fllwrs.com Open in urlscan Pro
107.170.36.69 Public Scan

URL:
http://fllwrs.com/
Submission: On March 06 via api (March 6th 2021, 11:07:34 am UTC) from SA

Summary HTTP 90 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 18 domains to perform 90 HTTP transactions. The main IP is 107.170.36.69, located in New York, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is fllwrs.com.

This is the only time fllwrs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	107.170.36.69 107.170.36.69	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 10	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
17	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	184.30.216.177 184.30.216.177	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	34.246.227.69 34.246.227.69	16509 (AMAZON-02) (AMAZON-02)
7	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
90	19

3 107.170.36.69 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

fllwrs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 72.251.249.13 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gslbeacon.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vap2ams1.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.216.177 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-216-177.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.227.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	487 KB
17	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	74 KB
11	lijit.com 1 redirects ap.lijit.com gslbeacon.lijit.com vap2ams1.lijit.com pxdrop.lijit.com	32 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	99 KB
5	googletagservices.com www.googletagservices.com	156 KB
4	google.com 1 redirects adservice.google.com www.google.com	406 B
3	fllwrs.com fllwrs.com	20 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	openx.net 2 redirects rtb.openx.net	757 B
2	rlcdn.com 2 redirects id.rlcdn.com	887 B
2	googleapis.com fonts.googleapis.com	2 KB
2	google.de adservice.google.de	311 B
2	googleadservices.com partner.googleadservices.com	716 B
2	google-analytics.com www.google-analytics.com	17 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	quantserve.com cms.quantserve.com	463 B
90	18

	Domain	Requested by
19	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
17	pagead2.googlesyndication.com	fllwrs.com pagead2.googlesyndication.com ap.lijit.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
7	ap.lijit.com	1 redirects fllwrs.com ap.lijit.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fllwrs.com	fllwrs.com
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	vap2ams1.lijit.com	fllwrs.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.google-analytics.com	fllwrs.com
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	pxdrop.lijit.com	fllwrs.com
1	gslbeacon.lijit.com	ap.lijit.com
90	25

This site contains links to these domains. Also see Links.

Domain
fllwrs.freshdesk.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 15 frames:

Primary Page: http://fllwrs.com/
Frame ID: C70A1984500BEA468DAEA1545480E521
Requests: 15 HTTP requests in this frame

Frame: https://ap.lijit.com/sync
Frame ID: A85F99612236B51F3318F3080A472B87
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Frame ID: 1EC113A35E91653BD5576DBF1E431A99
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7098019582&adk=4203217917&adf=3673058151&pi=t.ma~as.7098019582&w=300&lmt=1615028837&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615028837616&bpp=11&bdt=263&idt=66&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5355338044520&frm=20&pv=2&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1588874618&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21068944&oid=3&pvsid=819073361572215&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=UO995tm98A&p=http%3A//fllwrs.com&dtd=82
Frame ID: 7A4FC77B23B5C9775D0D41A4E770EAF6
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=5851746840&adk=3459621094&adf=2970249784&pi=t.ma~as.5851746840&w=300&lmt=1615028837&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615028837627&bpp=2&bdt=274&idt=80&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=5355338044520&frm=20&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1588874618&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21068944&oid=3&pvsid=819073361572215&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=cq1T0x1g8n&p=http%3A//fllwrs.com&dtd=84
Frame ID: 5CCDB09B22F1CD2040EB8184DA68067F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&adk=1812271804&adf=3025194257&lmt=1615028837&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615028837629&bpp=1&bdt=276&idt=85&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=5355338044520&frm=20&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1588874618&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21068944&oid=3&pvsid=819073361572215&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=89
Frame ID: 50E535AAE77BC22B241EA6BFC47DE5F7
Requests: 1 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_168503_76d3721da755427d8add8f0287c53012&rand=1576&informer=9960408&type=fpads&loc=http%3A%2F%2Ffllwrs.com%2F&v=1.2
Frame ID: 5734CE859C4E172DE422741D3A2BA53F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76
Frame ID: C0C83AF077F25CE48D01BC7A20329C0B
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: DC5844256C9673AD18A5DFC86622F9B4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
Frame ID: CF3A0016CFA2279C0DAD896C5952CA32
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2DD13E22F4690E172DA4964862E93273
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D86BDD6F6E9C59ECAA3F3AD4F7059F2F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
Frame ID: 1AF3E0C6FD8385A0182C25D2D570A205
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
Frame ID: 005D2D4D1E5E96B0DE30DCCBA2A89F98
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 4C7411C2D23FBF4911188C1E8646A33B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

90
Requests

93 %
HTTPS

54 %
IPv6

18
Domains

25
Subdomains

19
IPs

5
Countries

888 kB
Transfer

2132 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://fllwrs.freshdesk.com/
Title: help desk

Search URL Search Domain Scan URL

URL: http://www.facebook.com/fllwrs
Title: facebook page

Search URL Search Domain Scan URL

URL: http://twitter.com/_fllwrs
Title: @_fllwrs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250 HTTP 301
https://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250

Request Chain 4

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 5

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=64219851&utmhn=fllwrs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=fllwrs%20-%20keep%20track%20of%20who%20follows%20and%20unfollows%20you%20on%20twitter&utmhid=1588874618&utmr=-&utmp=%2F&utmht=1615028837509&utmac=UA-19997787-1&utmcc=__utma%3D203250886.1622410169.1615028838.1615028838.1615028838.1%3B%2B__utmz%3D203250886.1615028838.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=939894278&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=64219851&utmhn=fllwrs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=fllwrs%20-%20keep%20track%20of%20who%20follows%20and%20unfollows%20you%20on%20twitter&utmhid=1588874618&utmr=-&utmp=%2F&utmht=1615028837509&utmac=UA-19997787-1&utmcc=__utma%3D203250886.1622410169.1615028838.1615028838.1615028838.1%3B%2B__utmz%3D203250886.1615028838.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=939894278&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 77

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitULc-NA9UGop5RpN0RuniUj38NrlzD1aO7_j9iwgKt8tO9ar6P6ZOoqLntC4XbgLgLa_TWVLTvfL5OfqZdgMsfFzT6GDXSRY&google_gid=CAESEAJdkR_I1oiE4jyGMwfRFBs&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVOaVpnQUFBSjRLMGtTZA&google_push=AQvitULc-NA9UGop5RpN0RuniUj38NrlzD1aO7_j9iwgKt8tO9ar6P6ZOoqLntC4XbgLgLa_TWVLTvfL5OfqZdgMsfFzT6GDXSRY

Request Chain 78

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKWqPdW-_Z1vW8Qjz4MRWW5dUdYw5mdhkIDg5fJEhC4fxB01PfUuQw95LyheRRrfhL-1_nnIcIt5O9zgBnKzixpmm-5hNfE&google_gid=CAESEDHUE2LHXrgpGHPSruC1Dtg&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCObEjYIGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVLV3FQZFctX1oxdlc4UWp6NE1SV1c1ZFVkWXc1bWRoa0lEZzVmSkVoQzRmeEIwMVBmVXVRdzk1THloZVJScmZoTC0xX25uSWNJdDVPOXpnQm5Leml4cG1tLTVoTmZF HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSmJvS1Y2ZW12OU9hV1RxdlF3T01UZFJpUFhUTVRJMWtSTUFLQTFTQy01QQ==&google_push

Request Chain 79

https://rtb.openx.net/sync/dds?google_gid=CAESEBSM5Zz2BRW4r4GSISErmjQ&google_cver=1&google_push=AQvitUJgtfG5uOqQj0A9dq0lZ80ReGujx-lr9W9TG2KfQOOSEnOCcxLw2ioYsurMUqRgszZrq01b6Gv6hZLhzDJmrgdqecA1eaw HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEBSM5Zz2BRW4r4GSISErmjQ&google_cver=1&google_push=AQvitUJgtfG5uOqQj0A9dq0lZ80ReGujx-lr9W9TG2KfQOOSEnOCcxLw2ioYsurMUqRgszZrq01b6Gv6hZLhzDJmrgdqecA1eaw&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJgtfG5uOqQj0A9dq0lZ80ReGujx-lr9W9TG2KfQOOSEnOCcxLw2ioYsurMUqRgszZrq01b6Gv6hZLhzDJmrgdqecA1eaw&google_hm=H6GOin6Xwmgkq7r0cAyy9Q==

Request Chain 80

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEB6b3QGddohnIwJIloL0NVA&google_cver=1&google_push=AQvitULjwrYCHdelKe9QjGhzvbKAJeRutW-gRWGaWctJLHm72p0X9LWaQXTpsUwaiw5nWi9Jf0lBUM_BEYIv4StaaMLMuq-QQoo HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEB6b3QGddohnIwJIloL0NVA&google_cver=1&google_push=AQvitULjwrYCHdelKe9QjGhzvbKAJeRutW-gRWGaWctJLHm72p0X9LWaQXTpsUwaiw5nWi9Jf0lBUM_BEYIv4StaaMLMuq-QQoo&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yhlHwwueR3KjvqDLFHi-Pg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULjwrYCHdelKe9QjGhzvbKAJeRutW-gRWGaWctJLHm72p0X9LWaQXTpsUwaiw5nWi9Jf0lBUM_BEYIv4StaaMLMuq-QQoo

Request Chain 81

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEsnU5ilRQhY14Gb2zK_cWI&google_cver=1&google_push=AQvitULwYz8jtJdelByC_qN5EYxtfQfCADU0h-5IYAbOMRMaipxtsdyxViRMjl7zFyECuMaTwp-FL9lHxVB-ghffo7IrN6AruO9d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xYTUdaSFUtTy02S1ZD&google_push=AQvitULwYz8jtJdelByC_qN5EYxtfQfCADU0h-5IYAbOMRMaipxtsdyxViRMjl7zFyECuMaTwp-FL9lHxVB-ghffo7IrN6AruO9d

Request Chain 82

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFwJfcOuKf2W31jQyM8h5YA&google_cver=1&google_push=AQvitUKwgUcWvVSNra7O_pGUL95z_JKgDEKM4E-76DLo45j8fgAFtLY5Dp6T8ujpappUMhan91ZVHm84dnDKcS9-bhHmm0x7evrl HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFwJfcOuKf2W31jQyM8h5YA&google_cver=1&google_push=AQvitUKwgUcWvVSNra7O_pGUL95z_JKgDEKM4E-76DLo45j8fgAFtLY5Dp6T8ujpappUMhan91ZVHm84dnDKcS9-bhHmm0x7evrl&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YENiZqQBixH0MIU0DyHvfQAABIAAAAIB&google_gid=CAESEFwJfcOuKf2W31jQyM8h5YA&google_cver=1&google_push=AQvitUKwgUcWvVSNra7O_pGUL95z_JKgDEKM4E-76DLo45j8fgAFtLY5Dp6T8ujpappUMhan91ZVHm84dnDKcS9-bhHmm0x7evrl

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

90 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
fllwrs.com/ 4 KB
2 KB 213ms
187ms Document
text/html 107.170.36.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://fllwrs.com/
Protocol: HTTP/1.1
Server: 107.170.36.69 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 83e5578ad7cbaa2edf1cc98a38a3c30066bd3b6051d300d9dbdd32a18db917a7

Request headers

Host: fllwrs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sat, 06 Mar 2021 11:07:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: fllwrs_sess=345589e653a5d268646778012b381db1; expires=Sun, 07-Mar-2021 11:07:17 GMT; path=/
Content-Encoding: gzip

GET
H/1.1 200
OK css.css
fllwrs.com/assets/ 28 KB
6 KB 87ms
87ms Stylesheet
text/css 107.170.36.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://fllwrs.com/assets/css.css
Requested by: Host: fllwrs.com
URL: http://fllwrs.com/
Protocol: HTTP/1.1
Server: 107.170.36.69 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3b6c039bd159c7cd4069c94613e2b91c6eb0ea9ca38ce30d6a00f4afad77716

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:07:17 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Apr 2013 21:13:35 GMT
Server: nginx
ETag: W/"517304ff-7185"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK fllwrs-logo.png
fllwrs.com/assets/ 12 KB
12 KB 172ms
158ms Image
image/png 107.170.36.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fllwrs.com/assets/fllwrs-logo.png
Requested by: Host: fllwrs.com
URL: http://fllwrs.com/
Protocol: HTTP/1.1
Server: 107.170.36.69 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b51897307a1d7c8e9dbc0d68c0aef9371724b549bd47d46e8cf73f542ccce558

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:07:17 GMT
Last-Modified: Sat, 20 Apr 2013 21:13:35 GMT
Server: nginx
ETag: "517304ff-30b0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12464

GET
H/1.1

200
OK

fpi.js Show response
ap.lijit.com/www/delivery/
Redirect Chain

http://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250
https://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250

5 KB
3 KB

101ms
35ms

Script
text/javascript

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250
Requested by: Host: fllwrs.com
URL: http://fllwrs.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 11:07:17 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5f4932f3-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap2ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Location: https://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250
Content-length: 0

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
50 KB 30ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fllwrs.com
URL: http://fllwrs.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 06 Mar 2021 11:07:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13215137272821469477
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 50479
X-XSS-Protection: 0
Expires: Sat, 06 Mar 2021 11:07:17 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: fllwrs.com
URL: http://fllwrs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5104
date: Sat, 06 Mar 2021 09:42:13 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 06 Mar 2021 11:42:13 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H3-Q050

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=64219851&utmhn=fllwrs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=fllwrs%20-%2...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=64219851&utmhn=fllwrs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=fllwrs%20-%...

35 B
80 B

14ms
14ms

Image
image/gif

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=64219851&utmhn=fllwrs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=fllwrs%20-%20keep%20track%20of%20who%20follows%20and%20unfollows%20you%20on%20twitter&utmhid=1588874618&utmr=-&utmp=%2F&utmht=1615028837509&utmac=UA-19997787-1&utmcc=__utma%3D203250886.1622410169.1615028838.1615028838.1615028838.1%3B%2B__utmz%3D203250886.1615028838.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=939894278&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: fllwrs.com
URL: http://fllwrs.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=64219851&utmhn=fllwrs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=fllwrs%20-%20keep%20track%20of%20who%20follows%20and%20unfollows%20you%20on%20twitter&utmhid=1588874618&utmr=-&utmp=%2F&utmht=1615028837509&utmac=UA-19997787-1&utmcc=__utma%3D203250886.1622410169.1615028838.1615028838.1615028838.1%3B%2B__utmz%3D203250886.1615028838.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=939894278&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame A85F 86 KB
20 KB 58ms
58ms Script
text/javascript 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 981a47bdf683f5af5ab3fbad953035c7335c5dbe1f3ff659ceb30bd9782c6cf4

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:07:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 16:38:47 GMT
Server: nginx
ETag: W/"5f493317-159f3"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap2ams1
Expires: Sun, 07 Mar 2021 11:07:17 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ 227 KB
85 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2539697311326124&plah=fllwrs.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87278
x-xss-protection: 0
server: cafe
etag: 4389487008424739880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 06 Mar 2021 11:07:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/ Frame 1EC1 11 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210303/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 05 Mar 2021 21:27:47 GMT
expires: Fri, 19 Mar 2021 21:27:47 GMT
content-type: text/html; charset=UTF-8
etag: 14371272352318978350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 5136
x-xss-protection: 0
age: 49170
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame A85F 158 B
549 B 41ms
40ms Script
application/x-javascript 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=168503&tid=9fb663da7a7c4153b5b297c583f9d2d9bcbe01ac&mode=1&dmn=fllwrs.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 33954e1264c4aebdcc448b3c6e9acffc7a40d3e7abd6ba34e3cc1023774622e2

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:07:17 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 145

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
258 B 45ms
45ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fllwrs.com&callback=_gfp_s_&client=ca-pub-2539697311326124

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2539697311326124&plah=fllwrs.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

79b3fd637d0cee67377c28c6a3c0a589091f41827b6ec4d062b2dda16aa0017a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fllwrs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 11:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fllwrs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 11:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A4F 64 KB
22 KB 726ms
726ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7098019582&adk=4203217917&adf=3673058151&pi=t.ma~as.7098019582&w=300&lmt=1615028837&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615028837616&bpp=11&bdt=263&idt=66&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5355338044520&frm=20&pv=2&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1588874618&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21068944&oid=3&pvsid=819073361572215&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=UO995tm98A&p=http%3A//fllwrs.com&dtd=82

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

751df056392e33318b9c3487106a4d7747c64f3689843e757162127e57688c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7098019582&adk=4203217917&adf=3673058151&pi=t.ma~as.7098019582&w=300&lmt=1615028837&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615028837616&bpp=11&bdt=263&idt=66&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5355338044520&frm=20&pv=2&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1588874618&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21068944&oid=3&pvsid=819073361572215&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=UO995tm98A&p=http%3A//fllwrs.com&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Mar 2021 11:07:18 GMT
server: cafe
content-length: 22063
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 06-Mar-2021 11:22:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Mar 2021 11:07:18 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774803212306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:07:17 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5CCD 65 KB
22 KB 667ms
667ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=5851746840&adk=3459621094&adf=2970249784&pi=t.ma~as.5851746840&w=300&lmt=1615028837&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615028837627&bpp=2&bdt=274&idt=80&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=5355338044520&frm=20&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1588874618&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21068944&oid=3&pvsid=819073361572215&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=cq1T0x1g8n&p=http%3A//fllwrs.com&dtd=84

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7a980ec0fa5c96d6a89876367ee83c1809f5fa347b60fd49a1265e907c94755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=5851746840&adk=3459621094&adf=2970249784&pi=t.ma~as.5851746840&w=300&lmt=1615028837&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615028837627&bpp=2&bdt=274&idt=80&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=5355338044520&frm=20&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1588874618&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21068944&oid=3&pvsid=819073361572215&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=cq1T0x1g8n&p=http%3A//fllwrs.com&dtd=84
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Mar 2021 11:07:18 GMT
server: cafe
content-length: 22196
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 06-Mar-2021 11:22:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Mar 2021 11:07:18 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50E5 0
163 B 16ms
15ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&adk=1812271804&adf=3025194257&lmt=1615028837&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615028837629&bpp=1&bdt=276&idt=85&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=5355338044520&frm=20&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1588874618&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21068944&oid=3&pvsid=819073361572215&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=89

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2539697311326124&output=html&adk=1812271804&adf=3025194257&lmt=1615028837&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615028837629&bpp=1&bdt=276&idt=85&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=5355338044520&frm=20&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1588874618&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21068944&oid=3&pvsid=819073361572215&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=89
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 06 Mar 2021 11:07:17 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 06-Mar-2021 11:22:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Mar 2021 11:07:17 GMT
cache-control: private

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame A85F 1 KB
1 KB 112ms
112ms Script
application/x-javascript 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=168503&tid=a_168503_76d3721da755427d8add8f0287c53012&cb=undefined&mode=1&flv=0.0.0&ifr=true&od=fllwrs.com&time=11%3A07%3A17&fd=1&be=sf&loc=http%3A%2F%2Ffllwrs.com%2F&orig_loc=http%3A%2F%2Ffllwrs.com%2F&abf=true&dpz=false&cv=undefined&dop=1&ndw=1&spif=true&btid=a_168503_76d3721da755427d8add8f0287c53012
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: e30950108b5b7d448395ee935b0be75c34f0eac7bbefd34309e78279ad5c86fe

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:07:17 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 711

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame A85F 97 KB
35 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/sync

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e09250d511edfe656fb5c533905329f2177ffd89809b7f90bacc21ed58f2f779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 06 Mar 2021 11:07:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 3018423530453600169
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 35339
X-XSS-Protection: 0
Expires: Sat, 06 Mar 2021 11:07:17 GMT

GET
H/1.1 204
No Content beacon
gslbeacon.lijit.com/ Frame 5734 0
0 80ms
28ms Document
text/plain 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://gslbeacon.lijit.com/beacon?viewId=a_168503_76d3721da755427d8add8f0287c53012&rand=1576&informer=9960408&type=fpads&loc=http%3A%2F%2Ffllwrs.com%2F&v=1.2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: gslbeacon.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://fllwrs.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

Server: nginx
Date: Sat, 06 Mar 2021 11:07:17 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap2ams1

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame A85F 47 KB
5 KB 41ms
41ms Script
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=168503&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: d3d533bf9d86c1411c2b2e913b7b31dc10d5986c86837683afc4706d409cf96c

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 11:07:17 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap2ams1
Content-Type: application/json
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK impression
vap2ams1.lijit.com/addelivery/ Frame A85F 43 B
567 B 102ms
34ms Image
image/gif 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap2ams1.lijit.com/addelivery/impression?i_data=PNm6Kn8rFt48AkxW9cIkKzozpykjVuaekJV6uOdRE9y10Aqr4kBgAuQRXHGZAA9-Canq29uIIImUfGqzMOVtH-qkWjBLxsVVB-iLxDIIBsgEIxNkohwnRBFIwUF2A5kxwwBA41-6mMaDsqGrmxx1qnpv0zyDI0l8ENT6_uKc6kNkujO1d572BKoSGpaLYKiXOdnkUuYD_r6dOlGIULPtdXI6L2m5X6DcOsgdcZQ_fS2hIKrJrcEITXgcN1vQnmawsj7yF5GGVCoxWn4IhagYLreFsD_F6tYnahmkQE-A8eppLrCgFguwgO6a5nREayehZv64gX5g2NIC&bannerid=20358&campaignid=232&endpoint=WATERFALL&zoneid=168503&tid=a_168503_76d3721da755427d8add8f0287c53012
Requested by: Host: fllwrs.com
URL: http://fllwrs.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 11:07:17 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK fp
vap2ams1.lijit.com/data/ Frame A85F 43 B
210 B 102ms
34ms Image
image/gif 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap2ams1.lijit.com/data/fp?tid=a_168503_76d3721da755427d8add8f0287c53012&zoneid=168503&starttime=1615028837672&adcfg=3&adcfg_response=48&addelivery=51&addelivery_response=164&lgfired=168&beacon=170&container=172&EOL=173&ctstart=0&elapsed_ms=173
Requested by: Host: fllwrs.com
URL: http://fllwrs.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / podlogging
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:07:17 GMT
Server: nginx
X-Sovrn-Pod: ad_ap2ams1
X-Powered-By: podlogging
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ Frame A85F 227 KB
85 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2539697311326124&plah=fllwrs.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87278
x-xss-protection: 0
server: cafe
etag: 4389487008424739880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 06 Mar 2021 11:07:17 GMT

GET
H/1.1 204
No Content t.dhj Show response
pxdrop.lijit.com/1/d/ Frame A85F 0
604 B 56ms
40ms Script
application/javascript 184.30.216.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

http://pxdrop.lijit.com/1/d/t.dhj?dmn=fllwrs.com&GDPR_v2=undefined

Requested by

Host: fllwrs.com
URL: http://fllwrs.com/

Protocol

HTTP/1.1

Server

184.30.216.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-30-216-177.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:07:17 GMT
X-Content-Type-Options: nosniff
Edge-Log-Var: 2!z!c026!null!pxdrop.lijit.com!%2f1%2fd%2ft.dhj!&GDPR_v2=undefined!block_code=EEA
X-Robots-Tag: noindex, nofollow
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Cache-Control: private, max-age=3600
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
Expires: Sat, 06 Mar 2021 12:07:17 GMT

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame A85F 43 B
210 B 41ms
40ms Image
image/gif 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_168503_76d3721da755427d8add8f0287c53012&zoneid=168503&cid=18&geo=FR&all_tags=203%2C234%2C248%2C383%2C388%2C458%2C462%2C465%2C490%2C494%2C501%2C503%2C512%2C515%2C519%2C520%2C539%2C541%2C561%2C563%2C565%2C576%2C580%2C582%2C584%2C586%2C589%2C590&tss=49&fired_tags=590&count=1&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C32%2C32%2C8%2C32%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1&elapsed_ms=49
Requested by: Host: fllwrs.com
URL: http://fllwrs.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / podlogging
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:07:17 GMT
Server: nginx
X-Sovrn-Pod: ad_ap2ams1
X-Powered-By: podlogging
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame A85F 12 B
458 B 84ms
53ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fllwrs.com&callback=_gfp_s_&client=ca-pub-2539697311326124&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame A85F 107 B
146 B 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fllwrs.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 11:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame A85F 107 B
146 B 17ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fllwrs.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 11:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C0C8 59 KB
23 KB 572ms
571ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73b3c4f492d66ea00fb602af2bffe7865ffe48163c95fc5e23a4a5b5d70f1038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Mar 2021 11:07:18 GMT
server: cafe
content-length: 22957
x-xss-protection: 0
set-cookie: IDE=AHWqTUlFihY7pKS6fkkLSGM47MzkAqZI64X-YNE4smPGjIuUISnjGgNbjPN5k9PdfqE; expires=Thu, 31-Mar-2022 11:07:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Mar 2021 11:07:18 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A85F 8 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2256febc5c33541332325bc37347378e871ee217038b9c974d034f16869d325f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 11:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6575
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A85F 74 KB
28 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774803212306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:07:17 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A85F 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:07:17 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame DC58 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 06 Mar 2021 11:07:02 GMT
expires: Sun, 06 Mar 2022 11:07:02 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js Show response
pagead2.googlesyndication.com/bg/ Frame DC58 14 KB
5 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 57563
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5600
x-xss-protection: 0
expires: Sat, 05 Mar 2022 19:07:55 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A85F 0
46 B 43ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=4351380872839319&bg=!ICOlI2DNAAWsVXnBrDsAKQB2-Dxaznc-2siu6rI5d1zErlS_F8VJpTctKFtB4b353yHeyAWHf39RAgAAAEBSAAAAC2gBBwoBd9n5AynxFgVM1kS0WOkf5jprcXEJZshrUTjnRn_j1GqtBhoHnGrh3zgJ7Q_mtW4is5FSHsaG5L9MLvKrjH2p8BulujKGzd9dlZDNvEFum23AYr7o5Z7R5TSimZSxTqlicaAqukhpFlMIhF5N9fNMNCikkacNUF0-z_fEGOymujWdPvM7w8stS3tkejilHgIMZs2LALGu0ktg7ulEfOAJJnsr_X7Z7ScnHaSTa5c3IIl-eSPr-h3GwRrpa4rKig748ZUYLa4rJ5BJtBoWwSFsnzPri2gfr6Jsayl8VpENXDh5s0gB4tPKkOoEdysZoDtnWitmFFYSN1cXtBSVROCCIRLnxcPLX9PwHIW02RdSTYlcMQMs0rMJxWktPONmb9yIrxttL3WRXmzWIl5EAqsysqf4XGEJK48I75HV48z-9ouCeSjoZlT3HVUqmPQybNSEG4BApUWMKcBIG3LApZS1HrwDSeV5CcRAYMHYsr3cOnTtE1i_cHQTwpkCJKvPtHgAKlamUGFKUpnL_2dyz9lT8XgpNfHRBXkNsCM2fdr9I4Ctstxp0TOXA82i-iiDf05sCxmsRMSR0P_V7h6CyKFik2eoZubBsrfyz0xWzeRU-Z_frlF_MUWi1LkDy7oixwAdiVUHbtLEGifcgo5J7T9Ilk-Q4-fmWcVELjIe_0zNdqpMj5lIY8mSvPPi1m1HeImNSF0-DcLYOFiVCog_CyoLBb7p5x0Cgkg3zkdHmfDPGLBwpg2vuKnTQS98QFPC5d1M7oWljxzNZFbG1R1mHWlU65IGJzfkLdimw14mIuOJ3D-fSLVlHSummh8bDfhXDVJW4BvEbkg6rshkLhmhzd1SAK24tZzgHlk4z6B87lrtdOrnILjRIV6lKYweqUHZ0B4D9wFy0pdvTiA6UDER7pWTpIvaDNZ88mudANyZgP97oCFhKz_c6QEcNObMP2ihBT5-jgfzAtRj9VgZEnBGi5QoAsKsIxmqxoUarvwePHm9Z6laPrI14x8SHk5GcD3xs346AjgzejXWQhAx-ikSNxEkx9z6Zy6wOxBmhd9OLKH1TwzT5QMOxxMBjhhOtYiCF2ZDPPu6uCpxcfKfjuK8TjVBF-pdbGNFHib2kWQOBAcpG_JEdCZg9USaBHq1o1BaOIyJ7GOIv_pfc81yjajFktHnznPeNr_H0ArQlbCeY6fRNek-uaSk-Ka4NWxAq-Ij9diDM-IhVnUXPz4WqYOIMbyr

Requested by

Host: fllwrs.com
URL: http://fllwrs.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5CCD 4 KB
713 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=5851746840&adk=3459621094&adf=2970249784&pi=t.ma~as.5851746840&w=300&lmt=1615028837&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615028837627&bpp=2&bdt=274&idt=80&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=5355338044520&frm=20&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1588874618&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21068944&oid=3&pvsid=819073361572215&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=cq1T0x1g8n&p=http%3A//fllwrs.com&dtd=84

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Mar 2021 09:24:25 GMT
server: ESF
date: Sat, 06 Mar 2021 11:07:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Mar 2021 11:07:18 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 5CCD 2 KB
992 B 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 10:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 10:58:03 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 5CCD 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:05:59 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 5CCD 3 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:05:06 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CCD 110 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:07:18 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 5CCD 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6140
x-xss-protection: 0
server: cafe
etag: 17031075750977984330
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:04:43 GMT

GET
H2 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame 5CCD 26 KB
11 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 09:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 07:11:17 GMT
server: sffe
age: 264084
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Tue, 01 Jun 2021 09:45:54 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4121582644016950567/ Frame 5CCD 11 KB
11 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4121582644016950567/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fafcc7b5c3c7c068bcd9be5b032958db6e2d2ca7672e4f079699230446b4e228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 22:59:55 GMT
x-content-type-options: nosniff
age: 130043
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
last-modified: Fri, 01 Jan 2021 04:30:24 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 22:59:55 GMT

GET
DATA 200
OK truncated
/ Frame 5CCD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5CCD 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CD0n6ZWJDYOyuLInYbZOukOgFst6exGHPxZv4hQ3Z2R4QASCpiZsCYJUCoAGc9tvgAsgBCagDAcgDywSqBKwBT9C_nJ5a7-iDAX6j0R1SEzeusPuuNf2N-6pPzntwKTiVqNej_AkDDO1xMCW-2t8wIF1JH7hum5_eatJ4X1o3ENvKlTqYrWPwda83Wx7rEul2SL9l6GnK0gm_oo2UJc-UfY6wCM5WFVd0xHpEy2DQf9f_gaxM0H7-WPT0MM2aPp5ap0WWTn5_PujGYuIWY4w2i8DAzPrvq6Zf71Qfrn9hdtu8tDqPGxSnZ-C2J8AE7vijqqwDkgUECAQYAZIFBAgFGASgBi6AB8yJpJ8BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEMDmB9IICQiA4YAQEAEYH4AKAcgLAdgTDYgUAbIXGgoYCAASFHB1Yi0yNTM5Njk3MzExMzI2MTI0&sigh=7SVHzyStzXA&template_id=5000&tpd=AGWhJmvY_PgJkqm2qSNnKlHrgvTsUwuQze5WYOGAFMCGvkFL1g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=5851746840&adk=3459621094&adf=2970249784&pi=t.ma~as.5851746840&w=300&lmt=1615028837&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615028837627&bpp=2&bdt=274&idt=80&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=5355338044520&frm=20&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1588874618&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21068944&oid=3&pvsid=819073361572215&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=cq1T0x1g8n&p=http%3A//fllwrs.com&dtd=84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 06 Mar 2021 11:07:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:07:18 GMT

GET
DATA 200
OK truncated
/ Frame 5CCD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 785fb316db9ec4ec3dcd38a8b22eaf2162bed129e2858f3df11d0c52fef398cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5CCD 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 405579
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:27:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5CCD 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 404131
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 7A4F 6 KB
1 KB 44ms
30ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7098019582&adk=4203217917&adf=3673058151&pi=t.ma~as.7098019582&w=300&lmt=1615028837&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615028837616&bpp=11&bdt=263&idt=66&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5355338044520&frm=20&pv=2&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1588874618&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21068944&oid=3&pvsid=819073361572215&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=UO995tm98A&p=http%3A//fllwrs.com&dtd=82

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Mar 2021 09:20:13 GMT
server: ESF
date: Sat, 06 Mar 2021 11:07:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Mar 2021 11:07:18 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 7A4F 2 KB
924 B 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 10:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 10:58:03 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 7A4F 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:05:59 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 7A4F 3 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:05:06 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A4F 110 KB
33 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:07:18 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 7A4F 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6140
x-xss-protection: 0
server: cafe
etag: 17031075750977984330
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:04:43 GMT

GET
H3-Q050 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame 7A4F 26 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 09:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 07:11:17 GMT
server: sffe
age: 264084
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Tue, 01 Jun 2021 09:45:54 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7A4F 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdrCnZWJDYPGYLJOjlgTP468o5r6l22H8mJOPpg3fyqyP2Q8QASCpiZsCYJUCoAGmufrrAcgBCakCsQIEmA-GDj6oAwHIA8sEqgSlAU_Q0b8pQS4jC-4VFm30TY15CDoD3DVApgw4D7l5kRk-cGL1oBO8_y5PAjKZ_8CTvgJBJn5St7c1nT8PaIFHAAF1LavVYpcxCDS11Pw9CMx5hfbq_2m20m4LyKleeCXYFLWezFzf8fFmh7PvjsUfNNlHxuJd4yNLgohPSS1ykAGcdA34vXPp69nal0Ju2KpadoBbB9z7jKPTNqszIEEyxnC0Asew5cAE3NvNhrwDkgUECAQYAZIFBAgFGASgBi6AB7qozZoCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELX6D9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0yNTM5Njk3MzExMzI2MTI0&sigh=4Whrbaq6p2g&template_id=484&tpd=AGWhJmt_xD5n0nGRzfdKJb7nNske25V7JPNoCVhyJgzs5kL-4A

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7098019582&adk=4203217917&adf=3673058151&pi=t.ma~as.7098019582&w=300&lmt=1615028837&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615028837616&bpp=11&bdt=263&idt=66&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5355338044520&frm=20&pv=2&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1588874618&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066922%2C21068944&oid=3&pvsid=819073361572215&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=UO995tm98A&p=http%3A//fllwrs.com&dtd=82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 06 Mar 2021 11:07:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/14832297250895402314/ Frame 7A4F 55 KB
55 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14832297250895402314/2076313506083323656

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2250a1f87801ca7f8ecd79dd55f19d69baf184149b9dfe3c77fe14b9528b5c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 15:24:15 GMT
x-content-type-options: nosniff
age: 330183
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56037
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 05:52:55 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 15:24:15 GMT

GET
DATA 200
OK truncated
/ Frame 7A4F 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 939499ee6df57e2bf0ecb2e496e133d022d7553ef55d643007cd068913039279

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js Show response
pagead2.googlesyndication.com/bg/ Frame CF3A 14 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 57563
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5600
x-xss-protection: 0
expires: Sat, 05 Mar 2022 19:07:55 GMT

GET
DATA 200
OK truncated
/ Frame 7A4F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26de00a1693adb285044e5bc1ed85033f81d476906345914a46c31aa1645d666

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 13385905894540475335
tpc.googlesyndication.com/simgad/ Frame C0C8 43 KB
43 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13385905894540475335?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlYZziepSwqdlMTVvnEARfjmZxsCQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122df083771f07f5562ce2b55bac813ca2eed2cafe63eacb86053f8b286dbf20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 04:21:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 02:31:30 GMT
server: sffe
age: 456343
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44375
x-xss-protection: 0
expires: Tue, 01 Mar 2022 04:21:35 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame C0C8 18 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:05:59 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame C0C8 3 KB
2 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:05:06 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0C8 110 KB
33 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:07:18 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame C0C8 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6140
x-xss-protection: 0
server: cafe
etag: 17031075750977984330
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:04:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C0C8 0
0 15ms
13ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHe4KXstbsEzkvHsJZqFhhH27d3aAvlFzFNgvEylIOd0ZJz1zGWJvMBuYr5BvvUkJKvw6HiMyi36SnmbThYzbjaKm93g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame C0C8 26 KB
11 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 10:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10963
x-xss-protection: 0
server: cafe
etag: 5048180228173261443
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 10:27:20 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame C0C8 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_ia-ZWJDYOzwOsezbrjXsZAG2oGd3WGMtKjwtQ0KEAEgqYmbAmCVAqABh4O_9wPIAQKoAwHIA8kEqgSuAU_QBVwXpK7FzIC-A5gtz1nwAGgpzR3Us9NzNOYJwE16xtoPGXW7vl-u6tQ0D6yL0yOGB_sUJbp3xVqHy7nql4mI0K-7nTwQ7dnk-uaJmm3SoiLOA_QI2ya1CXfnGC5mPKYMTbNLyAybSNMuTwTUTVvuRpnx-5441pYcwPY8w7Wy2YZ1f8Syx8ffOxB-EIKvvEiJy9HrKxkyJlMML39lNqjl8yOqSM_KjVVekLfNbcAE-OWaxcIDkgUECAQYAZIFBAgFGASgBgKAB6uioSOoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQm8MM0ggJCIDhgBAQARgfgAoByAsB2BMMshcaChgIABIUcHViLTI1Mzk2OTczMTEzMjYxMjQ&sigh=d5OxLoIh5aM&tpd=AGWhJmvsxlxX2CsjFtOihjAYn_ZXsDPeJW_JXPckHLpo-Yb-cA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 06 Mar 2021 11:07:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7A4F 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 404131
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:51:47 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7A4F 15 KB
16 KB 10ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 227687
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 03 Mar 2022 19:52:31 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 7A4F 15 KB
16 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 12:56:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 166238
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Fri, 04 Mar 2022 12:56:40 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2DD1 143 B
360 B 6ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlFihY7pKS6fkkLSGM47MzkAqZI64X-YNE4smPGjIuUISnjGgNbjPN5k9PdfqE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 06 Mar 2021 10:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1554
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D86B 1 KB
854 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 05 Mar 2021 15:30:58 GMT
expires: Sat, 06 Mar 2021 15:30:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 70580
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AF3 14 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 57563
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5600
x-xss-protection: 0
expires: Sat, 05 Mar 2022 19:07:55 GMT

GET
DATA 200
OK truncated
/ Frame C0C8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c63fcd28e6b0f167c57e42932c52376a678651eaf9ec0920f0496236613fe966

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame D86B 35 B
463 B 31ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP5IyD15msJkBQcFwixaCmw&google_cver=1&google_push=AQvitULvw8ISfS9ktTmlZPvDMEzkctuH2MmVLjyQtOsLg8lpLcktMRaueQtvm9PSS7aFot22tA71qRw_ExacwJExYQjHZgmf86ga

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame D86B
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitULc-NA9UGop5RpN0RuniUj38NrlzD1aO7_j9iw...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVOaVpnQUFBSjRLMGtTZA&google_push=AQvitULc-NA9UGop5RpN0RuniUj38NrlzD1aO7_j9iwgKt8tO9ar6P6ZOoqLntC4XbgLgLa_TWVLTvfL5OfqZdgMsfFzT6GDXSRY

170 B
190 B

90ms
65ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVOaVpnQUFBSjRLMGtTZA&google_push=AQvitULc-NA9UGop5RpN0RuniUj38NrlzD1aO7_j9iwgKt8tO9ar6P6ZOoqLntC4XbgLgLa_TWVLTvfL5OfqZdgMsfFzT6GDXSRY

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVOaVpnQUFBSjRLMGtTZA&google_push=AQvitULc-NA9UGop5RpN0RuniUj38NrlzD1aO7_j9iwgKt8tO9ar6P6ZOoqLntC4XbgLgLa_TWVLTvfL5OfqZdgMsfFzT6GDXSRY
Date: Sat, 06 Mar 2021 11:07:18 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame D86B
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKWqPdW-_Z1vW8Qjz4MRWW5dUdYw5mdhkIDg5fJEhC4fxB01PfUuQw95LyheRRrfhL-1_nnIcIt5O9zgBnKzixpmm-5hNfE&google_gid=CAESEDHUE2LHXrgpGHPSruC1Dtg&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCObEjYIGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVLV3FQZFctX1oxdlc4UWp6NE1SV1c1ZFVkWXc1bWRoa0lEZzVmSkVoQzRmeEIwMVBmVXVRdzk1THloZVJScmZoTC0xX25uSWNJdDVPOXpnQm...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSmJvS1Y2ZW12OU9hV1RxdlF3T01UZFJpUFhUTVRJMWtSTUFLQTFTQy01QQ==&google_push

170 B
190 B

96ms
62ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSmJvS1Y2ZW12OU9hV1RxdlF3T01UZFJpUFhUTVRJMWtSTUFLQTFTQy01QQ==&google_push

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 06 Mar 2021 11:07:18 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSmJvS1Y2ZW12OU9hV1RxdlF3T01UZFJpUFhUTVRJMWtSTUFLQTFTQy01QQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame D86B
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEBSM5Zz2BRW4r4GSISErmjQ&google_cver=1&google_push=AQvitUJgtfG5uOqQj0A9dq0lZ80ReGujx-lr9W9TG2KfQOOSEnOCcxLw2ioYsurMUqRgszZrq01b6Gv6hZLhzDJmrgdqecA1eaw
https://rtb.openx.net/sync/dds?google_gid=CAESEBSM5Zz2BRW4r4GSISErmjQ&google_cver=1&google_push=AQvitUJgtfG5uOqQj0A9dq0lZ80ReGujx-lr9W9TG2KfQOOSEnOCcxLw2ioYsurMUqRgszZrq01b6Gv6hZLhzDJmrgdqecA1eaw&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJgtfG5uOqQj0A9dq0lZ80ReGujx-lr9W9TG2KfQOOSEnOCcxLw2ioYsurMUqRgszZrq01b6Gv6hZLhzDJmrgdqecA1eaw&google_hm=H6GOin6Xwmgkq7r0cAyy9Q==

170 B
484 B

92ms
60ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJgtfG5uOqQj0A9dq0lZ80ReGujx-lr9W9TG2KfQOOSEnOCcxLw2ioYsurMUqRgszZrq01b6Gv6hZLhzDJmrgdqecA1eaw&google_hm=H6GOin6Xwmgkq7r0cAyy9Q==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:18 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJgtfG5uOqQj0A9dq0lZ80ReGujx-lr9W9TG2KfQOOSEnOCcxLw2ioYsurMUqRgszZrq01b6Gv6hZLhzDJmrgdqecA1eaw&google_hm=H6GOin6Xwmgkq7r0cAyy9Q==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: f13m6l7gf24uiraaba14htv9kllakgcl

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame D86B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yhlHwwueR3KjvqDLFHi-Pg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

64ms
61ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yhlHwwueR3KjvqDLFHi-Pg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULjwrYCHdelKe9QjGhzvbKAJeRutW-gRWGaWctJLHm72p0X9LWaQXTpsUwaiw5nWi9Jf0lBUM_BEYIv4StaaMLMuq-QQoo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yhlHwwueR3KjvqDLFHi-Pg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULjwrYCHdelKe9QjGhzvbKAJeRutW-gRWGaWctJLHm72p0X9LWaQXTpsUwaiw5nWi9Jf0lBUM_BEYIv4StaaMLMuq-QQoo
Date: Sat, 06 Mar 2021 11:07:18 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame D86B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEsnU5ilRQhY14Gb2zK_cWI&google_cver=1&google_push=AQvitULwYz8jtJdelByC_qN5EYxtfQfCADU0h-5IYAbOMRMaipxtsdyxViRMjl7zFyECuMaTwp-...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xYTUdaSFUtTy02S1ZD&google_push=AQvitULwYz8jtJdelByC_qN5EYxtfQfCADU0h-5IYAbOMRMaipxtsdyxViRMjl7zFyECuMaTwp-FL9lHxVB-ghffo7IrN6AruO9d

170 B
190 B

67ms
63ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xYTUdaSFUtTy02S1ZD&google_push=AQvitULwYz8jtJdelByC_qN5EYxtfQfCADU0h-5IYAbOMRMaipxtsdyxViRMjl7zFyECuMaTwp-FL9lHxVB-ghffo7IrN6AruO9d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xYTUdaSFUtTy02S1ZD&google_push=AQvitULwYz8jtJdelByC_qN5EYxtfQfCADU0h-5IYAbOMRMaipxtsdyxViRMjl7zFyECuMaTwp-FL9lHxVB-ghffo7IrN6AruO9d
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame D86B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFwJfcOuKf2W31jQyM8h5YA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFwJfcOuKf2W31jQyM8h5YA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YENiZqQBixH0MIU0DyHvfQAABIAAAAIB&google_gid=CAESEFwJfcOuKf2W31jQyM8h5YA&google_cver=1&google_push=AQvitUKwgUcWvVSNra7O_pGUL95z_JKgDEKM4...

170 B
190 B

48ms
48ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YENiZqQBixH0MIU0DyHvfQAABIAAAAIB&google_gid=CAESEFwJfcOuKf2W31jQyM8h5YA&google_cver=1&google_push=AQvitUKwgUcWvVSNra7O_pGUL95z_JKgDEKM4E-76DLo45j8fgAFtLY5Dp6T8ujpappUMhan91ZVHm84dnDKcS9-bhHmm0x7evrl

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 11:07:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YENiZqQBixH0MIU0DyHvfQAABIAAAAIB&google_gid=CAESEFwJfcOuKf2W31jQyM8h5YA&google_cver=1&google_push=AQvitUKwgUcWvVSNra7O_pGUL95z_JKgDEKM4E-76DLo45j8fgAFtLY5Dp6T8ujpappUMhan91ZVHm84dnDKcS9-bhHmm0x7evrl
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Sat, 06 Mar 2021 11:07:18 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D86B 0
227 B 91ms
31ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jc_89ZUVzStFJ8QNM8wWUH-9VkOOUOx34baTTA0Pm4P8opwhE_mSvWDOA7yjXHdpU5DHeC

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:07:18 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 20ms
19ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ac01289390f8eb13a295e6992d3f0f336aebec9aa6a4e8031bd05237dc61a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 11:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6525
x-xss-protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2DD1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
129 B

39ms
38ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlFihY7pKS6fkkLSGM47MzkAqZI64X-YNE4smPGjIuUISnjGgNbjPN5k9PdfqE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 06 Mar 2021 11:07:18 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 06-Mar-2021 12:07:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Mar 2021 11:07:18 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 06 Mar 2021 11:07:18 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 005D 14 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615028837&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615028837869&bpp=11&bdt=266&idt=69&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D56b6c7d7e0eb8615-228d720dfca60068%3AT%3D1615028837%3ART%3D1615028837%3AS%3DALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg&correlator=5355338044520&frm=23&ife=1&pv=1&ga_vid=1622410169.1615028838&ga_sid=1615028838&ga_hid=1043037380&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=42530671%2C21068944%2C31060351&oid=3&pvsid=4351380872839319&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.urplkopfo3db&fsb=1&dtd=76

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 57563
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5600
x-xss-protection: 0
expires: Sat, 05 Mar 2022 19:07:55 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:07:18 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 4C74 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 06 Mar 2021 11:07:02 GMT
expires: Sun, 06 Mar 2022 11:07:02 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C74 14 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 57563
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5600
x-xss-protection: 0
expires: Sat, 05 Mar 2022 19:07:55 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 43ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=819073361572215&bg=!Dg2lDU7NAAWsVXnBrDsAKQB2-DxajMYLrNPXfGiF3niVPVMe3wXvOgJ1c1qGjhb7W7iRRxI6nivwAgAAAFNSAAAADGgBBwoAuZaTIeKcobE3bbXouAgOYwGYIJMnl109sVHNiT4ANd0lBlHMQ27jhcYXYYe-4K1M3gF2qdWmVGcmoEIvgcbUmzl5qsZx9B-tRtjiUAot4xdvOII3ped3KcLFKTNQMmrkcxpW1rCDDTowiLFdJpTFtlE9L8rx3HPeMCeAxhngeaeqcRzJWBtyg8ddzrAFia72L6IcpDZY0iCquEU1lSiOa8t0YMl4PfVWUybDo0QQAvkT_YaQWu6eZG3omQIGXRoXE31qOjDAjLiBbNJGts-P-IuPPxy-xawp_cUD7OfC5S8NK_cYB97YzbBGHYXrUdltqvr0JyfedLJyZBHwh4SjwcfzrqDrUVJK93GT5H0xugu9A0L-pdYYZrxIARmsUwtsE5myKcXa-fWiKOWdbhmzAIsxFGSzQVTfvXQcimd1Yhd7Tew9rZ3i_7EMLIVkvgaFutej_8wZGKN3ZxonI-5O8k8jYnMHPpPfkadfuM5VQLzA4sp7IKg4jsMUSV1ZGlQebludh9Zx22cy1psCBWXRQ7HvCtj-7hiyJd-6o0DE5QAh0GEkkJb8r8KqreWIMZ77WNHzjBECg6TyMi763Sdh3pa5u26wnwGR8iOn2W-IrXnw6tPb03v9Ut-W8udm6AGPWw4xgKg1p_eUlrYrPPMKOOHY4Rb61F4MiHBnIbm0IajjTR0eSQgqAwHAWEnJFnqnOU5ezQW3E03_M4P4KwtZgM3bRuQZ-vpr7zruTQ3PD-6cr3_d35PfC2C38F4QwMKgGYPNmMYpTmOvxtjW0UOrj_HkaVvfaliCkeRfpOnU-mMqQypwZdo-DF91ZvTJTsYLyOB_IS1Fsdu798iX4AWaZsYWLziu_o3znC5tSDALuf7YaT50S-7ndjyI4sed-exxRbxO5H-zWx99lM7aQtX8Gy2KckxuEgabltjKCDEzsJF4Vd4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CCD 42 B
155 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu24DZ-bpba3iJsp8Vj2gHpZB8ZDxbBcywZYSykd4V6nuKFdxYhQlIsr3_vCZ0w4baeO2aBHd6rIvrhRuFntTCYZjDog96XUvl6vkVK0xN2UL5XuS9lmY5RpNCGig&sai=AMfl-YR9i0qRQvN7xPqrQsUc4nTnI-U5rGkJG2J1F7RF9t8LccdZEM1ojDMWh8vRLNwoob51l8GLAeCyNziG&sig=Cg0ArKJSzE366PSLveOVEAE&id=osdim&mcvt=1000&p=322,970,572,1270&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3459621094&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615028837712&dlt=671&rpt=55&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7A4F 42 B
66 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqf5iDw3WM-hv5zdeLx4N0gAFarZATnO37HUR2-u4TKilWrsQzLOsMA9PyJUSJq3s8S9uL392WevzTXwl3v2zoVildkWddPKDpm01NnIEukaXBMwQznWsiquO7Cw&sai=AMfl-YRwhOM2ZzHOOnnoUv8iZuY-joND9udbh8pAG2KjgPzE19UPYuGKJNyX6n5pCa5VpVh_Gxo15osKG0Oc&sig=Cg0ArKJSzO0TYUXJIoAGEAE&id=osdim&mcvt=1000&p=322,650,572,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4203217917&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615028837703&dlt=758&rpt=70&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C0C8 42 B
66 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvt9mDA1vyXCT4-3_8YRnGqzd8GiBtKRvrWcaVlLTneaE-kmUaK1u9-0v1rB5jXlGXtoDGjVQ6vs0SD6k_00FsA-8VG_7U3NPv83LdVCzj8sRlu9tmWxL8kKSnRPg&sai=AMfl-YT2e_7r0-lFwTVniJ0_Al9E2uUcrYL_9TC61DMkGX4hJDy7u65ZizA6AuuUze7lu27UObMnS3fTi5vRkg1EAxWSk-7Zph7xek8WBCzAZACcnIQsPGkuzMqpcEE&sig=Cg0ArKJSzNmDw_9_1JtwEAE&cid=CAASF-RofJvIVmqqYQfVc-ABuJWT28ebGd5k&id=osdim&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=249844711&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615028837947&dlt=595&rpt=51&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:07:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 01:58:44	Name: IDE Value: AHWqTUlFihY7pKS6fkkLSGM47MzkAqZI64X-YNE4smPGjIuUISnjGgNbjPN5k9PdfqE
.fllwrs.com/	1970-01-19 16:37:10	Name: __utmb Value: 203250886.1.10.1615028838
fllwrs.com/	1970-01-19 16:38:35	Name: fllwrs_sess Value: 345589e653a5d268646778012b381db1
.fllwrs.com/	1970-01-19 16:37:09	Name: __utmt Value: 1
.fllwrs.com/	1970-01-19 20:59:56	Name: __utmz Value: 203250886.1615028838.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.fllwrs.com/	1970-01-20 01:58:44	Name: __gads Value: ID=56b6c7d7e0eb8615-228d720dfca60068:T=1615028837:RT=1615028837:S=ALNI_MbcQV8Z9Tj_e0oEGrs9I8cEw8tpyg
.fllwrs.com/	1970-01-20 10:08:20	Name: __utma Value: 203250886.1622410169.1615028838.1615028838.1615028838.1
.fllwrs.com/	1969-12-31 23:59:59	Name: __utmc Value: 203250886

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ap.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
fllwrs.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gslbeacon.lijit.com
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
pxdrop.lijit.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
vap2ams1.lijit.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
107.170.36.69
142.250.186.66
172.217.16.130
184.30.20.241
184.30.216.177
185.64.190.78
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:82b::2002
34.246.227.69
35.227.252.103
35.244.174.68
69.173.144.165
72.251.249.13
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
122df083771f07f5562ce2b55bac813ca2eed2cafe63eacb86053f8b286dbf20
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
2250a1f87801ca7f8ecd79dd55f19d69baf184149b9dfe3c77fe14b9528b5c48
2256febc5c33541332325bc37347378e871ee217038b9c974d034f16869d325f
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
26de00a1693adb285044e5bc1ed85033f81d476906345914a46c31aa1645d666
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
33954e1264c4aebdcc448b3c6e9acffc7a40d3e7abd6ba34e3cc1023774622e2
4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ac01289390f8eb13a295e6992d3f0f336aebec9aa6a4e8031bd05237dc61a2a
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
73b3c4f492d66ea00fb602af2bffe7865ffe48163c95fc5e23a4a5b5d70f1038
751df056392e33318b9c3487106a4d7747c64f3689843e757162127e57688c2c
758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4
785fb316db9ec4ec3dcd38a8b22eaf2162bed129e2858f3df11d0c52fef398cb
79b3fd637d0cee67377c28c6a3c0a589091f41827b6ec4d062b2dda16aa0017a
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e5578ad7cbaa2edf1cc98a38a3c30066bd3b6051d300d9dbdd32a18db917a7
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
939499ee6df57e2bf0ecb2e496e133d022d7553ef55d643007cd068913039279
981a47bdf683f5af5ab3fbad953035c7335c5dbe1f3ff659ceb30bd9782c6cf4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3b6c039bd159c7cd4069c94613e2b91c6eb0ea9ca38ce30d6a00f4afad77716
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b51897307a1d7c8e9dbc0d68c0aef9371724b549bd47d46e8cf73f542ccce558
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
c63fcd28e6b0f167c57e42932c52376a678651eaf9ec0920f0496236613fe966
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d3d533bf9d86c1411c2b2e913b7b31dc10d5986c86837683afc4706d409cf96c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7a980ec0fa5c96d6a89876367ee83c1809f5fa347b60fd49a1265e907c94755
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
e09250d511edfe656fb5c533905329f2177ffd89809b7f90bacc21ed58f2f779
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e30950108b5b7d448395ee935b0be75c34f0eac7bbefd34309e78279ad5c86fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fafcc7b5c3c7c068bcd9be5b032958db6e2d2ca7672e4f079699230446b4e228

fllwrs.com Open in urlscan Pro 107.170.36.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

90 Requests

93 %HTTPS

54 %IPv6

18 Domains

25 Subdomains

19 IPs

5 Countries

888 kBTransfer

2132 kBSize

8 Cookies

3 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fllwrs.com Open in urlscan Pro
107.170.36.69 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

93 %
HTTPS

54 %
IPv6

18
Domains

25
Subdomains

19
IPs

5
Countries

888 kB
Transfer

2132 kB
Size

8
Cookies

90 HTTP transactions
5 data transactions