image2.pubmatic.com/AdServer/ Frame 02B0
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uc43nBlBPLQHCbjHe2NiWafO

42 B
1015 B

92ms
40ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uc43nBlBPLQHCbjHe2NiWafO
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19526313&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: image2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=C29576F0-6E68-4320-A37B-0BD8116E2FBB; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1617408000%3A203%7C1615420800%3A15_67_223_2%7C1615680000%3A63%7C1616112000%3A35%7C1616025600%3A204_78_166_56_21_71_22_220_165_55_88_176_81_7_8_222_5_13_54_99_3_189_161
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 04 Mar 2021 07:42:29 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Set-Cookie: KRTBCOOKIE_409=22966-uc43nBlBPLQHCbjHe2NiWafO&KRTB&23212-uc43nBlBPLQHCbjHe2NiWafO; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 07:42:29 GMT; path=/ PugT=1614843749; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 07:42:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 07:42:29 GMT; path=/
X-lat: Pug23039:0:438
Content-Length: 42
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Pragma: no-cache
X-Cnection: close
Content-Type: image/gif; charset=utf-8

Redirect headers

server: openresty
date: Thu, 04 Mar 2021 07:42:30 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=uc43nBlBPLQHCbjHe2NiWafO; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=uc43nBlBPLQHCbjHe2NiWafO
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame EBA3
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT

42 B
775 B

1023ms
40ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19526313&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=C29576F0-6E68-4320-A37B-0BD8116E2FBB; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1617408000%3A203%7C1615420800%3A15_67_223_2%7C1615680000%3A63%7C1616112000%3A35%7C1616025600%3A204_78_166_56_21_71_22_220_165_55_88_176_81_7_8_222_5_13_54_99_3_189_161; KRTBCOOKIE_409=22966-uc43nBlBPLQHCbjHe2NiWafO&KRTB&23212-uc43nBlBPLQHCbjHe2NiWafO; PugT=1614843749; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Thu, 04 Mar 2021 07:42:31 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 07:42:31 GMT; path=/ PugT=1614843751; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 07:42:31 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 07:42:31 GMT; path=/
X-lat: lhrpug001:0:341
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: Tengine
Date: Thu, 04 Mar 2021 07:42:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
ETag: OPTOUT

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame ECB3 43 B
408 B 125ms
40ms Document
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19526313&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 04 Mar 2021 07:42:30 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-2
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 390B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
439 B

168ms
167ms

Document
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19526313&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aDnoeUrwZayqQXwrURWADpJVEZb70SuDoU1CRTVZaQx
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=d76dc1e9efae2b80b036ada8041eec79e1614843750; expires=Sat, 03-Apr-21 07:42:30 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aknseFtlix88qyTAZbCaMIxEHvB0iLdAumIvtjbMGeAuFbbMRbQ2MsYrvAMMDh8ZbWpQLJnwMZaxGVMr7ty1roo; path=/; domain=.tribalfusion.com; expires=Wed, 02-Jun-2021 07:42:30 GMT; SameSite=None; Secure; ANON_ID_old=aknseFtlix88qyTAZbCaMIxEHvB0iLdAumIvtjbMGeAuFbbMRbQ2MsYrvAMMDh8ZbWpQLJnwMZaxGVMr7ty1roo; path=/; domain=.tribalfusion.com; expires=Wed, 02-Jun-2021 07:42:30 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 089dc9404800003244b3ac7000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 62a977e078d73244-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 04 Mar 2021 07:42:30 GMT
content-type: text/html
set-cookie: __cfduid=d76dc1e9efae2b80b036ada8041eec79e1614843750; expires=Sat, 03-Apr-21 07:42:30 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aDnoeUrwZayqQXwrURWADpJVEZb70SuDoU1CRTVZaQx; path=/; domain=.tribalfusion.com; expires=Wed, 02-Jun-2021 07:42:30 GMT; SameSite=None; Secure; ANON_ID_old=aDnoeUrwZayqQXwrURWADpJVEZb70SuDoU1CRTVZaQx; path=/; domain=.tribalfusion.com; expires=Wed, 02-Jun-2021 07:42:30 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 1026
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 089dc93f9a00003244b3ac2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 62a977df5fd33244-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7D63
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=cncsZCD5G2rN&pid=557219

1 B
463 B

928ms
40ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=cncsZCD5G2rN&pid=557219
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19526313&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KTPCACOOKIE=YES; pi=156983:2; KADUSERCOOKIE=C29576F0-6E68-4320-A37B-0BD8116E2FBB; chkChromeAb67Sec=1; DPSync3=1616025600%3A201_227_226_221; SyncRTB3=1617408000%3A203%7C1615420800%3A15_67_223_2%7C1615680000%3A63%7C1616112000%3A35%7C1616025600%3A204_78_166_56_21_71_22_220_165_55_88_176_81_7_8_222_5_13_54_99_3_189_161; KRTBCOOKIE_409=22966-uc43nBlBPLQHCbjHe2NiWafO&KRTB&23212-uc43nBlBPLQHCbjHe2NiWafO; PUBMDCID=3; KRTBCOOKIE_336=5844-876621298304288530; PugT=1614843750; KRTBCOOKIE_57=22776-1022542375022904365
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Thu, 04 Mar 2021 07:42:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 07:42:31 GMT; path=/
X-lat: lhrpug003:0:412
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-568ff9c7d-5d796
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: V=cncsZCD5G2rN;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 27-Feb-2022 07:42:30 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=ed56fde9c3534b2b; path=/; HttpOnly; Secure; SameSite=None
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=cncsZCD5G2rN&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 8EE8
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c5557433-167e-44af-a0ee-732a7a75feff-tuct73a14e6&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

37ms
35ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c5557433-167e-44af-a0ee-732a7a75feff-tuct73a14e6&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19526313&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c5557433-167e-44af-a0ee-732a7a75feff-tuct73a14e6&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=c5557433-167e-44af-a0ee-732a7a75feff-tuct73a14e6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Thu, 04 Mar 2021 07:42:30 GMT
via: 1.1 varnish
x-served-by: cache-hhn11538-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1614843750.441269,VS0,VE9
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=c5557433-167e-44af-a0ee-732a7a75feff-tuct73a14e6;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 04-Mar-2022 07:42:30 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=c5557433-167e-44af-a0ee-732a7a75feff-tuct73a14e6&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Thu, 04 Mar 2021 07:42:30 GMT
via: 1.1 varnish
x-served-by: cache-hhn11538-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1614843750.358289,VS0,VE54
x-vcl-time-ms: 54
content-length: 0

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame A2CB
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:zufENYmh1LhICX5&gdpr=0&gdpr_consent=

42 B
769 B

94ms
40ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:zufENYmh1LhICX5&gdpr=0&gdpr_consent=
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19526313&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_699=22727-AACrlk7AgR8AABEVkDXQog; PugT=1614843750; PUBMDCID=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Thu, 04 Mar 2021 07:42:31 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_107=1471-uid:zufENYmh1LhICX5; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 07:42:31 GMT; path=/ PugT=1614843751; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Apr-2021 07:42:31 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 02-Jun-2021 07:42:31 GMT; path=/
X-lat: lhrpug002:0:474
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Thu, 04 Mar 2021 07:42:30 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:zufENYmh1LhICX5&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0ae06fec161a2bbf2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=zufENYmh1LhICX5; Domain=.w55c.net; Expires=Mon, 04-Apr-2022 07:42:31 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sat, 03-Apr-2021 07:42:31 GMT; Path=/; SameSite=None; Secure
Content-Length: 0
Connection: keep-alive

GET
H2

200

check Show response
pixel.tapad.com/idsync/ex/receive/ Frame 09C7
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

95 B
165 B

34ms
33ms

Document
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Requested by

Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=19526313&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1614843751791; TapAd_DID=2d6ffff2-7cbd-11eb-afe8-5a9a02d33f5c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 04 Mar 2021 07:42:31 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

Redirect headers

date: Thu, 04 Mar 2021 07:42:31 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1614843751791;Expires=Mon, 03 May 2021 07:42:31 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=2d6ffff2-7cbd-11eb-afe8-5a9a02d33f5c;Expires=Mon, 03 May 2021 07:42:31 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length: 0
server: Jetty(9.4.28.v20200408)
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2BBB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wpV28G5oQyCjewvYEW4vuw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

30ms
29ms

Image
text/html

23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:42:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=61122
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Fri, 05 Mar 2021 00:41:12 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 2BBB 95 B
596 B 41ms
22ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C29576F0-6E68-4320-A37B-0BD8116E2FBB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 62a977df6d354a5c-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 089dc93f9f00004a5cfe1db000000001

GET
H/1.1

504
Gateway Timeout

info2
uipglob.semasio.net/pubmatic/1/ Frame 2BBB
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C29576F0-6E68-4320-A37B-0BD8116E2FBB&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C29576F0-6E68-4320-A37B-0BD8116E2FBB&sInitiator=external&gdpr=0&gdpr_consent=

0
51 B

548ms
548ms

Image
text/plain

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C29576F0-6E68-4320-A37B-0BD8116E2FBB&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:29 GMT
frontend-id: 8
location: /pubmatic/1/info2?sType=sync&sExtCookieId=C29576F0-6E68-4320-A37B-0BD8116E2FBB&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C29576F0-6E68-4320-A37B-0BD8116E2FBB&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C29576F0-6E68-4320-A37B-0BD8116E2FBB&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C29576F0-6E68-4320-A37B-0BD8116E2FBB&addseg=31

7 B
147 B

1380ms
41ms

Image
text/plain

185.64.190.106
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C29576F0-6E68-4320-A37B-0BD8116E2FBB&addseg=31
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:42:31 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Thu, 04 Mar 2021 07:42:30 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C29576F0-6E68-4320-A37B-0BD8116E2FBB&addseg=31
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzI5NTc2RjAtNkU2OC00MzIwLUEzN0ItMEJEODExNkUyRkJC&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
709 B

226ms
40ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:29 GMT
X-lat: Pug23038:0:263
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDizVoz1ESCmd5kW2V3tt4g&google_cver=1

42 B
855 B

266ms
39ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDizVoz1ESCmd5kW2V3tt4g&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:42:30 GMT
X-lat: lhrpug008:0:507
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDizVoz1ESCmd5kW2V3tt4g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 2BBB 43 B
609 B 103ms
31ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 03 Mar 2021 07:42:30 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8735255031151438193

42 B
974 B

1173ms
40ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8735255031151438193
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:30 GMT
X-lat: Pug23033:0:354
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8735255031151438193
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:144b6040-8f66-4300-b702-0c778272e24b&gdpr=0&gdpr_consent=

42 B
1 KB

987ms
40ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:144b6040-8f66-4300-b702-0c778272e24b&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:30 GMT
X-lat: Pug23035:0:316
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Thu, 04 Mar 2021 07:42:33 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x27
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:144b6040-8f66-4300-b702-0c778272e24b&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 04 Mar 2021 07:42:32 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41b7c0a5-6c7c-4aca-83ba-700539a51e98

42 B
1 KB

1250ms
40ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41b7c0a5-6c7c-4aca-83ba-700539a51e98
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:31 GMT
X-lat: Pug23021:0:346
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41b7c0a5-6c7c-4aca-83ba-700539a51e98
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1022542375022904365&gdpr=0&gdpr_consent=

42 B
973 B

240ms
39ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1022542375022904365&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:30 GMT
X-lat: Pug23037:0:257
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:30 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.50:80
AN-X-Request-Uuid: 138abe02-ee2e-4f6c-bfad-d24d6b2b501a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1022542375022904365&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C29576F0-6E68-4320-A37B-0BD8116E2FBB&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Dsmf3ml1l2I3pzVeoV_vcmM_.9REDuo-&gdpr=0&gdpr_consent=

0
587 B

3171ms
33ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Dsmf3ml1l2I3pzVeoV_vcmM_.9REDuo-&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Date: Thu, 04 Mar 2021 07:42:33 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Thu, 04 Mar 2021 07:42:30 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Dsmf3ml1l2I3pzVeoV_vcmM_.9REDuo-&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 C29576F0-6E68-4320-A37B-0BD8116E2FBB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2BBB 43 B
921 B 104ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/C29576F0-6E68-4320-A37B-0BD8116E2FBB?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2337793192791666484&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

1142ms
40ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2337793192791666484&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:42:31 GMT
X-lat: lhrpug004:0:479
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2337793192791666484&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=8978d54a-0d3b-49c1-88a7-6867c05c0066&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1cfbb25a-7ab9-442a-a010-0fb510d57523&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

40ms
40ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1cfbb25a-7ab9-442a-a010-0fb510d57523&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:42:32 GMT
X-lat: lhrpug010:0:544
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1cfbb25a-7ab9-442a-a010-0fb510d57523&gdpr=&gdpr_consent=&gdpr_pd=
date: Thu, 04 Mar 2021 07:42:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=94nONPnfzDLsgZw0-Y7XYKWByWHsjZ5moI33Vm5T

42 B
1 KB

93ms
39ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=94nONPnfzDLsgZw0-Y7XYKWByWHsjZ5moI33Vm5T
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:30 GMT
X-lat: Pug23027:0:306
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=94nONPnfzDLsgZw0-Y7XYKWByWHsjZ5moI33Vm5T
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 2BBB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...

85 B
166 B

27ms
27ms

Image
image/png

151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YECPZwAAAGZd9SrK
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.3.8.v20160314) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:31 GMT
via: 1.1 varnish
server: Jetty(9.3.8.v20160314)
age: 2915
x-served-by: cache-fra19163-FRA
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1614843752.826731,VS0,VE0
content-length: 85
x-cache-hits: 10266

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:31 GMT
via: 1.1 varnish
server: Jetty(9.3.8.v20160314)
x-timer: S1614843752.709284,VS0,VE90
x-served-by: cache-fra19163-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YECPZwAAAGZd9SrK
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 0

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=a4de5b90-bc8d-450c-b7a7-bb937d0d3d4d-60408f66-4348&gdpr=0&gdpr_consent=

42 B
1004 B

41ms
40ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=a4de5b90-bc8d-450c-b7a7-bb937d0d3d4d-60408f66-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:29 GMT
X-lat: Pug23035:0:276
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=a4de5b90-bc8d-450c-b7a7-bb937d0d3d4d-60408f66-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 2BBB 0
104 B 93ms
65ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C29576F0-6E68-4320-A37B-0BD8116E2FBB&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a681220b-70a7-4945-91fe-876940b5e0a0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

40ms
40ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a681220b-70a7-4945-91fe-876940b5e0a0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:42:31 GMT
X-lat: lhrpug003:0:450
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:a681220b-70a7-4945-91fe-876940b5e0a0&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 04 Mar 2021 07:42:31 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1022542375022904365

42 B
709 B

340ms
40ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1022542375022904365
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:30 GMT
X-lat: Pug23045:0:178
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:31 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.235:80
AN-X-Request-Uuid: 0e5bcdc6-7ecb-454b-a6b3-c61cf8662dbb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1022542375022904365
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 2BBB
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_5324732c-98de-43b9-8098-13bb89278cf0

42 B
790 B

561ms
40ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_5324732c-98de-43b9-8098-13bb89278cf0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:42:31 GMT
X-lat: lhrpug008:0:347
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_5324732c-98de-43b9-8098-13bb89278cf0
date: Thu, 04 Mar 2021 07:42:31 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8A1C 31 KB
10 KB 39ms
39ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9a2f427619b6355ceab882474564ce84392d8ae13c9ef63c6597b07a1dfc78bd

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:42:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=24175
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9309
Expires: Thu, 04 Mar 2021 14:25:25 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 8A1C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=12776
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLUK9W5C-16-6TET

0
288 B

764ms
189ms

Image
text/plain

52.8.165.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLUK9W5C-16-6TET
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.165.105 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-165-105.us-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=KLUK9W5C-16-6TET
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 8A1C
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xVSzlXNUMtMTYtNlRFVA==

170 B
201 B

35ms
35ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xVSzlXNUMtMTYtNlRFVA==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xVSzlXNUMtMTYtNlRFVA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 8A1C 0
66 B 76ms
33ms Image
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 8A1C
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQ4NDFiMDY4ODAxNDcwY2Y2MzE4MjI2OTdlNTdmNjQxNTExZWNkZQ

170 B
190 B

36ms
35ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQ4NDFiMDY4ODAxNDcwY2Y2MzE4MjI2OTdlNTdmNjQxNTExZWNkZQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQ4NDFiMDY4ODAxNDcwY2Y2MzE4MjI2OTdlNTdmNjQxNTExZWNkZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8A1C
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/v-brg69xx0HPKi47Mqu7dcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2168407048673278168

42 B
721 B

29ms
28ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2168407048673278168
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

date: Thu, 04 Mar 2021 07:42:30 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2168407048673278168
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8A1C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENctb12hKnsisW7TLv8fsxM&google_cver=1

42 B
721 B

29ms
28ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENctb12hKnsisW7TLv8fsxM&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENctb12hKnsisW7TLv8fsxM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8A1C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae216040-8f66-4400-a081-3b7bcb938d73

42 B
721 B

29ms
28ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae216040-8f66-4400-a081-3b7bcb938d73
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

Date: Thu, 04 Mar 2021 07:42:33 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x11
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ae216040-8f66-4400-a081-3b7bcb938d73
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 04 Mar 2021 07:42:32 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 8A1C 70 B
264 B 47ms
46ms Image
image/gif 34.246.149.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.149.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8A1C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YECPZwAAAFNYOizr
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YECPZwAAAFNYOizr&_test=YECPZwAAAFNYOizr

42 B
772 B

29ms
28ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YECPZwAAAFNYOizr&_test=YECPZwAAAFNYOizr
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1614843752.828933,VS0,VE0
x-served-by: cache-fra19163-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YECPZwAAAFNYOizr&_test=YECPZwAAAFNYOizr
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
123 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
123 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 342 B
179 B 60ms
60ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=2100155420692080&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=1&rcs=3&prev_scp=iid1%3D90984%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dgalatruc_net-medrectangle-2-90984%26eb_br%3De66c30deca31b19eda212eeca1258584%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D3%26shp%3D1%26br1%3D24%26br2%3D650%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D82%252C25%252C176%252C67%252C51%252C122%252C89%252C20%252C26%252C188%252C143%252C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C20%2C17%2C18%2C19%2C20%26lb%3D240%26reqt%3D1614843750570&eri=1&cookie=ID%3D75c0850b67f9d1f2%3AT%3D1614843746%3AS%3DALNI_Ma1x12JimCw0wf1RNLP-cjrV2f3WA&bc=31&abxe=1&lmt=1614843750&dt=1614843750576&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1104&adks=1521088379&ucis=a&ifi=10&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

66a3d5b99024350bd0be31546015d61ce2bde7222bebc1fbc49a01a10fe42554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 350 B
176 B 57ms
57ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=1792184106633962&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-large-mobile-banner-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ris=1&rcs=3&prev_scp=iid1%3D83784%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D704%26al%3D1704%26compid%3D0%26tap%3Dgalatruc_net-large-mobile-banner-1-83784%26eb_br%3Dff69c327c284033fca821ae81630bfa9%26eba%3D1%26ebss%3D10061%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26br1%3D1700%26br2%3D2500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D23%252C13%252C120%252C67%252C51%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D26%2C24%2C25%2C22%2C23%2C24%2C25%2C21%2C22%2C23%2C24%2C25%26lb%3D2100%26reqt%3D1614843750587&eri=1&cookie=ID%3D75c0850b67f9d1f2%3AT%3D1614843746%3AS%3DALNI_Ma1x12JimCw0wf1RNLP-cjrV2f3WA&bc=31&abxe=1&lmt=1614843750&dt=1614843750591&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=600&adks=183383822&ucis=b&ifi=11&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=516&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

01910cd9b1213e1f333db270b47707f181aca1b005aa8f773ee8b7775fbe62b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
123 B 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
123 B 17ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 343 B
177 B 57ms
57ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=4344244648807906&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=3&prev_scp=iid2%3D108684%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1107%26sap%3D1107%26a%3D%257C251%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dgalatruc_net-medrectangle-3-108684%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10061%26bv%3D17%26bvm%3D0%26bvr%3D3%26shp%3D3%26br1%3D50%26br2%3D1300%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%252C0%252C28%252C67%252C45%252C122%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D23%2C24%2C25%2C26%2C21%2C22%2C21%2C22%2C17%2C19%2C20%2C21%2C22%26lb%3D500%26reqt%3D1614843750604&eri=1&cookie=ID%3D75c0850b67f9d1f2%3AT%3D1614843746%3AS%3DALNI_Ma1x12JimCw0wf1RNLP-cjrV2f3WA&bc=31&abxe=1&lmt=1614843750&dt=1614843750609&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=450&adys=1379&adks=3586276774&ucis=c&ifi=12&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=770x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=4&ohw=1600&btvi=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9920fd4ed654b85c2f244ca3edb7bba70c5149f45072f1a1a7fdab6d4628a35a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
galatruc.net/porpoiseant/ 0
309 B 63ms
63ms XHR
text/plain 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTA5ODQiLCJkb21haW5faWQiOiIxOTcwMDAiLCJ1bml0IjoiZGl2LWdwdC1hZC1nYWxhdHJ1Y19uZXQtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTQ4NDM3NDMsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImE2ZTJmZmIxLWJlZDQtNGU5ZS03NTk1LWQ2N2Q1OTgyYjZkOSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 089dc9410200004aa44e9e5000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EUyrfC%2F9aA4If3TEAMnP3FAg03tYLN0tPjxsD1upc8knP54yQeXk9eTVCuzw1aySgIrj4%2F7Jp1z0Wv8pFYDool2f1y%2B4e8Lk0%2BN8YPuteKSYh2nX2P8I7O0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 62a977e198b74aa4-FRA
expires: Wed, 03 Mar 2021 07:42:30 UTC

GET
H/1.1 200
OK 728x90.png
charity-ads.s3.amazonaws.com/charity_ads/ 29 KB
29 KB 1765ms
134ms Image
image/png 52.217.85.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://charity-ads.s3.amazonaws.com/charity_ads/728x90.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.85.228 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d54bfc850de06fdd0d418bdcc03ccf1392a4df553c7b478c01b69b2c9a29798d

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:42:33 GMT
Last-Modified: Sun, 07 Feb 2021 23:07:46 GMT
Server: AmazonS3
x-amz-request-id: FPXQ3TZKSPG5YH99
ETag: "a51d3698debdd332ffa8a6c5e2a5006f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 29259
x-amz-id-2: hWokswLM9Bo5mhuq6Nem0VSmQ0jyul8t/R4eeishNCoL71iUEJ+9ONOedZBrTq2zhv6swGZcYeE=

GET
H2 200 army.gif Show response
galatruc.net/porpoiseant/ 0
291 B 48ms
47ms XHR
text/plain 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTA5ODQiLCJkb21haW5faWQiOiIxOTcwMDAiLCJ1bml0IjoiZGl2LWdwdC1hZC1nYWxhdHJ1Y19uZXQtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTQ4NDM3NDMsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MTEzMDMsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhNmUyZmZiMS1iZWQ0LTRlOWUtNzU5NS1kNjdkNTk4MmI2ZDkiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoic3RhdF9zb3VyY2VfaWQiLCJ2YWwiOiIxMTMwMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA4Njg0IiwiZG9tYWluX2lkIjoiMTk3MDAwIiwidW5pdCI6ImRpdi1ncHQtYWQtZ2FsYXRydWNfbmV0LW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjE0ODQzNzQzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhNmUyZmZiMS1iZWQ0LTRlOWUtNzU5NS1kNjdkNTk4MmI2ZDkiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:30 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 089dc9411100004aa461317000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7%2Bjw3%2BLNqTTDpGIDUZcdyS%2Bty5%2Bx1Jw6G%2BaBVeOLOxKMsq44yEExnh9R9n5GlakOo6qMG0Fhl4ZgaK4mjyJGuxJ23LQkMLn39mfBkNvMJJIoAjStxIYN57o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 62a977e1b8db4aa4-FRA
expires: Wed, 03 Mar 2021 07:42:29 UTC

GET
H/1.1 200
OK 300x250.png
charity-ads.s3.amazonaws.com/charity_ads/ 53 KB
53 KB 1989ms
132ms Image
image/png 52.217.85.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://charity-ads.s3.amazonaws.com/charity_ads/300x250.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.85.228 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e8db8ba69a2f76f4e9a548ddfbf663ba0bbf16ff328339a8f28c974eb031ca8c

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 07:42:33 GMT
Last-Modified: Sun, 07 Feb 2021 23:07:44 GMT
Server: AmazonS3
x-amz-request-id: FPXQQB55M5K7AJM8
ETag: "c4e9d00bff54f219517f8d035bb6eeab"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 54278
x-amz-id-2: y7O7Y7QKLBr4+0AwMROWcb3hnOoq3cZ7PDLa7eWB0ghKThzPgZPfrkoAJ7TdoVysx3SR7v+p6LA=

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 24D9
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
821 B

40ms
40ms

Script
text/html

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:31 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: f3a9a8a9-29c5-4b26-b0d8-76365453c91b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 04 Mar 2021 07:42:31 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.117:80
AN-X-Request-Uuid: e8fb4a32-e021-4f0d-bb05-b01195bf81ca
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 468 B
787 B 58ms
58ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=4480504165609769&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-large-mobile-banner-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ris=1&rcs=4&prev_scp=iid1%3D83784%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D704%26al%3D1704%26compid%3D0%26tap%3Dgalatruc_net-large-mobile-banner-1-83784%26eb_br%3Dd81e229576f8cb8a43ff5c6a8e596727%26eba%3D1%26ebss%3D10061%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26br1%3D1500%26br2%3D2500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D23%252C13%252C120%252C67%252C51%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D26%2C24%2C25%2C22%2C23%2C24%2C25%2C21%2C22%2C23%2C24%2C25%2C21%2C22%2C23%2C24%2C25%26lb%3D1700%26reqt%3D1614843751104&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1614843751&dt=1614843751107&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=600&adks=183383822&ucis=d&ifi=13&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=516&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

cd811ebe4cf57498519148e58ce5c8475a63dfa2160a958c059804c78a43346f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 audins.js Show response
go.ezoic.net/detroitchicago/ 466 B
872 B 44ms
6ms Script
application/javascript 2600:9000:20eb:fa00:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezoic.net/detroitchicago/audins.js?cb=192-2
Requested by: Host: galatruc.net
URL: https://galatruc.net/telecharger-kmspico/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:fa00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: fd78f51affedcaa173cd1f15fca8f1fbecdbaafa7020cec2ae0fe3befbed5ea1

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 03:21:56 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Sat, 06 Feb 2021 00:57:47 GMT
server: nginx/1.16.0
age: 2262035
etag: "1d2-5baa06ce0260e;5ba13427a2780-gzip"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: noindex
content-length: 466
x-amz-cf-id: U4ipfCJZllhndf-Rk4OCkGNdEfIaBeyyuSH7m90Vah0qu0rGuKxidw==

GET
H2 200 army.gif Show response
galatruc.net/porpoiseant/ 0
379 B 29ms
29ms XHR
text/plain 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA4Njg0IiwiZG9tYWluX2lkIjoiMTk3MDAwIiwidW5pdCI6ImRpdi1ncHQtYWQtZ2FsYXRydWNfbmV0LW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjE0ODQzNzQzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjExMzAzLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTZlMmZmYjEtYmVkNC00ZTllLTc1OTUtZDY3ZDU5ODJiNmQ5IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InN0YXRfc291cmNlX2lkIiwidmFsIjoiMTEzMDMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwODY4NCIsImRvbWFpbl9pZCI6IjE5NzAwMCIsInVuaXQiOiJkaXYtZ3B0LWFkLWdhbGF0cnVjX25ldC1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYxNDg0Mzc0MywiYWRfcG9zaXRpb24iOjExMDcsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTZlMmZmYjEtYmVkNC00ZTllLTc1OTUtZDY3ZDU5ODJiNmQ5IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjQ0NyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTA5ODQiLCJkb21haW5faWQiOiIxOTcwMDAiLCJ1bml0IjoiZGl2LWdwdC1hZC1nYWxhdHJ1Y19uZXQtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTQ4NDM3NDMsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImE2ZTJmZmIxLWJlZDQtNGU5ZS03NTk1LWQ2N2Q1OTgyYjZkOSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIyODgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjgzNzg0IiwiZG9tYWluX2lkIjoiMTk3MDAwIiwidW5pdCI6ImRpdi1ncHQtYWQtZ2FsYXRydWNfbmV0LWxhcmdlLW1vYmlsZS1iYW5uZXItMS0wIiwidF9lcG9jaCI6MTYxNDg0Mzc0MywiYWRfcG9zaXRpb24iOjExMTMsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTZlMmZmYjEtYmVkNC00ZTllLTc1OTUtZDY3ZDU5ODJiNmQ5IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjE1NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:31 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 089dc9439b00004aa4641f1000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cNVnraLqTz8J48RIICASbmGQyCEdntINytk%2F0qcFdMgIjxkClL%2FVJGUVrgZJV49xSX9ncOpD3irlu7SB3gwzieQSNmt%2BB7yA8%2BNKguCtUvGp9%2BLs0dg8i1M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 62a977e5cdf64aa4-FRA
expires: Wed, 03 Mar 2021 07:42:31 UTC

GET
H2 200 army.gif Show response
galatruc.net/porpoiseant/ 0
539 B 27ms
26ms XHR
text/plain 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA4Njg0IiwiZG9tYWluX2lkIjoiMTk3MDAwIiwidW5pdCI6ImRpdi1ncHQtYWQtZ2FsYXRydWNfbmV0LW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjE0ODQzNzQzLCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhNmUyZmZiMS1iZWQ0LTRlOWUtNzU5NS1kNjdkNTk4MmI2ZDkiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI0NTAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjEzNzkifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5MDk4NCIsImRvbWFpbl9pZCI6IjE5NzAwMCIsInVuaXQiOiJkaXYtZ3B0LWFkLWdhbGF0cnVjX25ldC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNDg0Mzc0MywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTZlMmZmYjEtYmVkNC00ZTllLTc1OTUtZDY3ZDU5ODJiNmQ5IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTA5MSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM3ODQiLCJkb21haW5faWQiOiIxOTcwMDAiLCJ1bml0IjoiZGl2LWdwdC1hZC1nYWxhdHJ1Y19uZXQtbGFyZ2UtbW9iaWxlLWJhbm5lci0xLTAiLCJ0X2Vwb2NoIjoxNjE0ODQzNzQzLCJhZF9wb3NpdGlvbiI6MTExMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhNmUyZmZiMS1iZWQ0LTRlOWUtNzU5NS1kNjdkNTk4MmI2ZDkiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI4MDAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjYwMCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:31 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 089dc9439b00004aa45b877000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DiF19J%2BqZO2pB%2FLyyhg39f01PSScf4UUCkn6TRzI0birr6zZxTqMU%2Bb%2F4418Mjad8tSLH9cJHoyBNTqtELY6mGOb%2FYT43dtBhLg1qH38x6KhUKKkptJSiqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 62a977e5cdf84aa4-FRA
expires: Wed, 03 Mar 2021 07:42:31 UTC

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 8ms
7ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=192-2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:31 GMT
content-encoding: gzip
etag: "/D8P7qgiWm3WmfjhiS2eTg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 11 Mar 2021 07:42:31 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
345 B 21ms
6ms Script
application/x-javascript 2600:9000:20eb:6200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 17:00:06 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
age: 52946
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: 5YM4r0E322Xt6mst9JZci85rHTLJ17H67dYve4oon8clUVgLay54og==

GET
H2 200 pixel;r=453387252;labels=Domain.galatruc_net%2CDomainId.197000;rf=0;uht=2;a=p-31iz6hfFutd16;url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F;fpan=1;fpa=P0-698115317-1614843751363;ns=0;ce=1;q...
pixel.quantserve.com/ 35 B
371 B 8ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=453387252;labels=Domain.galatruc_net%2CDomainId.197000;rf=0;uht=2;a=p-31iz6hfFutd16;url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F;fpan=1;fpa=P0-698115317-1614843751363;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=galatruc.net;je=0;sr=1600x1200x24;dst=1;et=1614843751362;tzo=-60;ogl=locale.fr_FR%2Ctype.article%2Ctitle.T%C3%A9l%C3%A9charger%20KMSPico%202021%20pour%20activer%20Office%202016%252C%202019%20et%20Windows%2010%2Cdescription.T%C3%A9l%C3%A9charger%20KMSPico%20pour%20activer%20Office%202016%252C%202019%252C%202013%252C%202010%20%26%20Windows%2010%252C%208%252C%20%2Curl.https%3A%2F%2Fgalatruc%252Enet%2Ftelecharger-kmspico%2F%2Csite_name.GalaTruc%252Enet%2Cimage.https%3A%2F%2Fi1%252Ewp%252Ecom%2Fgalatruc%252Enet%2Fwp-content%2Fuploads%2F2019%2F05%2Ft%C3%A9l%C3%A9charger-KMSpico%252Ejp%2Cimage%3Awidth.900%2Cimage%3Aheight.600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 07:42:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
146 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=galatruc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 07:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 451 B
427 B 66ms
66ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1967301583074914&correlator=912684831273162&output=ldjh&impl=fif&eid=21068530%2C21068602%2C31060208%2C21064367%2C31060244%2C31060320%2C44733568&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210304&iu_parts=1254144%2Cgalatruc_net-large-mobile-banner-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ris=1&rcs=5&prev_scp=iid1%3D83784%26t%3D134%26d%3D197000%26t1%3D134%26pvc%3D0%26ap%3D1113%26sap%3D1113%26a%3D%257C2%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod61%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D704%26al%3D1704%26compid%3D0%26tap%3Dgalatruc_net-large-mobile-banner-1-83784%26eb_br%3D04b5efc3207e2390972f099a6a3c4757%26eba%3D1%26ebss%3D10061%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26br1%3D1400%26br2%3D2500%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D23%252C13%252C120%252C67%252C51%252C0%252C66%252C20%252C71%252C30%252C0%252C31%26deal1%3D26%2C24%2C25%2C22%2C23%2C24%2C25%2C21%2C22%2C23%2C24%2C25%2C21%2C22%2C23%2C24%2C25%2C21%2C22%2C23%2C24%2C25%26lb%3D1500%26reqt%3D1614843751621&eri=1&cookie=ID%3D1e687ca2b2e6c90d-22e24033adba0032%3AT%3D1614843751%3AS%3DALNI_MZkNI7O6U2tuO4nET9JjpJ_JFSBhg&bc=31&abxe=1&lmt=1614843751&dt=1614843751624&dlt=1614843744679&idt=1456&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=600&adks=183383822&ucis=e&ifi=14&u_tz=60&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1547898860.1614843746&ga_sid=1614843746&ga_hid=1887342543&fws=516&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

d1d9637b7234996eeecadedc2c944b8c38f4e0bd63040a47dc7cc1b4f20d3686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://galatruc.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://galatruc.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
galatruc.net/porpoiseant/ 0
269 B 28ms
28ms XHR
text/plain 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM3ODQiLCJkb21haW5faWQiOiIxOTcwMDAiLCJ1bml0IjoiZGl2LWdwdC1hZC1nYWxhdHJ1Y19uZXQtbGFyZ2UtbW9iaWxlLWJhbm5lci0xLTAiLCJ0X2Vwb2NoIjoxNjE0ODQzNzQzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMTMsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJhNmUyZmZiMS1iZWQ0LTRlOWUtNzU5NS1kNjdkNTk4MmI2ZDkiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjYifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:31 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 089dc9451b00004aa4c2bff000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IomlHTkvYCuEyhPDRn%2Fle3zAQYUU%2Fqjaddmhfp0bJnf%2FV%2FWlcPKMGdGOJ2yUk7Uv1xCuUAkVi7yRL%2B%2FUkw0hfDyiWeCXZgYtiB4OEppgOJakL25WWE0RJEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 62a977e829a24aa4-FRA
expires: Wed, 03 Mar 2021 07:42:31 UTC

GET
H2 200 greenoaks.gif Show response
galatruc.net/detroitchicago/ 0
311 B 38ms
38ms XHR
text/plain 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJhNmUyZmZiMS1iZWQ0LTRlOWUtNzU5NS1kNjdkNTk4MmI2ZDkiLCJkb21haW5faWQiOiIxOTcwMDAiLCJ0X2Vwb2NoIjoxNjE0ODQzNzQzLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjE2OTQwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIyIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjMzMTcwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiMyJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiNDQ2Njg4MDAifSx7Im5hbWUiOiJkb2NfaGVpZ2h0IiwidmFsIjoiMjc5MTgifV19XQ==
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:33 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 089dc94c4e00004aa485ae9000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9c2MDSIHU%2Bh5bTfBCcLJIlAtsAT1PRj3Kg0PXTDfFevniW4T%2BYqpw2Q1%2B30CkpFpfzVZZG6oZrwRk7%2F631pImlDq8WddD61bQKelgjwlPwKKf32iEK2vJl0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 62a977f3bb424aa4-FRA
expires: Wed, 03 Mar 2021 07:42:33 UTC

GET
H2 200 army.gif Show response
galatruc.net/porpoiseant/ 0
376 B 27ms
27ms XHR
text/plain 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM3ODQiLCJkb21haW5faWQiOiIxOTcwMDAiLCJ1bml0IjoiZGl2LWdwdC1hZC1nYWxhdHJ1Y19uZXQtbGFyZ2UtbW9iaWxlLWJhbm5lci0xLTAiLCJ0X2Vwb2NoIjoxNjE0ODQzNzQzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMTMsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjExMzAzLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYTZlMmZmYjEtYmVkNC00ZTllLTc1OTUtZDY3ZDU5ODJiNmQ5IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InN0YXRfc291cmNlX2lkIiwidmFsIjoiMTEzMDMifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/memphis.js?gcb=192-2&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:41 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-middleton-display: ezp_sol
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 089dc969bb00004aa4a90e0000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4w3d5hPkmymLiUExvD9DJjRs4KJmKR%2BGYHQNxG%2BXwqwKOOaJcfh7MyuRN0FpX%2FSz5bLcJDkS9N3zCYu0hWwvqXlrZO5KjSUqIG3Fkzeo1bzUw8rAZ2Hmy0k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 62a97822c8644aa4-FRA
expires: Wed, 03 Mar 2021 07:42:41 UTC

GET
H2 200 imp.gif
galatruc.net/detroitchicago/ 43 B
508 B 33ms
32ms XHR
image/gif 2606:4700:3032::ac43:a734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://galatruc.net/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A2%2C%22ad_lazyload_version%22%3A5%2C%22ad_location_ids%22%3A%225%2C704%2C21%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A3%2C%22bidder_method%22%3A0%2C%22bidder_version%22%3A3%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A2%2C%22domain_id%22%3A197000%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22iab_category_1%22%3A%22623%22%2C%22iab_category_2%22%3A%22602%22%2C%22iab_category_3%22%3A%22239%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A30%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A0%2C%22page_ad_positions%22%3A%221100%2C1107%2C1113%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22a6e2ffb1-bed4-4e9e-7595-d67d5982b6d9%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A1%2C%22response_size_orig%22%3A330484%2C%22response_time_orig%22%3A924%2C%22serverid%22%3A%223.123.128.39%3A2276%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221100%2C1107%2C1113%22%2C%22t_epoch%22%3A1614843743%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fgalatruc.net%2Ftelecharger-kmspico%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A4271%2C%22worst_bad_word_level%22%3A1%7D
Requested by: Host: galatruc.net
URL: https://galatruc.net/detroitchicago/rochester.js?gcb=192-2&cb=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://galatruc.net/telecharger-kmspico/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:42:55 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QQ6UxL00IYwQshldnaIvW2pYbA7bJeeyWL%2BkUneHapsTTGi%2FgGIlszkUCIyBrJMN9Yx4JmBNIgCC7IZjhPhTEw2RZdyxC3LlJHnY3YT2%2Fqw9eKhkLysnFTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 62a9787f0bd24aa4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
cf-request-id: 089dc9a36400004aa45101b000000001

Verdicts & Comments Add Verdict or Comment

267 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
galatruc.net/	1970-01-20 01:55:46	Name: cto_bundle Value: ZJYoU19YZUhISGJyV09sJTJCNWVYeUVyWW1RQXhVZ0lXb05wT09hTE9ma0dHeEVmMXBxcUhrZ1d1REF6dzRPZkQxcFUwaXloVXBOTzdSUVJJaTNMekl4cVIwMW9mNk1jTCUyQlNrdm81Q0ZVZGpaQXBTWmJuREJXN2h4SyUyQnB3ZVVqYnY1dCUyRjRq
galatruc.net/	1970-01-20 01:19:39	Name: ezux_lpl_197000 Value: 1614843746252\|a6e2ffb1-bed4-4e9e-7595-d67d5982b6d9\|false
.galatruc.net/	1970-01-19 16:35:30	Name: _gid Value: GA1.2.1143510408.1614843746
.galatruc.net/	1970-01-19 16:34:05	Name: ezopvc_197000 Value: 1
galatruc.net/	1970-01-20 01:19:39	Name: cookielawinfo-checkbox-non-necessary Value: yes
.galatruc.net/	1970-01-19 16:34:10	Name: lp_197000 Value: https://galatruc.net/telecharger-kmspico/
galatruc.net/	1970-01-20 01:19:39	Name: cookielawinfo-checkbox-necessary Value: yes
galatruc.net/	1969-12-31 23:59:59	Name: ezouspva Value: 0
.galatruc.net/	1970-01-20 10:05:15	Name: ezosuigeneris Value: 733ba269407576e580ed62237cc207c2
galatruc.net/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
galatruc.net/	1970-01-22 05:53:15	Name: ezohw Value: w%3D1600%2Ch%3D1200
.galatruc.net/	1970-01-19 16:34:05	Name: ezovuuid_197000 Value: 285660a3-c8a4-49df-56e7-73665ed8574a
.galatruc.net/	1970-01-19 16:34:03	Name: _gat_gtag_UA_113455433_2 Value: 1
galatruc.net/	1970-01-22 05:53:15	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
galatruc.net/	1970-01-20 01:55:46	Name: cto_bidid Value: FazvxV8lMkJOWWs1aTk3ZEhIVWVnb3dqMjF5YzVMY3dsc0ZvZndZQWolMkI1UjlvQkNxT0lqSyUyRlh0QzR5aSUyRmxUeU9MNHFsOHVWUm4zekNxUHpKMklKbCUyRlMzc0JyTWclM0QlM0Q
.galatruc.net/	1970-01-20 01:19:39	Name: ezCMPCCS Value: true
.galatruc.net/	1970-01-19 16:34:05	Name: ezoadgid_197000 Value: -1
.galatruc.net/	1970-01-19 16:36:56	Name: ezovuuidtime_197000 Value: 1614843744
.galatruc.net/	1970-01-20 01:55:39	Name: __gads Value: ID=75c0850b67f9d1f2-22db6034adba0036:T=1614843746:S=ALNI_MZ-PK1CV4LF-x4oNwrMRGU8J9N6lQ
.galatruc.net/	1970-01-19 16:35:30	Name: ezepvv Value: 0
.galatruc.net/	1970-01-19 16:34:10	Name: ezoab_197000 Value: mod61
.galatruc.net/	1970-01-19 16:34:05	Name: ezovid_197000 Value: 1189232918
.galatruc.net/	1970-01-19 16:34:10	Name: ezoref_197000 Value:
.galatruc.net/	1970-01-19 17:17:15	Name: __cfduid Value: d5704ccccd26607764438adf76f8995c41614843743
.galatruc.net/	1970-01-19 16:36:56	Name: active_template::197000 Value: pub_site.1614843743
.galatruc.net/	1970-01-20 10:05:15	Name: _ga Value: GA1.2.1547898860.1614843746
galatruc.net/	1970-01-19 17:17:15	Name: _pbjs_userid_consent_data Value: 3524755945110770

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://galatruc.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.2(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a7274220a39571815c8bde3aa4b978a1.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ads.adaptv.advertising.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.ch
adservice.google.com
ajax.googleapis.com
aud.pubmatic.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn.onesignal.com
cdn.undertone.com
charity-ads.s3.amazonaws.com
cm.adgrx.com
cm.g.doubleclick.net
cs.admanmedia.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.ezoic.net
galatruc.net
go.ezodn.com
go.ezoic.net
graph.facebook.com
green.erne.co
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
r.scoota.co
rtb-csync.smartadserver.com
rtb.gumgum.com
rules.quantcount.com
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
static.criteo.net
static.tapfiliate.com
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
tag.1rx.io
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.targeting.unrulymedia.com
usr.undertone.com
video.unrulymedia.com
visitor.fiftyt.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
136.144.59.88
142.250.186.34
143.204.93.227
151.101.113.108
151.101.14.49
159.253.128.183
159.65.197.210
172.217.16.130
178.250.0.157
178.250.0.163
178.250.2.131
18.156.0.31
18.156.95.187
18.192.15.110
18.194.69.213
185.29.133.199
185.33.220.243
185.33.221.87
185.64.189.112
185.64.189.114
185.64.190.106
185.64.190.78
185.64.190.80
185.86.137.133
192.0.76.3
192.0.77.2
198.148.27.140
199.232.137.44
2001:678:cb4:bbbb::11
213.155.156.185
213.19.147.151
213.19.147.210
23.218.208.200
23.37.42.132
2600:9000:20eb:2e00:1f:df94:f9c0:93a1
2600:9000:20eb:6200:6:44e3:f8c0:93a1
2600:9000:20eb:fa00:2:cb38:840:93a1
2600:9000:214f:ac00:1f:2473:9080:93a1
2606:4700:10::6816:1957
2606:4700:3032::ac43:a734
2606:4700:3034::6815:3d31
2606:4700::6812:d05
2606:4700::6812:e234
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:802::200a
2a00:1450:4001:803::2003
2a00:1450:4001:809::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:20::2040
2a03:2880:f01c:800e:face:b00c:0:2
2a04:fa87:fffe::c000:4902
34.120.207.148
34.246.149.44
34.98.107.212
34.98.64.218
35.156.153.71
35.157.48.14
35.201.96.126
35.227.248.159
37.157.6.253
51.89.9.254
52.17.137.119
52.217.85.228
52.50.99.220
52.8.165.105
54.228.192.197
54.36.109.166
63.251.232.170
66.155.71.25
69.173.144.139
69.173.144.165
77.243.60.138
85.114.159.93
87.98.242.60
88.214.206.142
99.86.3.28
0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78
00a1346c0e63df97eca33ec1ff32a778caa5b6612cde78986e391c17eeb10e87
01910cd9b1213e1f333db270b47707f181aca1b005aa8f773ee8b7775fbe62b7
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04c6af34a85a13d0e98f2c7e82fb63c6f33f75baad74b2c4d84811c8117fa6aa
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
08375cebca0d36f2fa3ec9e027a974146af7161553e4319a418d4cee6b38bed7
0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
13ad8741b47defc487fe1632ab1ed0413e893bbd99552f4e144c948bc9bdf4db
15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18a3637360b0c195e2cb05dda99f2e88a9745b5822189beb8c270e59c5d0e08d
1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d
1b68431bd479f66f60cca8fef9520547c0f28390680174d8b36c5591085e8393
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26b4485584314aa0850427462143a6a28b66c982db28deb42766214fad7744c7
26f2750ed674b420ea3bd51e2c1ea10c37fabd546eaf763c4a1f626c7a6f4c22
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8
27a2e47560b4f5b5e06c23350092879d32d19a88beaebafc25ba53b0e84b26a0
29543f7139388e58f40739e985dc1581e93b898ab23390a72bc8a798ff95405f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
311a42892bf475bb07fdef468183033b4ed1279be748f72784859988fbd023c6
339cfcf5a359798c1070b953988e0cc6bfec42ccff60d09bb719034416bc29ac
35acd7b38c24a79874980170fdf434cdedefe052b4bac93210475c4cfb16ced1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39bfe0e36d071be61fe7c77eea257da3f7c5018905b4ad53756bece41f932a70
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7aae8d330ce078517f5befe48160e260f4bd7ed98c7d22731a71b8d18f748c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
43c810365ee6f066850b5eb95f297c8ade66657a3b48f912193c065d1d43b77d
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
469fdcb93f6dc61d42d6e09448a8b89e6773364c647393816ceb64bae3cdfd1b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc616391fc965520fddd1bb34a8621a4f11839c3ea70459b5a06d91e23b1fc8
4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a
56c87ee1e1a6878217897741f85a8048012b693a4cb6b03804a322d8fed02a88
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6114293ad5f5aeecfab463a257a49d694a82ed3790279f448dc58ff0d678d318
620a73d276d037cbfb44be8c5c0c380562a0af7323a5a8a7fe23e3a25ae68496
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
667f7109c30ce4f64be82c808a04808cdddfe8bdc7b78ce544773574e0ea9f9d
66a3d5b99024350bd0be31546015d61ce2bde7222bebc1fbc49a01a10fe42554
699dcdd5e20616716ea3f388fe831cf471d9b10517d57207ac6b4b206e2ff2ee
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78cfaebbc55f09bc3db75df5bf14a37e1443070618791517d01774c3cafc779a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80a89eec55c32db286ebe2619cd758a15a093a24955dfc43f1e472684b4f14f8
80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8119f5b98c2e7d787ec00928d568d6ff79efdb15908388d0407b67755eb7243a
81d2b98d29a4bece076d8fb0474af2463074d0c1222b6d2524dfd83759821cfb
83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
83ce2cd6856fb53d8860cd0baec5e922304afb951fde787903516844578c9e3d
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3349c36d26f3f07ddc1807ac6312022900cf8130a510a903c51ce07045f379
9471db8c4355560d132ae12801ab6f02de73699882d9d136e4b0d8837ca89728
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
9920fd4ed654b85c2f244ca3edb7bba70c5149f45072f1a1a7fdab6d4628a35a
9948141da5f826e38f4689775fa9f53dbeff8f8a9382d1a3453b1f046371b393
997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e
9a2f427619b6355ceab882474564ce84392d8ae13c9ef63c6597b07a1dfc78bd
9d09e0a7a1dd10d174fcf8cab650952432c1fd1b65dd811c1ab75fb7b6cb45c0
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6b1ef0d4ca430bf021cffe124e0d25fadaddbc963c026ac9d154c5f2762221c
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a7200216e311971f53cd868b982dd48cd5cbb4530013756b2dfb7eff6e6f87c2
a82fb0df229ab511ba5e585874443b97a62bfbd76c369a6944ed9e0750ebf698
a98f74468356e62ff27e0f255ab19baf779125fd0c5486b811496254fe6e1aaa
a9cb8dfc6a97a7b11b29ef7f41e1628b55ed219114d451e1560d72a71ba1a61b
ab21fef3ac4ee12ebb305942f85de99b290b8a24654c69060e54673d5f3a11f2
ab47f6ba21f29a52a101572d12fa2bac87a1e7b70e157aba59a42d55d5dfc7d0
ac14f5b2fbf5a1ad9cca12e66bb6f45e69029b00124a3f17a867dfcfa333dd3e
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b886d8713bbf2db8b9f02d47d69e152f15a70b023b53e124054b8087cfc12d99
b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
bc250db8be288e1a2b1b9590a1a312cbd8bf8eafde30baa81ed0313e1568c7f9
c45a962c168c3cef73e91df9c2bfe01d24fd4854d146ceed8bbf1bd3ec3a4e69
c52c11cc9338b3eab968a005a5a0d6cbb9f80da1016d4f755078a8ecfd089bcb
c80203c7eae413cecc09a4ed0974e31a8538060cddd5bc1f1a5bfa53db672c9e
c850920c471e5a0df733bac8ef08e035348893922377260c7438085ffb7bd2d5
c96a4e8e5c17e860ba23499da982857936823deba867697fd327f97d95025cfc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cba904507ab0b75f75846ecece69c1f04cb120b6036c1353d940852c96760770
ccd911729403decd6e3b74702fdc4d2c1b1e3ecf35a147f7e5373669932cc708
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93
cd811ebe4cf57498519148e58ce5c8475a63dfa2160a958c059804c78a43346f
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0159c2d617449a2505e5df7f713252910f2e3a81784c415c577976f45cf17a5
d14f83ccbb906ede803880742d870b9968160e7f25a07c54042419aeebe7fe3f
d1d9637b7234996eeecadedc2c944b8c38f4e0bd63040a47dc7cc1b4f20d3686
d2d045dc2413ae15a141fa9b7a1cee8395892572937da92582895b7d1b96815c
d344775f69bbcaf4154206ac0b4acbd87214025a5f5e3c0919890bfa4867d675
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d4b240b6e10894723f95547179c2c23bb04640447c82b0a4efa13568dacd5a48
d54bfc850de06fdd0d418bdcc03ccf1392a4df553c7b478c01b69b2c9a29798d
d59bf6f772c44e0fb74fae16abb757bddf2600adc89641262accbe06d68b7de1
d87aaa11549edb8037c429c32d083c7004d4fb26db52c09ce84dc4c09cc476b9
d996911a48456da047197d69d725c4903c52e1388cb421f04c7e5a184766faf5
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de6938409882a9f78027c6546691bf234eb7b2e7409ca3c599a6138982d3aac5
e028ccd6ff3467d236a13abdc3d4c2e6375157ab5160a327c380186709609c09
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e32706fd8c8f272c7f35536d9fda75fe12535f4c896d846bc07a16a08d21c35a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cf59c1d6d95b6cec3c20d49bdd35ee150be7fdcabb213edd50b82dc5ab3ca2
e65125045af843daa39232e1d36389a820a1ce24f3f595552747c277f6d13a3e
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e8d9a0657d362b643911315b35c57552d07d9a7b95df06bd8cb463b507a4fe6f
e8db8ba69a2f76f4e9a548ddfbf663ba0bbf16ff328339a8f28c974eb031ca8c
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff7ef51c0e92016b98dc5eb8f6a3fa9778af21bcb3fdf8112f621469bbef510
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4432a9b54eda7e104711d3e6604e865d00c0e708bc7c8a8dfd48335f8530c18
f4e950206d2c345e1ae00a17c799da2b806bd28e0379cfa0326d40d905e224d3
f5935b7cf4ed800bb7de10fecc325a5e589e360b6b27875b18cfc8628137bcc1
f5d1de019f464e8279bd2003b66defb192aee756b3675dacf468a9d39e7a7240
f69dfe383fe0ef66df2c8de098fda546a826801c150ec22e7e09b8020b221dae
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
f918adfae4672ad3160e57cc94881753f1c4ee02c9f7e3f569c17b4c8109594a
fd78f51affedcaa173cd1f15fca8f1fbecdbaafa7020cec2ae0fe3befbed5ea1
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

galatruc.net Open in urlscan Pro 2606:4700:3032::ac43:a734 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

237 Requests

100 %HTTPS

33 %IPv6

62 Domains

95 Subdomains

64 IPs

8 Countries

1263 kBTransfer

3301 kBSize

27 Cookies

23 Outgoing links

Redirected requests

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

galatruc.net Open in urlscan Pro
2606:4700:3032::ac43:a734 Public Scan

Screenshot
Live screenshot

Full Image

237
Requests

100 %
HTTPS

33 %
IPv6

62
Domains

95
Subdomains

64
IPs

8
Countries

1263 kB
Transfer

3301 kB
Size

27
Cookies

237 HTTP transactions
2 data transactions