educratsweb.com Open in urlscan Pro
148.66.138.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://educratsweb.com/404.htm
Submission: On September 15 via manual (September 15th 2021, 4:10:04 pm UTC) from IN — Scanned from DE

Summary HTTP 79 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 9 countries across 40 domains to perform 79 HTTP transactions. The main IP is 148.66.138.136, located in Singapore, Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is educratsweb.com.

This is the only time educratsweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	148.66.138.136 148.66.138.136	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
7	142.250.179.162 142.250.179.162	15169 (GOOGLE) (GOOGLE)
2	142.250.179.142 142.250.179.142	15169 (GOOGLE) (GOOGLE)
1	95.101.27.83 95.101.27.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	158.69.251.190 158.69.251.190	16276 (OVH) (OVH)
3	142.250.179.194 142.250.179.194	15169 (GOOGLE) (GOOGLE)
6	142.250.102.147 142.250.102.147	15169 (GOOGLE) (GOOGLE)
1	142.250.27.154 142.250.27.154	15169 (GOOGLE) (GOOGLE)
2	142.250.102.156 142.250.102.156	15169 (GOOGLE) (GOOGLE)
1	142.250.102.154 142.250.102.154	15169 (GOOGLE) (GOOGLE)
1	216.58.214.10 216.58.214.10	15169 (GOOGLE) (GOOGLE)
1	216.58.214.14 216.58.214.14	15169 (GOOGLE) (GOOGLE)
2 5	158.69.139.238 158.69.139.238	16276 (OVH) (OVH)
1	13.224.94.54 13.224.94.54	16509 (AMAZON-02) (AMAZON-02)
1	3.121.175.251 3.121.175.251	16509 (AMAZON-02) (AMAZON-02)
1	104.16.87.26 104.16.87.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.94.95 13.224.94.95	16509 (AMAZON-02) (AMAZON-02)
7	208.100.17.182 208.100.17.182	32748 (STEADFAST) (STEADFAST)
3	13.224.94.40 13.224.94.40	16509 (AMAZON-02) (AMAZON-02)
1	45.55.120.93 45.55.120.93	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 4	72.246.100.56 72.246.100.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
1	13.224.94.53 13.224.94.53	16509 (AMAZON-02) (AMAZON-02)
1	208.100.17.187 208.100.17.187	32748 (STEADFAST) (STEADFAST)
2	142.250.27.132 142.250.27.132	15169 (GOOGLE) (GOOGLE)
1 2	23.37.42.16 23.37.42.16	16625 (AKAMAI-AS) (AKAMAI-AS)
2 14	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	51.89.21.10 51.89.21.10	16276 (OVH) (OVH)
2 2	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
2	142.250.179.130 142.250.179.130	15169 (GOOGLE) (GOOGLE)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	13.224.94.36 13.224.94.36	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
2 2	52.42.180.228 52.42.180.228	16509 (AMAZON-02) (AMAZON-02)
1	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
1	99.81.41.171 99.81.41.171	16509 (AMAZON-02) (AMAZON-02)
1 1	64.58.232.176 64.58.232.176	13649 (ASN-VINS) (ASN-VINS)
1	64.58.232.180 64.58.232.180	13649 (ASN-VINS) (ASN-VINS)
1 1	54.81.207.173 54.81.207.173	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.215.191.146 52.215.191.146	16509 (AMAZON-02) (AMAZON-02)
1 1	199.127.207.190 199.127.207.190	26120 (RHYTHMONE) (RHYTHMONE)
1	72.251.241.204 72.251.241.204	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	156.154.136.36 156.154.136.36	7786 (NPAC) (NPAC)
2 2	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
79	38

2 148.66.138.136 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)

educratsweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.179.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s41-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.179.142 (United States)

ASN15169 (GOOGLE, US)
PTR: ams17s10-in-f14.1e100.net

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.27.83 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-83.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.251.190 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.179.194 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s42-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.102.147 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.27.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ra-in-f154.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.102.156 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f156.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.102.154 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f154.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.214.10 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lhr26s05-in-f10.1e100.net

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.214.14 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lhr26s05-in-f14.1e100.net

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 158.69.139.238 (Montreal, Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ip238.ip-158-69-139.net

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.94.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-54.zrh50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.175.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-175-251.eu-central-1.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.87.26 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.94.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-95.zrh50.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 208.100.17.182 (United States)

ASN32748 (STEADFAST, US)
PTR: ip182.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.94.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-40.zrh50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.120.93 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.246.100.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-100-56.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.80.231 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.94.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-53.zrh50.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.187 (United States)

ASN32748 (STEADFAST, US)
PTR: ip187.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.27.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ra-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.16 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-16.deploy.static.akamaitechnologies.com

img.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.30.140.199 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.21.10 (London, United Kingdom) 4 redirects

ASN16276 (OVH, FR)
PTR: p24.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.13 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.179.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams17s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.94.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-36.zrh50.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.42.180.228 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-180-228.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.41.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-41-171.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.176 (United States) 1 redirects

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.180 (United States)

ASN13649 (ASN-VINS, US)

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.207.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-207-173.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.191.146 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-191-146.eu-west-1.compute.amazonaws.com

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.190 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt-secure.videohub.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.154.136.36 (United States)

ASN7786 (NPAC, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	crwdcntrl.net 2 redirects tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	23 KB
10	google.com cse.google.com www.google.com adservice.google.com clients1.google.com	165 KB
9	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	6 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	223 KB
5	dtscout.com 2 redirects e.dtscout.com t.dtscout.com	11 KB
5	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	11 KB
4	id5-sync.com 4 redirects id5-sync.com	6 KB
4	bluekai.com 1 redirects tags.bluekai.com	1 KB
3	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com onetag-geo-grouping.s-onetag.com	12 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	614 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	941 B
2	tidaltv.com 2 redirects sync.tidaltv.com	686 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	tapad.com 2 redirects pixel.tapad.com	917 B
2	turn.com 2 redirects d.turn.com	855 B
2	secureserver.net 1 redirects img.secureserver.net	2 KB
2	onaudience.com 2 redirects pixel.onaudience.com	719 B
2	sharethis.com pd.sharethis.com sync.sharethis.com	255 B
2	histats.com s10.histats.com s4.histats.com	5 KB
2	educratsweb.com educratsweb.com	6 KB
1	agkn.com aa.agkn.com	748 B
1	mathtag.com 1 redirects sync.mathtag.com	615 B
1	adgrx.com cm.adgrx.com	408 B
1	videohub.tv 1 redirects dt-secure.videohub.tv	547 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	626 B
1	mookie1.com ib.mookie1.com	992 B
1	ib-ibi.com 1 redirects global.ib-ibi.com	513 B
1	krxd.net beacon.krxd.net	337 B
1	exelator.com loadm.exelator.com	324 B
1	userreport.com audex.userreport.com	433 B
1	adsrvr.org match.adsrvr.org	265 B
1	pubmatic.com image6.pubmatic.com	166 B
1	dtscdn.com t.dtscdn.com	406 B
1	googleapis.com www.googleapis.com	199 B
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	662 B
1	wsimg.com img1.wsimg.com	5 KB
0	survata.com Failed px.surveywall-api.survata.com Failed
79	40

	Domain	Requested by
8	sync.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
7	ic.tynt.com	educratsweb.com
7	pagead2.googlesyndication.com	educratsweb.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net
6	www.google.com	cse.google.com www.google.com educratsweb.com tpc.googlesyndication.com
4	id5-sync.com	4 redirects
4	tags.bluekai.com	1 redirects educratsweb.com bcp.crwdcntrl.net
3	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
3	e.dtscout.com	2 redirects educratsweb.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	secure.adnxs.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	sync.tidaltv.com	2 redirects
2	dpm.demdex.net	2 redirects
2	pixel.tapad.com	2 redirects
2	cm.g.doubleclick.net	bcp.crwdcntrl.net
2	d.turn.com	2 redirects
2	img.secureserver.net	1 redirects
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	pixel.onaudience.com	2 redirects
2	t.dtscout.com	e.dtscout.com
2	cse.google.com	educratsweb.com www.google.com
2	educratsweb.com	educratsweb.com
1	aa.agkn.com	bcp.crwdcntrl.net
1	sync.mathtag.com	1 redirects
1	cm.adgrx.com	bcp.crwdcntrl.net
1	dt-secure.videohub.tv	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	ib.mookie1.com	bcp.crwdcntrl.net
1	global.ib-ibi.com	1 redirects
1	beacon.krxd.net	bcp.crwdcntrl.net
1	sync.sharethis.com	bcp.crwdcntrl.net
1	loadm.exelator.com	bcp.crwdcntrl.net
1	audex.userreport.com	bcp.crwdcntrl.net
1	match.adsrvr.org	bcp.crwdcntrl.net
1	image6.pubmatic.com	bcp.crwdcntrl.net
1	de.tynt.com	cdn.tynt.com
1	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
1	t.dtscdn.com	e.dtscout.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	cdn.tynt.com	e.dtscout.com
1	pd.sharethis.com	e.dtscout.com
1	get.s-onetag.com	e.dtscout.com
1	clients1.google.com	educratsweb.com
1	www.googleapis.com	educratsweb.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	educratsweb.com
1	img1.wsimg.com	educratsweb.com
0	px.surveywall-api.survata.com Failed	bcp.crwdcntrl.net
79	54

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2021-03-05` - `2022-04-06`	a year	crt.sh
histats.com R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.dtscout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-03`	a year	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
t.dtscdn.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-15`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2019-10-22` - `2021-10-22`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
ib.mookie1.com DigiCert SHA2 High Assurance Server CA	`2019-10-07` - `2021-11-12`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh

This page contains 9 frames:

Primary Page: http://educratsweb.com/404.htm
Frame ID: F7B52C93CADE6D4B10A864AF214AF286
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/zrt_lookup.html
Frame ID: B21BD9C48B6D4A7B8AD815DE3B739C83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656072117057856&output=html&adk=1812271804&adf=1573534164&lmt=1631722042&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=http%3A%2F%2Feducratsweb.com%2F404.htm&ea=0&flash=0&pra=5&wgl=1&dt=1631722198402&bpp=2&bdt=176&idt=135&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=124074293584&frm=20&pv=2&ga_vid=777633244.1631722199&ga_sid=1631722199&ga_hid=1179772971&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31062297&oid=3&pvsid=3673286933485375&pem=530&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=148
Frame ID: 6A11643B3D610415CB67B0AC6EFC9A02
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656072117057856&output=html&h=600&slotname=3437332476&adk=2224538565&adf=3025194257&pi=t.ma~as.3437332476&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1631722042&rafmt=9&psa=0&format=1200x600&url=http%3A%2F%2Feducratsweb.com%2F404.htm&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1631722198404&bpp=1&bdt=178&idt=150&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=124074293584&frm=20&pv=1&ga_vid=777633244.1631722199&ga_sid=1631722199&ga_hid=1179772971&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31062297&oid=3&pvsid=3673286933485375&pem=530&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oaObvCeoIa&p=http%3A//educratsweb.com&dtd=153
Frame ID: 507DC7D271EFBBF473620818F651A463
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=10401631722199BE72DAD41AC5509FF2
Frame ID: 6E1ACDD3DC5C542F6266D27B56E623C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2F79A7F591DD674AF11FAA112C11532F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01DE52D1190484F976494BA65F38C884
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 3FD8F8E7CCDE6A1ACA9EDDE49C1BC642
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Frame ID: 3025AB8D5144627824C04B09B78D5E18
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 (Page Not Found) errors - educratsweb.comsearch

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

79
Requests

91 %
HTTPS

0 %
IPv6

40
Domains

54
Subdomains

38
IPs

9
Countries

500 kB
Transfer

1316 kB
Size

60
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j= HTTP 307
http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j= HTTP 301
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j=

Request Chain 34

https://pixel.onaudience.com/?partner=137085098&mapped=10401631722199BE72DAD41AC5509FF2 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=f59e642c2c1282c9

Request Chain 49

http://img.secureserver.net/t/1/tl/event?cts=1631722200657&tce=1631722198060&tcs=1631722197903&tdc=1631722200457&tdclee=1631722198283&tdcles=1631722198283&tdi=1631722198283&tdl=1631722198226&tdle=1631722197903&tdls=1631722197891&tfs=1631722197890&tns=1631722197890&trqs=1631722198061&tre=1631722198224&trps=1631722198223&tles=1631722200457&tlee=1631722200459&ht=perf&dh=educratsweb.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&vci=649051819&cv=1.0.6&z=754592805&vg=25a750d9-0658-4ef4-8c17-04826a8c9b1a&vtg=25a750d9-0658-4ef4-8c17-04826a8c9b1a&ap=cpsh&trfd=%7B%22cts%22%3A1631722198282%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22sg3plcpnl0165%22%2C%22id%22%3A%224978635%22%7D&dp=%2F404.htm HTTP 301
https://img.secureserver.net/t/1/tl/event?cts=1631722200657&tce=1631722198060&tcs=1631722197903&tdc=1631722200457&tdclee=1631722198283&tdcles=1631722198283&tdi=1631722198283&tdl=1631722198226&tdle=1631722197903&tdls=1631722197891&tfs=1631722197890&tns=1631722197890&trqs=1631722198061&tre=1631722198224&trps=1631722198223&tles=1631722200457&tlee=1631722200459&ht=perf&dh=educratsweb.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&vci=649051819&cv=1.0.6&z=754592805&vg=25a750d9-0658-4ef4-8c17-04826a8c9b1a&vtg=25a750d9-0658-4ef4-8c17-04826a8c9b1a&ap=cpsh&trfd=%7B%22cts%22%3A1631722198282%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22sg3plcpnl0165%22%2C%22id%22%3A%224978635%22%7D&dp=%2F404.htm

Request Chain 56

https://id5-sync.com/s/19/9.gif?puid=d3f59a796f720678a5e14a10d3bb6c0f&gdpr=1 HTTP 302
https://id5-sync.com/c/19/19/9/1.gif?puid=d3f59a796f720678a5e14a10d3bb6c0f&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://tags.bluekai.com/site/5907?limit=0&id=560580961276eab85d6aaa1ffd37d143&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOwsk5yxW9h2htTuHbBcWfhiBvwmbFqWlCIr1gTQ/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/224/7/3.gif?puid=3655989754527537650&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOwsk5yxW9h2htTuHbBcWfhiBvwmbFqWlCIr1gTQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDNmNTlhNzk2ZjcyMDY3OGE1ZTE0YTEwZDNiYjZjMGY&google_redir={xENCODEDURL}&id5id=ID5-ZHMOwsk5yxW9h2htTuHbBcWfhiBvwmbFqWlCIr1gTQ

Request Chain 59

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=d3f59a796f720678a5e14a10d3bb6c0f&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=d3f59a796f720678a5e14a10d3bb6c0f&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=d3dc1bb2-57cc-4695-8d88-fa68d4352752

Request Chain 62

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=d3f59a796f720678a5e14a10d3bb6c0f&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=d3f59a796f720678a5e14a10d3bb6c0f&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=87808564047887893783220576369535445174

Request Chain 65

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=d3f59a796f720678a5e14a10d3bb6c0f HTTP 302
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=d3f59a796f720678a5e14a10d3bb6c0f

Request Chain 66

https://sync.srv.stackadapt.com/sync?nid=lotame HTTP 302
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-48ff3553-787b-4130-540b-771a8d4b0749$ip$216.131.111.132

Request Chain 67

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=c4f732bc-74df-42ce-8a6a-ae6bea340793?gdpr=1&gdpr_consent=

Request Chain 68

https://dt-secure.videohub.tv/v1/usync/lo HTTP 303
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-4784c0a14b602e70f495fd18424e68d3

Request Chain 70

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=51996142-1ad8-4300-8d2a-59258e657821

Request Chain 71

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e180a32a-ab1c-4490-9933-43f58e63889a-61421ad9-5553

Request Chain 72

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YUIa2QABwu6G9wA6 HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUIa2QABwu6G9wA6&_test=YUIa2QABwu6G9wA6

Request Chain 76

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/d3f59a796f720678a5e14a10d3bb6c0f/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3655989754527537650

Request Chain 77

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=82288967%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D82288967%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=82288967/tpid=6697554765561039771/tp=ANXS

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 404.htm Show response
educratsweb.com/ 2 KB
2 KB 332ms
162ms Document
text/html 148.66.138.136
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://educratsweb.com/404.htm
Protocol: HTTP/1.1
Server: 148.66.138.136 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 2a368eb687a4220838b03884c0b545e2898bb3bee07b5a3604205fb8258b33a1

Request headers

Host: educratsweb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 15 Sep 2021 16:09:58 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 15 Sep 2021 16:07:22 GMT
ETag: "748bc3d-6f5-5cc0ae4bb31d7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1173
Keep-Alive: timeout=5, max=100
Content-Type: text/html

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 107ms
44ms Script
text/javascript 142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5656072117057856

Requested by

Host: educratsweb.com
URL: http://educratsweb.com/404.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

cafe /

Resource Hash

4fe000ad6180e93bf890ee5cc00abb427b7f8215db82b09d77bf38998ba7835b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://educratsweb.com/
Origin: http://educratsweb.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48936
x-xss-protection: 0
server: cafe
etag: 5505405807491881426
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 16:09:58 GMT

GET
H/1.1 200
OK logo.png
educratsweb.com/assets/images/ 4 KB
4 KB 181ms
181ms Image
image/png 148.66.138.136
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://educratsweb.com/assets/images/logo.png
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: HTTP/1.1
Server: 148.66.138.136 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 9434632a714bb92703132be5cdffe76a98b42547bb823f925fd275d6ca3cf860

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: educratsweb.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://educratsweb.com/404.htm
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/404.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 16:09:58 GMT
Last-Modified: Wed, 29 Aug 2018 18:20:15 GMT
Server: Apache
ETag: "74800da-eef-57497029455a8"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3823

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 145ms
58ms Script
text/javascript 142.250.179.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=016377333053665180015:8rgrrbtdsjq

Requested by

Host: educratsweb.com
URL: http://educratsweb.com/404.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s10-in-f14.1e100.net

Software

gws /

Resource Hash

90f38ea3b680ef3fc72b8277e63927923e52a5ec87e7c9f0b04b89481f1bd985

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Wed, 15 Sep 2021 16:09:58 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3552
x-xss-protection: 0
expires: Wed, 15 Sep 2021 16:09:58 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 77ms
43ms Script
text/javascript 142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: educratsweb.com
URL: http://educratsweb.com/404.htm

Protocol

HTTP/1.1

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

cafe /

Resource Hash

1f13cbf208b173cbe8386bed53c96634a61b373ec7f60f22a7308683c514f07e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 15 Sep 2021 16:09:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2151533239655755315
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48956
X-XSS-Protection: 0
Expires: Wed, 15 Sep 2021 16:09:58 GMT

GET
H2 200 tcc_l.combined.1.0.6.min.js Show response
img1.wsimg.com/tcc/ 12 KB
5 KB 37ms
9ms Script
application/x-javascript 95.101.27.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-83.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:09:58 GMT
content-encoding: gzip
last-modified: Fri, 31 Mar 2017 16:26:41 GMT
etag: "52ef5c943baad21:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 4564
expires: Thu, 15 Sep 2022 16:09:58 GMT

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 95ms
9ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: HTTP/1.1
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:01:05 GMT
content-encoding: gzip
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
vary: Accept-Encoding
x-iplb-instance: 42306
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
x-iplb-request-id: D8836F84:B0C0_2E69C9F0:0050_61421AD6_18273:1C29B
content-length: 4547
x-request-id: 502399146

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 422 B
557 B 343ms
97ms Script
text/html 158.69.251.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4131786&@f16&@g1&@h1&@i1&@j1631722198341&@k0&@l1&@m404%20(Page%20Not%20Found)%20errors%20-%20educratsweb.com&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-107252736&@b3:1631722198&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Feducratsweb.com%2F404.htm&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.251.190 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns546644.ip-158-69-251.net
Software: /
Resource Hash: bc902a9aa881adff992ee03c7fe3ea416e2b3928daabb920ea2179a8949bdf17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 16:09:58 GMT
Connection: close
Content-Length: 422
Content-Type: text/html;charset=UTF-8

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ 251 KB
93 KB 76ms
48ms Script
text/javascript 142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5656072117057856&plah=educratsweb.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

cafe /

Resource Hash

6a31f5e2ef9d66ae390fc16ca76b56aeb76c06b43e1e6b34979f27f9a25d330c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94975
x-xss-protection: 0
server: cafe
etag: 8056399442672506072
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 16:09:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/ Frame B21B 10 KB
5 KB 87ms
26ms Document
text/html 142.250.179.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s42-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210913/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://educratsweb.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 15 Sep 2021 14:45:09 GMT
expires: Wed, 29 Sep 2021 14:45:09 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 5089
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/b54a745638da8bbb/ 280 KB
92 KB 75ms
26ms Script
text/javascript 142.250.102.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=016377333053665180015:8rgrrbtdsjq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f147.1e100.net

Software

sffe /

Resource Hash

94fc1b6f57eaec5b66d02212a4a8c63fb22b3b46c2643d76c1b39edeea337b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 10:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93992
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 10:03:35 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/b54a745638da8bbb/ 41 KB
9 KB 69ms
21ms Stylesheet
text/css 142.250.102.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=016377333053665180015:8rgrrbtdsjq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f147.1e100.net

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 05:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 14 Sep 2022 05:02:24 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 74ms
25ms Stylesheet
text/css 142.250.102.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=016377333053665180015:8rgrrbtdsjq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f147.1e100.net

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 15:59:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 15 Sep 2021 16:49:55 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
662 B 73ms
26ms Script
text/javascript 142.250.27.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=educratsweb.com&callback=_gfp_s_&client=ca-pub-5656072117057856

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5656072117057856&plah=educratsweb.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.27.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ra-in-f154.1e100.net

Software

cafe /

Resource Hash

e86b89f32eb480c566e1607fc1fa59e9c3bd10ba8cacb21883c7a8731a7360ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 77ms
28ms Script
application/javascript 142.250.102.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=educratsweb.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 16:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 81ms
26ms Script
application/javascript 142.250.102.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=educratsweb.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 16:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A11 20 KB
5 KB 180ms
150ms Document
text/html 142.250.179.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656072117057856&output=html&adk=1812271804&adf=1573534164&lmt=1631722042&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=http%3A%2F%2Feducratsweb.com%2F404.htm&ea=0&flash=0&pra=5&wgl=1&dt=1631722198402&bpp=2&bdt=176&idt=135&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=124074293584&frm=20&pv=2&ga_vid=777633244.1631722199&ga_sid=1631722199&ga_hid=1179772971&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31062297&oid=3&pvsid=3673286933485375&pem=530&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=148

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s42-in-f2.1e100.net

Software

cafe /

Resource Hash

4c88236ea6308e73d4b4032ec695442fc3d6a82e4e8406b2c2f03f1579b5f74e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5656072117057856&output=html&adk=1812271804&adf=1573534164&lmt=1631722042&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=http%3A%2F%2Feducratsweb.com%2F404.htm&ea=0&flash=0&pra=5&wgl=1&dt=1631722198402&bpp=2&bdt=176&idt=135&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=124074293584&frm=20&pv=2&ga_vid=777633244.1631722199&ga_sid=1631722199&ga_hid=1179772971&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31062297&oid=3&pvsid=3673286933485375&pem=530&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=148
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://educratsweb.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Sep 2021 16:09:58 GMT
server: cafe
content-length: 5497
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 16:24:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 16:09:58 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 79ms
28ms Script
text/javascript 142.250.102.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f156.1e100.net

Software

sffe /

Resource Hash

aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
server: sffe
etag: "1631547519045135"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 16:09:58 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 507D 436 B
234 B 169ms
146ms Document
text/html 142.250.179.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656072117057856&output=html&h=600&slotname=3437332476&adk=2224538565&adf=3025194257&pi=t.ma~as.3437332476&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1631722042&rafmt=9&psa=0&format=1200x600&url=http%3A%2F%2Feducratsweb.com%2F404.htm&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1631722198404&bpp=1&bdt=178&idt=150&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=124074293584&frm=20&pv=1&ga_vid=777633244.1631722199&ga_sid=1631722199&ga_hid=1179772971&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31062297&oid=3&pvsid=3673286933485375&pem=530&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oaObvCeoIa&p=http%3A//educratsweb.com&dtd=153

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s42-in-f2.1e100.net

Software

cafe /

Resource Hash

839a2f0736201ba401f51e002d699fa69c6d4562c92b67f2f23f289767320c5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5656072117057856&output=html&h=600&slotname=3437332476&adk=2224538565&adf=3025194257&pi=t.ma~as.3437332476&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1631722042&rafmt=9&psa=0&format=1200x600&url=http%3A%2F%2Feducratsweb.com%2F404.htm&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1631722198404&bpp=1&bdt=178&idt=150&shv=r20210913&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=124074293584&frm=20&pv=1&ga_vid=777633244.1631722199&ga_sid=1631722199&ga_hid=1179772971&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=0&ady=249&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31062297&oid=3&pvsid=3673286933485375&pem=530&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oaObvCeoIa&p=http%3A//educratsweb.com&dtd=153
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://educratsweb.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Sep 2021 16:09:58 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 16:24:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 16:09:58 GMT
cache-control: private

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 148 KB
54 KB 63ms
33ms Script
text/javascript 142.250.179.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/b54a745638da8bbb/cse_element__en.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

142.250.179.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s10-in-f14.1e100.net

Software

sffe /

Resource Hash

0cd0326be010e85af0b32d287304ac771196e864fdc86c317941b56dcf64fd34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 16:09:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
ETag: "7514411431485236598"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-afs-ui"
Expires: Wed, 15 Sep 2021 16:09:58 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 70ms
25ms Image
image/png 142.250.102.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/b54a745638da8bbb/default+en.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.102.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f147.1e100.net

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/b54a745638da8bbb/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 04:59:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 299424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Mon, 12 Sep 2022 04:59:34 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 67ms
24ms Image
image/png 142.250.102.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: educratsweb.com
URL: http://educratsweb.com/404.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.102.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f147.1e100.net

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 10:12:15 GMT
x-content-type-options: nosniff
age: 21463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 15 Sep 2022 10:12:15 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
199 B 66ms
19ms Image
text/plain 216.58.214.10
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.214.10 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr26s05-in-f10.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:09:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
83 B 62ms
20ms Image
text/plain 216.58.214.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: HTTP/1.1
Server: 216.58.214.14 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr26s05-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 16:09:58 GMT
Content-Length: 0

GET
H/1.1

200
OK

/ Show response
e.dtscout.com/e/
Redirect Chain

http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j=
http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j=
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j=

8 KB
9 KB

290ms
98ms

Script
application/javascript

158.69.139.238
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j=
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip238.ip-158-69-139.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 49300c42f9811d3201cf4e7f47f2978df7a8c0ca0a7f8ab752966b0a53bc7c60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 16:09:59 GMT
X-T: 0.746
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl2
Expires: Wed, 15 Sep 2021 16:09:58 GMT

Redirect headers

Location: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j=
Date: Wed, 15 Sep 2021 16:09:58 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Content-Length: 194
Content-Type: text/html

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame 6E1A 1 KB
752 B 299ms
103ms Document
text/html 158.69.139.238
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=10401631722199BE72DAD41AC5509FF2
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip238.ip-158-69-139.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 92465aeecfe9976331a7855159ed7c60306543ce9a9f50f0d492ccf799aa7487

Request headers

Host: t.dtscout.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://educratsweb.com/
Accept-Encoding: gzip, deflate, br
Cookie: m=1; b=1; st=1; oa=1; df=1631722199; l=10401631722199BE72DAD41AC5509FF2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 15 Sep 2021 16:09:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Wed, 15 Sep 2021 16:09:58 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 152ms
12ms Script
text/javascript 13.224.94.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-54.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 80528
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 14 Sep 2021 17:47:52 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: zuXxxP_3zNk2_JbqJkzyLctrwxj6FL1wf22QTC4jq_iSsvh9ECVWjA==

GET
H/1.1 204
No Content dtscout Show response
pd.sharethis.com/pd/ 0
88 B 153ms
7ms Script
text/plain 3.121.175.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pd.sharethis.com/pd/dtscout
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.175.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-175-251.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 15 Sep 2021 16:09:59 GMT

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 10 KB
4 KB 163ms
24ms Script
application/javascript 104.16.87.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.87.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:09:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:37 GMT
server: cloudflare
age: 68619
etag: W/"612951fd-288b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 68f31f61eb39c4d6-DUS
expires: Sat, 18 Sep 2021 16:09:59 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 304ms
100ms Script
application/javascript 158.69.139.238
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=educratsweb.com&_ss=hv0ncestes&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=1qep&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip238.ip-158-69-139.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 363e286d78b4a6e7da7f1b3f2551248bdbe5f00af1b8ecb6aa0c7b23bec8163b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 16:09:59 GMT
X-T: 0.174
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Wed, 15 Sep 2021 16:09:58 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
970 B 57ms
21ms Fetch
application/json 13.224.94.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-95.zrh50.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 00:03:02 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront), 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
age: 58017
x-amzn-requestid: b2367291-18f3-4977-874f-059e6399550d
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1, ZRH50-C1
x-amz-apigw-id: FrW4nFsuCYcFW4Q=
content-length: 555
x-amz-cf-id: MbcKj1lWDgnBc3RpZsvYnSvnZ9SVgj0xCCQ2VvOOl7i88Fo3cj-KkQ==

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 362ms
117ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631722199368&dn=AFWU&iso=0&t=404%20(Page%20Not%20Found)%20errors%20-%20educratsweb.com
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/404.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:09:59 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 38 KB
12 KB 62ms
13ms Script
text/javascript 13.224.94.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-40.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 14:24:35 GMT
content-encoding: gzip
etag: W/"f321a7442b8087eba0d1817aa7dbb5f7"
last-modified: Tue, 16 Mar 2021 13:30:17 GMT
server: AmazonS3
age: 6325
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: VUJPhopXMECHlGAi6w9Ma954MzLl5V_XKtI74961FulFzCnUobiD7w==

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
406 B 363ms
96ms Script
application/javascript 45.55.120.93
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401631722199BE72DAD41AC5509FF2&nid=300&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2Feducratsweb.com%2F404.htm&r=
Requested by: Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Feducratsweb.com%2F404.htm&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.120.93 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 16:10:22 GMT
X-T: 3.58
x-server: web4.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Wed, 15 Sep 2021 16:10:21 GMT

GET
H/1.1 200
OK 27675
tags.bluekai.com/site/ 62 B
329 B 196ms
171ms Image
image/gif 72.246.100.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27675?id=10401631722199BE72DAD41AC5509FF2&ret=html&phint=__bk_t%3D404%20(Page%20Not%20Found)%20errors%20-%20educratsweb.com&phint=__bk_l%3Dhttp%3A%2F%2Feducratsweb.com%2F404.htm&r=85842241
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.100.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-100-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 16:09:59 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 6286
Content-Type: image/gif

GET
H/1.1

200
OK

33141
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=10401631722199BE72DAD41AC5509FF2
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=f59e642c2c1282c9

62 B
304 B

186ms
185ms

Image
image/gif

72.246.100.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=f59e642c2c1282c9
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.100.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-100-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 16:10:00 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=f59e642c2c1282c9
content-length: 0

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
836 B 56ms
22ms Fetch
application/json 13.224.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-53.zrh50.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 14:18:37 GMT
content-encoding: gzip
server: restify
age: 6681
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: http://educratsweb.com
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ERekudJMsTunwFKlhGmfz6CALZME2QGjxk4ZKp9-R-ic7zGaavZoxA==
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 333ms
109ms Script
application/javascript 208.100.17.187
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip187.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/404.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:09:59 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Thu, 16 Sep 2021 16:09:59 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 117ms
117ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631722199368&dn=AFWU&iso=0&t=404%20(Page%20Not%20Found)%20errors%20-%20educratsweb.com
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/404.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:09:59 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 117ms
117ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631722199368&dn=AFWU&iso=0&t=404%20(Page%20Not%20Found)%20errors%20-%20educratsweb.com
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/404.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:09:59 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 122ms
121ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631722199368&dn=AFWU&iso=0
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/404.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:10:00 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 120ms
120ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631722199368&dn=AFWU&iso=0
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/404.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:10:00 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 122ms
122ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631722199368&dn=AFWU&iso=0
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/404.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:10:00 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 118ms
118ms Image
text/plain 208.100.17.182
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631722199368&dn=AFWU&iso=0
Requested by: Host: educratsweb.com
URL: http://educratsweb.com/404.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip182.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/404.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:10:00 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 65ms
37ms XHR
application/json 142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210913&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

cafe /

Resource Hash

a5d48cfb4f54844798ab65546c9c0c10cb2987be8c33aa357338033cc308b5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 16:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8523
x-xss-protection: 0

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 450ms
424ms XHR
application/json 13.224.94.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-40.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: http://educratsweb.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 15 Sep 2021 16:10:01 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 13:30:17 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 86400
x-cache: Miss from cloudfront
x-amz-cf-id: ZzdcXYcL9-UM4Oy6qYaLZZ9XCtU5TnfDzoVXEg4Aj8ha8B-HxUxRNw==
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 75ms
26ms Script
text/javascript 142.250.27.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.27.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ra-in-f132.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 15 Sep 2021 16:10:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2F79 12 KB
5 KB 45ms
21ms Document
text/html 142.250.27.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.27.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ra-in-f132.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://educratsweb.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 09 Sep 2021 06:10:37 GMT
expires: Fri, 09 Sep 2022 06:10:37 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 554363
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 01DE 783 B
531 B 30ms
30ms Document
text/html 142.250.102.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.102.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f147.1e100.net

Software

GSE /

Resource Hash

f299a3fc18426d8001c059de60157bb352f370aaf8dab148b2124ba13a014e9f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VcWfrQX5fDFitDh1+Eu3OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://educratsweb.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/

Response headers

expires: Wed, 15 Sep 2021 16:10:00 GMT
date: Wed, 15 Sep 2021 16:10:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VcWfrQX5fDFitDh1+Eu3OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 01DE 0
0 40ms
40ms Image
text/html 142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210913&jk=3673286933485375&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.179.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s41-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H/1.1

200
OK

event
img.secureserver.net/t/1/tl/
Redirect Chain

http://img.secureserver.net/t/1/tl/event?cts=1631722200657&tce=1631722198060&tcs=1631722197903&tdc=1631722200457&tdclee=1631722198283&tdcles=1631722198283&tdi=1631722198283&tdl=1631722198226&tdle=1...
https://img.secureserver.net/t/1/tl/event?cts=1631722200657&tce=1631722198060&tcs=1631722197903&tdc=1631722200457&tdclee=1631722198283&tdcles=1631722198283&tdi=1631722198283&tdl=1631722198226&tdle=...

43 B
635 B

113ms
91ms

Image
image/gif

23.37.42.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.secureserver.net/t/1/tl/event?cts=1631722200657&tce=1631722198060&tcs=1631722197903&tdc=1631722200457&tdclee=1631722198283&tdcles=1631722198283&tdi=1631722198283&tdl=1631722198226&tdle=1631722197903&tdls=1631722197891&tfs=1631722197890&tns=1631722197890&trqs=1631722198061&tre=1631722198224&trps=1631722198223&tles=1631722200457&tlee=1631722200459&ht=perf&dh=educratsweb.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&vci=649051819&cv=1.0.6&z=754592805&vg=25a750d9-0658-4ef4-8c17-04826a8c9b1a&vtg=25a750d9-0658-4ef4-8c17-04826a8c9b1a&ap=cpsh&trfd=%7B%22cts%22%3A1631722198282%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22sg3plcpnl0165%22%2C%22id%22%3A%224978635%22%7D&dp=%2F404.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.37.42.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Date: Wed, 15 Sep 2021 16:10:00 GMT
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://educratsweb.com, *
Access-Control-Max-Age: 1000
Cache-Control: private
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 43
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://img.secureserver.net/t/1/tl/event?cts=1631722200657&tce=1631722198060&tcs=1631722197903&tdc=1631722200457&tdclee=1631722198283&tdcles=1631722198283&tdi=1631722198283&tdl=1631722198226&tdle=1631722197903&tdls=1631722197891&tfs=1631722197890&tns=1631722197890&trqs=1631722198061&tre=1631722198224&trps=1631722198223&tles=1631722200457&tlee=1631722200459&ht=perf&dh=educratsweb.com&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&vci=649051819&cv=1.0.6&z=754592805&vg=25a750d9-0658-4ef4-8c17-04826a8c9b1a&vtg=25a750d9-0658-4ef4-8c17-04826a8c9b1a&ap=cpsh&trfd=%7B%22cts%22%3A1631722198282%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22sg3plcpnl0165%22%2C%22id%22%3A%224978635%22%7D&dp=%2F404.htm
Date: Wed, 15 Sep 2021 16:10:00 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3 200 N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F79 35 KB
13 KB 27ms
26ms Script
text/javascript 142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

sffe /

Resource Hash

379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13196
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 00:44:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
49ms Image
image/gif 142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210913&jk=3673286933485375&bg=!y8ilyIzNAAYT0U73E9E7ACkAdvg8WgpZ_fmXxW02YmfVRluYRls0e8tRwqXemGiJpWwiPErNQYrbTQIAAABdUgAAAAtoAQeZAnZ8rBgOVS3rlzEF5j-fr1h4hjc4GfgJqv3pnGdE8QFUauSEfqe4-78fra6e8xgsjxL-Jil18MXRTiBSgAE2r7PtMtTZv8a_-N6X70J4tLVzkwPoVFM4RauNHFNeL-JCN4zoAq_LMTb6cKcVDTXgmjJqVh4XkcEOS3uCrbLYtDR8U9K3BNhSpF5K9ZxrHx1K4LhH8895NYS5Awt2hr5PqjBWsHhfvEKXK4LlDQ56-hC1yCYzbZtJCV5-KOt7POuOCIqi45wzGNv0TydrZQ0dWwNOMu9SYNJgimma5YQj9S1DmjXxq6cSEhkNEg3D-Z-ZqiPtGGd37jZRpbYxFYksz_hyr-822RxklKDz-7BKe1BJsuXDmVj83xJ1WmHxoSPa9RJvCCoaMb3J48iRHQ1m9ODHO-MUoClKh2WjNpBP77nrp514_y4kC21fvLfvSDRtwkk_PrXqu25xbCp6PcXGwymreR33oh16_Ry1iS6Td7O_InnjkE1pRpTQ0gjl3z1LH-QGberFKD-sghf8EUsVUlu0DwYpp9AU_6Uw-97ItKVFXzmwXQCMJPpa1hbgvzAHvzC7nNtPV_5Ekwkd01U74-L8zToZ04LUicA963ktgwjRxqyDejAFvFuTqO9I0hwqR93YqqoGroRZ9T0Qru40RpBNyLcHHJXVCV8odptptYr54YGtJAUPBlDXCPBUK1mrlfIaCpl9lKXHPjWSEStFyOYCNtR0U-cP2ooTCfuYG_XJQLq5FbYtezuUP3ZbZx5e4n00SNqISmggJzYKyUvj3mfPJ8xWghfJopugcSEHMG9uE7UONz15IPhzZ-hcKKPOboaZc_uayCU

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 537 B
1 KB 136ms
66ms XHR
application/json 52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5d4588e567a783b5658caec93e132e1bd6d8e980ec7bb218fcd75ed488d4e702

Request headers

Referer: http://educratsweb.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://educratsweb.com
cache-control: no-cache
x-server: 10.45.7.209
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 537
expires: 0

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 3FD8 2 KB
1 KB 12ms
12ms Document
text/html 13.224.94.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-40.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method: GET
:authority: tags.crwdcntrl.net
:scheme: https
:path: /lt/shared/2/lt.iframe.html?c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://educratsweb.com/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=d3f59a796f720678a5e14a10d3bb6c0f; _cc_cc="ACZ4XmNQSDFOM7VMNLc0SzM3MjAzt0g0TTU0STQ0SDFOSjJLNkhjAIJEJ6mbIBoCeLf%2FuqPO%2BFGW4T8jI8PxTVNYYOyPny1hzGeL58CFl%2F8phKs%2BeogZxt6977IAjP2h4T6cfRhJ6%2FQTcIveLUGYuGbDU26Y1s7JJ7VgbADQokGa"; _cc_aud="ABR4XmNgYGBIdJK6CaQggJmBgWsGmLmoFUQyPqwHkgBUDgTE"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://educratsweb.com/

Response headers

content-type: text/html
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Tue, 14 Sep 2021 17:42:49 GMT
cache-control: max-age: 86400
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Kqdb4xuS9Yv9t1FeNn2634-uPNJawqbCLRvjwWSwJIvcKoerSpbgTQ==
age: 80833

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 3025 4 KB
4 KB 30ms
30ms Document
text/html 52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 76b3198b7e3a1eb3e1044ec3762d3e201aa628dfd13522263dfd3639695eae66

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tags.crwdcntrl.net/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=d3f59a796f720678a5e14a10d3bb6c0f; _cc_cc="ACZ4XmNQSDFOM7VMNLc0SzM3MjAzt0g0TTU0STQ0SDFOSjJLNkhjAIJEJ6mbIBoCeLf%2FuqPO%2BFGW4T8jI8PxTVNYYOyPny1hzGeL58CFl%2F8phKs%2BeogZxt6977IAjP2h4T6cfRhJ6%2FQTcIveLUGYuGbDU26Y1s7JJ7VgbADQokGa"; _cc_aud="ABR4XmNgYGBIdJK6CaQggJmBgWsGmLmoFUQyPqwHkgBUDgTE"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Wed, 15 Sep 2021 16:10:01 GMT
content-type: text/html
content-length: 3687
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.4.207
server: Jetty(9.4.38.v20210224)

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3025 0
166 B 62ms
19ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:10:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3025
Redirect Chain

https://id5-sync.com/s/19/9.gif?puid=d3f59a796f720678a5e14a10d3bb6c0f&gdpr=1
https://id5-sync.com/c/19/19/9/1.gif?puid=d3f59a796f720678a5e14a10d3bb6c0f&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpui...
https://tags.bluekai.com/site/5907?limit=0&id=560580961276eab85d6aaa1ffd37d143&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOwsk5yxW9h2htTuHbBcWfhiBvwmbFqWlCIr1gTQ/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_...
https://id5-sync.com/c/19/224/7/3.gif?puid=3655989754527537650&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOwsk5yxW9h2htTuHbBcWfhiB...
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDNmNTlhNzk2ZjcyMDY3OGE1ZTE0YTEwZDNiYjZjMGY&google_redir={xENCODEDURL}&id5id=ID5-ZHMOwsk5yxW9h2htTuHbBcWfhiBvwmbFqWlCIr1gTQ

170 B
188 B

62ms
33ms

Image
image/png

142.250.179.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDNmNTlhNzk2ZjcyMDY3OGE1ZTE0YTEwZDNiYjZjMGY&google_redir={xENCODEDURL}&id5id=ID5-ZHMOwsk5yxW9h2htTuHbBcWfhiBvwmbFqWlCIr1gTQ

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.179.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZDNmNTlhNzk2ZjcyMDY3OGE1ZTE0YTEwZDNiYjZjMGY&google_redir={xENCODEDURL}&id5id=ID5-ZHMOwsk5yxW9h2htTuHbBcWfhiBvwmbFqWlCIr1gTQ
cache-control: no-cache
x-server: 10.45.25.0
content-length: 0
expires: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3025 70 B
265 B 140ms
65ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK ltm
audex.userreport.com/sync/put/ Frame 3025 43 B
433 B 76ms
21ms Image
image/gif 13.224.94.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/ltm?ltmid=d3f59a796f720678a5e14a10d3bb6c0f
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.94.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-94-36.zrh50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 16:10:01 GMT
Via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
X-Amz-Cf-Pop: ZRH50-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: yKGgkdzNWFLcMBwwy3ilWS75X30WD91w7n9Jtdx8uEUBj0pdUqy3Ow==

GET
H2

200

tpid=d3dc1bb2-57cc-4695-8d88-fa68d4352752
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 3025
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=d3f59a796f720678a5e14a10d3bb6c0f&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=d3f59a796f720678a5e14a10d3bb6c0f&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=d3dc1bb2-57cc-4695-8d88-fa68d4352752

49 B
265 B

40ms
32ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=d3dc1bb2-57cc-4695-8d88-fa68d4352752
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.17.113
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=d3dc1bb2-57cc-4695-8d88-fa68d4352752
date: Wed, 15 Sep 2021 16:10:01 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 /
loadm.exelator.com/load/ Frame 3025 0
324 B 121ms
30ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=260&buid=d3f59a796f720678a5e14a10d3bb6c0f&j=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:10:01 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET t
px.surveywall-api.survata.com/ Frame 3025 0
0

GET
H2

200

tpid=87808564047887893783220576369535445174
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 3025
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=d3f59a796f720678a5e14a10d3bb6c0f&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=d3f59a796f720678a5e14a10d3bb6c0f&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=87808564047887893783220576369535445174

49 B
265 B

45ms
44ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=87808564047887893783220576369535445174
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.25.162
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-usw2-1-v014-0c0d07a07.edge-usw2.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: m2hi8zeNTo0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=87808564047887893783220576369535445174
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame 3025 42 B
167 B 42ms
10ms Image
image/gif 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.sharethis.com/lotame?uid=d3f59a796f720678a5e14a10d3bb6c0f&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 16:10:01 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 3025 0
337 B 108ms
30ms Image
text/plain 99.81.41.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=d3f59a796f720678a5e14a10d3bb6c0f
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.41.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-41-171.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 16:10:01 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1631722201
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame 3025
Redirect Chain

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=d3f59a796f720678a5e14a10d3bb6c0f
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=d3f59a796f720678a5e14a10d3bb6c0f

120 B
992 B

846ms
164ms

Image
image/png

64.58.232.180
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=d3f59a796f720678a5e14a10d3bb6c0f
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.58.232.180 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 16:10:01 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: LAS14
Content-Type: image/png
Content-Length: 120
Expires: -1

Redirect headers

Date: Wed, 15 Sep 2021 16:10:01 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Location: https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=d3f59a796f720678a5e14a10d3bb6c0f
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: private
X-Server: LAS16
Content-Type: text/html; charset=utf-8
Content-Length: 217

GET
H2

200

tpid=0-48ff3553-787b-4130-540b-771a8d4b0749$ip$216.131.111.132
bcp.crwdcntrl.net/map/c=6569/tp=STKA/ Frame 3025
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-48ff3553-787b-4130-540b-771a8d4b0749$ip$216.131.111.132

49 B
265 B

39ms
39ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-48ff3553-787b-4130-540b-771a8d4b0749$ip$216.131.111.132
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.13.124
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Location: https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-48ff3553-787b-4130-540b-771a8d4b0749$ip$216.131.111.132
Date: Wed, 15 Sep 2021 16:10:01 GMT
Connection: keep-alive
Content-Length: 130
Content-Type: text/html; charset=utf-8

GET
H2

200

tpid=c4f732bc-74df-42ce-8a6a-ae6bea340793
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame 3025
Redirect Chain

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=c4f732bc-74df-42ce-8a6a-ae6bea340793?gdpr=1&gdpr_consent=

49 B
265 B

33ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=c4f732bc-74df-42ce-8a6a-ae6bea340793?gdpr=1&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.30.194
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
server: Apache-Coyote/1.1
location: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=c4f732bc-74df-42ce-8a6a-ae6bea340793?gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

tpid=CI-4784c0a14b602e70f495fd18424e68d3
bcp.crwdcntrl.net/map/c=6220/tp=TRMR/ Frame 3025
Redirect Chain

https://dt-secure.videohub.tv/v1/usync/lo
https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-4784c0a14b602e70f495fd18424e68d3

49 B
265 B

33ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-4784c0a14b602e70f495fd18424e68d3
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.118
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Location: https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-4784c0a14b602e70f495fd18424e68d3
Date: Wed, 15 Sep 2021 16:10:01 GMT
useSecure: true
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 3025 43 B
408 B 58ms
14ms Image
image/gif 72.251.241.204
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 16:10:01 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-6
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 3025
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=51996142-1ad8-4300-8d2a-59258e657821

49 B
264 B

39ms
39ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=51996142-1ad8-4300-8d2a-59258e657821
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.16
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Wed, 15 Sep 2021 16:10:01 GMT
Server: MT3 3944 2bcb57b master zrh-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=51996142-1ad8-4300-8d2a-59258e657821
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 15 Sep 2021 16:10:00 GMT

GET
H2

200

tpid=e180a32a-ab1c-4490-9933-43f58e63889a-61421ad9-5553
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 3025
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e180a32a-ab1c-4490-9933-43f58e63889a-61421ad9-5553

49 B
264 B

35ms
35ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e180a32a-ab1c-4490-9933-43f58e63889a-61421ad9-5553
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.0.73
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:00 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e180a32a-ab1c-4490-9933-43f58e63889a-61421ad9-5553
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

tpid=YUIa2QABwu6G9wA6&_test=YUIa2QABwu6G9wA6
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 3025
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YUIa2QABwu6G9wA6
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUIa2QABwu6G9wA6&_test=YUIa2QABwu6G9wA6

49 B
264 B

34ms
34ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUIa2QABwu6G9wA6&_test=YUIa2QABwu6G9wA6
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.207
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1631722201.416030,VS0,VE0
x-served-by: cache-hhn4074-HHN
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUIa2QABwu6G9wA6&_test=YUIa2QABwu6G9wA6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 3025 170 B
523 B 102ms
37ms Image
image/png 142.250.179.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame 3025 62 B
304 B 152ms
151ms Image
image/gif 72.246.100.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=560580961276eab85d6aaa1ffd37d143
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.100.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-100-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 16:10:01 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H/1.1 200
OK g.json Show response
aa.agkn.com/adscores/ Frame 3025 103 B
748 B 812ms
159ms Script
application/json 156.154.136.36
NPAC

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.154.136.36 , United States, ASN7786 (NPAC, US),
Reverse DNS
Software: AAWebServer /
Resource Hash: e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 16:10:01 GMT
Server: AAWebServer
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Type: application/json
Access-Control-Allow-Headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
Content-Length: 103
Expires: 0

GET
H2

200

tpid=3655989754527537650
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 3025
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/d3f59a796f720678a5e14a10d3bb6c0f/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3655989754527537650

49 B
264 B

40ms
40ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3655989754527537650
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.99
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3655989754527537650
pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=82288967/tpid=6697554765561039771/ Frame 3025
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=82288967%2Ftpid%3D%24UID%2Ftp%3DANXS
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D82288967%252Ftpid%253D%2524UID%252Ftp%253DANXS
https://sync.crwdcntrl.net/map/c=281/rand=82288967/tpid=6697554765561039771/tp=ANXS

49 B
264 B

32ms
32ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=82288967/tpid=6697554765561039771/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C115%2C106%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C50%2C45%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 16:10:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.29.18
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 15 Sep 2021 16:10:01 GMT
X-Proxy-Origin: 216.131.111.132; 216.131.111.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 27350c5b-4a10-4e51-a53a-c3e6257d657d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=82288967/tpid=6697554765561039771/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/t

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
educratsweb.com/	1970-01-20 06:00:58	Name: HstCfa4131786 Value: 1631722198341
educratsweb.com/	1970-01-20 06:00:58	Name: HstCla4131786 Value: 1631722198341
educratsweb.com/	1970-01-20 06:00:58	Name: HstCmu4131786 Value: 1631722198341
educratsweb.com/	1970-01-20 06:00:58	Name: HstPn4131786 Value: 1
educratsweb.com/	1970-01-20 06:00:58	Name: HstPt4131786 Value: 1
educratsweb.com/	1970-01-20 06:00:58	Name: HstCnv4131786 Value: 1
educratsweb.com/	1970-01-20 06:00:58	Name: HstCns4131786 Value: 1
.educratsweb.com/	1970-01-20 06:36:58	Name: __gads Value: ID=416b5a4d8bef5eea-227a7efb22c90062:T=1631722198:RT=1631722198:S=ALNI_MZyUxm7SCfQvw_jFZ_HzP5GJCBaJQ
.doubleclick.net/	1970-01-19 21:15:23	Name: test_cookie Value: CheckForPermission
.dtscout.com/	1970-01-19 21:15:27	Name: m Value: 1
.dtscout.com/	1970-01-19 21:15:40	Name: b Value: 1
.dtscout.com/	1970-01-19 21:15:25	Name: st Value: 1
.dtscout.com/	1970-01-19 21:15:36	Name: oa Value: 1
.dtscout.com/	1970-01-19 23:39:22	Name: df Value: 1631722199
.dtscout.com/	1970-01-19 23:23:31	Name: l Value: 10401631722199BE72DAD41AC5509FF2
.educratsweb.com/	1970-01-19 23:20:38	Name: __dtsu Value: 10401631722199BE72DAD41AC5509FF2
.onaudience.com/	1970-01-20 06:00:58	Name: cookie Value: 341f53ef579fd8b5
.onaudience.com/	1970-01-19 21:16:48	Name: done_redirects109 Value: 1
.dtscdn.com/	1970-01-20 01:33:07	Name: uid Value: 10401631722199BE72DAD41AC5509FF2
educratsweb.com/	1970-01-20 06:00:58	Name: _tccl_visitor Value: 25a750d9-0658-4ef4-8c17-04826a8c9b1a
educratsweb.com/	1970-01-19 21:15:24	Name: _tccl_visit Value: 25a750d9-0658-4ef4-8c17-04826a8c9b1a
.crwdcntrl.net/	1970-01-20 03:44:09	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 03:44:09	Name: _cc_id Value: d3f59a796f720678a5e14a10d3bb6c0f
.crwdcntrl.net/	1970-01-20 03:44:10	Name: _cc_cc Value: "ACZ4XmNQSDFOM7VMNLc0SzM3MjAzt0g0TTU0STQ0SDFOSjJLNkhjAIJEJ6mbIBoCeLf%2FuqPO%2BFGW4T8jI8PxTVNYYOyPny1hzGeL58CFl%2F8phKs%2BeogZxt6977IAjP2h4T6cfRhJ6%2FQTcIveLUGYuGbDU26Y1s7JJ7VgbADQokGa"
.crwdcntrl.net/	1970-01-20 03:44:10	Name: _cc_aud Value: "ABR4XmNgYGBIdJK6CaQggJmBgWsGmLmoFUQyPqwHkgBUDgTE"
.educratsweb.com/	1970-01-20 03:44:10	Name: _cc_id Value: d3f59a796f720678a5e14a10d3bb6c0f
.educratsweb.com/	1970-01-20 03:44:10	Name: _cc_cc Value: ACZ4XmNQSDFOM7VMNLc0SzM3MjAzt0g0TTU0STQ0SDFOSjJLNkhjAIJEJ6mbIBoCeLf%2FuqPO%2BFGW4T8jI8PxTVNYYOyPny1hzGeL58CFl%2F8phKs%2BeogZxt6977IAjP2h4T6cfRhJ6%2FQTcIveLUGYuGbDU26Y1s7JJ7VgbADQokGa
.educratsweb.com/	1970-01-20 03:44:10	Name: _cc_aud Value: ABR4XmNgYGBIdJK6CaQggJmBgWsGmLmoFUQyPqwHkgBUDgTE
.educratsweb.com/	1970-01-19 21:16:48	Name: panoramaId_expiry Value: 1631808601004
.tapad.com/	1970-01-19 22:41:46	Name: TapAd_TS Value: 1631722201202
.tapad.com/	1970-01-19 22:41:46	Name: TapAd_DID Value: d3dc1bb2-57cc-4695-8d88-fa68d4352752
.krxd.net/	1970-01-20 01:34:34	Name: _kuid_ Value: OXRtvXWg
.tapad.com/	1970-01-19 22:41:46	Name: TapAd_3WAY_SYNCS Value:
.tidaltv.com/	1970-01-20 06:00:58	Name: tidal_ttid Value: c4f732bc-74df-42ce-8a6a-ae6bea340793
.mathtag.com/	1970-01-20 06:41:17	Name: uuid Value: 51996142-1ad8-4300-8d2a-59258e657821
.tidaltv.com/	1970-01-20 06:00:58	Name: sync-his Value: "H4sIAAAAAAAAADM0sjA3szI0NAAARaWC7gkAAAA="
.sitescout.com/	1970-01-20 06:00:58	Name: ssi Value: e180a32a-ab1c-4490-9933-43f58e63889a#1631722201332
.sitescout.com/	1970-01-19 21:58:34	Name: _ssuma Value: eyI3IjoxNjMxNzIyMjAxMzUzfQ
.everesttech.net/	1970-01-20 06:00:58	Name: everest_g_v2 Value: g_surferid~YUIa2QABwu6G9wA6
.adnxs.com/	1970-01-19 23:24:58	Name: uuid2 Value: 6697554765561039771
.turn.com/	1970-01-20 01:34:34	Name: uid Value: 3655989754527537650
.videohub.tv/	1970-01-20 06:00:58	Name: UIXX_UPDT Value: "UILO=1631722201452"
.videohub.tv/	1970-01-20 06:00:58	Name: uid Value: CI-4784c0a14b602e70f495fd18424e68d3
sync.srv.stackadapt.com/	1970-01-20 06:00:58	Name: sa-user-id Value: s%3A0-48ff3553-787b-4130-540b-771a8d4b0749.Z2mblZA6d2S%2BozMNquk%2FsWzeI%2FunfKU6qZTjqLlVbp0
.srv.stackadapt.com/	1970-01-20 06:00:58	Name: sa-user-id-v2 Value: s%3A0-48ff3553-787b-4130-540b-771a8d4b0749%24ip%24216.131.111.132.tU37Y5Qgr0X4X1pSt79AzgCcdRZcjYCR5yHajv42hSY
.demdex.net/	1970-01-20 01:34:34	Name: demdex Value: 87808564047887893783220576369535445174
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: qemnn5z52tv0kif4m5fzx0zf
.agkn.com/	1970-01-20 06:00:58	Name: ab Value: 0001%3ATrNm1xCPXVd5DcScXzp0qwPIxriB0Vst
.dpm.demdex.net/	1970-01-20 01:34:34	Name: dpm Value: 87808564047887893783220576369535445174
.id5-sync.com/	1970-01-19 21:15:22	Name: cf Value:
.id5-sync.com/	1970-01-19 21:15:22	Name: cip Value:
.id5-sync.com/	1970-01-19 21:15:22	Name: cnac Value:
.id5-sync.com/	1970-01-19 21:15:22	Name: car Value:
.id5-sync.com/	1970-01-19 21:15:22	Name: gdpr Value:
.id5-sync.com/	1970-01-19 21:15:22	Name: callback Value:
.id5-sync.com/	1970-01-19 23:24:58	Name: id5 Value: 052e5e37-164b-4f3a-b3a8-99c5fcb1fd44#1631722199385#2
.id5-sync.com/	1970-01-19 23:24:58	Name: 3pi Value: 224#1631722199639#738500115\|321#1631722199607#-1897356074\|19#1631722199396#1244898840#d3f59a796f720678a5e14a10d3bb6c0f\|398#1631722199639#-1957489101
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: arxpu0o0suflsktjn55dgxgr
.ib.mookie1.com/	1970-01-20 06:00:58	Name: ibkukiuno Value: s=6639356e-a607-40f1-a5aa-648a89f74e56&h=&v=3335101428&l=-8585698846827909669&op=&hl=0&vlu=3&tcs=1&dcc=-8585698846827909669
.ib.mookie1.com/	1970-01-20 06:00:58	Name: ibkukinet Value: 3632492420=-8585698846827909669

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://px.surveywall-api.survata.com/t Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
adservice.google.com
adservice.google.de
audex.userreport.com
bcp.crwdcntrl.net
beacon.krxd.net
cdn.tynt.com
clients1.google.com
cm.adgrx.com
cm.g.doubleclick.net
cse.google.com
d.turn.com
de.tynt.com
dpm.demdex.net
dt-secure.videohub.tv
e.dtscout.com
educratsweb.com
get.s-onetag.com
global.ib-ibi.com
googleads.g.doubleclick.net
ib.mookie1.com
ic.tynt.com
id5-sync.com
image6.pubmatic.com
img.secureserver.net
img1.wsimg.com
loadm.exelator.com
match.adsrvr.org
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
partner.googleadservices.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
px.surveywall-api.survata.com
s10.histats.com
s4.histats.com
secure.adnxs.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.sharethis.com
sync.srv.stackadapt.com
sync.tidaltv.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
www.googleapis.com
www.googletagservices.com
px.surveywall-api.survata.com
104.16.87.26
13.224.94.36
13.224.94.40
13.224.94.53
13.224.94.54
13.224.94.95
142.250.102.147
142.250.102.154
142.250.102.156
142.250.179.130
142.250.179.142
142.250.179.162
142.250.179.194
142.250.27.132
142.250.27.154
148.66.138.136
151.101.114.49
156.154.136.36
158.69.139.238
158.69.251.190
18.198.109.212
185.29.132.241
185.64.190.78
199.127.207.190
208.100.17.182
208.100.17.187
216.58.214.10
216.58.214.14
23.37.42.16
3.121.175.251
35.227.248.159
37.252.172.38
45.55.120.93
46.105.201.240
46.228.164.13
51.222.80.231
51.89.21.10
52.215.191.146
52.30.140.199
52.42.180.228
54.78.254.47
54.81.207.173
64.58.232.176
64.58.232.180
66.155.71.150
72.246.100.56
72.251.241.204
76.223.111.131
95.101.27.83
99.81.41.171
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd0326be010e85af0b32d287304ac771196e864fdc86c317941b56dcf64fd34
1f13cbf208b173cbe8386bed53c96634a61b373ec7f60f22a7308683c514f07e
2a368eb687a4220838b03884c0b545e2898bb3bee07b5a3604205fb8258b33a1
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
363e286d78b4a6e7da7f1b3f2551248bdbe5f00af1b8ecb6aa0c7b23bec8163b
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
49300c42f9811d3201cf4e7f47f2978df7a8c0ca0a7f8ab752966b0a53bc7c60
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4c88236ea6308e73d4b4032ec695442fc3d6a82e4e8406b2c2f03f1579b5f74e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fe000ad6180e93bf890ee5cc00abb427b7f8215db82b09d77bf38998ba7835b
5d4588e567a783b5658caec93e132e1bd6d8e980ec7bb218fcd75ed488d4e702
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
6a31f5e2ef9d66ae390fc16ca76b56aeb76c06b43e1e6b34979f27f9a25d330c
76b3198b7e3a1eb3e1044ec3762d3e201aa628dfd13522263dfd3639695eae66
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3
839a2f0736201ba401f51e002d699fa69c6d4562c92b67f2f23f289767320c5c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90f38ea3b680ef3fc72b8277e63927923e52a5ec87e7c9f0b04b89481f1bd985
92465aeecfe9976331a7855159ed7c60306543ce9a9f50f0d492ccf799aa7487
9434632a714bb92703132be5cdffe76a98b42547bb823f925fd275d6ca3cf860
94fc1b6f57eaec5b66d02212a4a8c63fb22b3b46c2643d76c1b39edeea337b71
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d48cfb4f54844798ab65546c9c0c10cb2987be8c33aa357338033cc308b5a9
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc902a9aa881adff992ee03c7fe3ea416e2b3928daabb920ea2179a8949bdf17
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86b89f32eb480c566e1607fc1fa59e9c3bd10ba8cacb21883c7a8731a7360ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f299a3fc18426d8001c059de60157bb352f370aaf8dab148b2124ba13a014e9f
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

educratsweb.com Open in urlscan Pro 148.66.138.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

91 %HTTPS

0 %IPv6

40 Domains

54 Subdomains

38 IPs

9 Countries

500 kBTransfer

1316 kBSize

60 Cookies

0 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

educratsweb.com Open in urlscan Pro
148.66.138.136 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

91 %
HTTPS

0 %
IPv6

40
Domains

54
Subdomains

38
IPs

9
Countries

500 kB
Transfer

1316 kB
Size

60
Cookies

79 HTTP transactions
0 data transactions