urlscan.io logo urlscan.io
SecurityTrails logo

www.hfqpdb.com Open in urlscan Pro
66.77.206.225  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.hfqpdb.com/
Submission: On October 13 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 6 countries across 25 domains to perform 67 HTTP transactions. The main IP is 66.77.206.225, located in United States and belongs to CENTURYLINK-US-LEGACY-QWEST, US. The main domain is www.hfqpdb.com.
This is the only time www.hfqpdb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 66.77.206.225 209 (CENTURYLI...)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 151.101.114.133 54113 (FASTLY)
5 2600:9000:206... 16509 (AMAZON-02)
1 6 172.217.23.162 15169 (GOOGLE)
1 50.18.199.66 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a06:8640:452::2 55081 (24SHELLS)
1 52.15.219.226 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 2 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
1 99.86.243.92 16509 (AMAZON-02)
1 2a0c:5c81:502... 55081 (24SHELLS)
1 37.252.173.22 29990 (ASN-APPNEX)
1 35.244.159.8 15169 (GOOGLE)
1 67.202.110.24 32748 (STEADFAST)
1 54.194.107.225 16509 (AMAZON-02)
2 147.75.107.42 54825 (PACKET)
1 104.111.215.135 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.48.46.226 16509 (AMAZON-02)
67 29
8    66.77.206.225 (United States)

ASN209 (CENTURYLINK-US-LEGACY-QWEST, US)
PTR: host-206-225.bayshorehosting.com
www.hfqpdb.com
14    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
www.googletagservices.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2600:9000:206e:6a00:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.thisiswaldo.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.paypalobjects.com
5    2600:9000:206e:a400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
6    172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net
securepubads.g.doubleclick.net
1    50.18.199.66 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-199-66.us-west-1.compute.amazonaws.com
ipfind.co
2    2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a06:8640:452::2 (United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
1    52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com
thisiswaldo.com
1    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
2    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
2    2600:9000:206e:6400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:206e:2200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org
1    99.86.243.92 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-92.vie50.r.cloudfront.net
audit-tcfv2.quantcast.mgr.consensu.org
1    2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 (United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
the-eighth-d.openx.net
1    67.202.110.24 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-110.static.steadfastdns.net
ssc.33across.com
1    54.194.107.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-107-225.eu-west-1.compute.amazonaws.com
g2.gumgum.com
2    147.75.107.42 (Ashburn, United States)

ASN54825 (PACKET, US)
PTR: lbadstorm-pk-nj-102
bidder.rtk.io
sync.rtk.io
1    104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e6edf8d88582da523b1876c905e1eb76.safeframe.googlesyndication.com
6    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    52.48.46.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-46-226.eu-west-1.compute.amazonaws.com
match.adsrvr.org
Domain Requested by
8 www.hfqpdb.com www.hfqpdb.com
7 pagead2.googlesyndication.com www.hfqpdb.com
pagead2.googlesyndication.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 securepubads.g.doubleclick.net 1 redirects www.hfqpdb.com
securepubads.g.doubleclick.net
5 quantcast.mgr.consensu.org cdn.thisiswaldo.com
quantcast.mgr.consensu.org
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagservices.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 rules.quantcount.com 1 redirects www.hfqpdb.com
2 pixel.quantserve.com 1 redirects www.hfqpdb.com
2 www.google-analytics.com www.hfqpdb.com
www.google-analytics.com
2 www.paypalobjects.com www.hfqpdb.com
1 sync.rtk.io cdn.thisiswaldo.com
1 match.adsrvr.org cdn.thisiswaldo.com
1 www.google.com securepubads.g.doubleclick.net
1 e6edf8d88582da523b1876c905e1eb76.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 htlb.casalemedia.com cdn.thisiswaldo.com
1 bidder.rtk.io cdn.thisiswaldo.com
1 g2.gumgum.com cdn.thisiswaldo.com
1 ssc.33across.com cdn.thisiswaldo.com
1 the-eighth-d.openx.net cdn.thisiswaldo.com
1 ib.adnxs.com cdn.thisiswaldo.com
1 ghb.adtelligent.com cdn.thisiswaldo.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 edge.quantserve.com quantcast.mgr.consensu.org
1 thisiswaldo.com cdn.thisiswaldo.com
1 s.adtelligent.com cdn.thisiswaldo.com
1 ipfind.co cdn.thisiswaldo.com
1 cdn.jsdelivr.net www.hfqpdb.com
1 cdn.thisiswaldo.com www.hfqpdb.com
1 ajax.googleapis.com www.hfqpdb.com
0 btlr.sharethrough.com Failed cdn.thisiswaldo.com
0 tlx.3lift.com Failed cdn.thisiswaldo.com
67 35

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
addons.mozilla.org
www.amazon.com
www.facebook.com
Subject Issuer Validity Valid
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-05 -
2021-04-17		 6 months crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA		 2019-12-09 -
2021-12-13		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2020-05-22 -
2021-06-22		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
s.adtelligent.com
Let's Encrypt Authority X3		 2020-09-10 -
2020-12-09		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.quantcast.mgr.consensu.org
Amazon		 2020-05-22 -
2021-06-22		 a year crt.sh
*.google.de
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
ghb.adtelligent.com
Let's Encrypt Authority X3		 2020-09-09 -
2020-12-08		 3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.rtk.io
DigiCert SHA2 Secure Server CA		 2020-02-29 -
2022-03-04		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh

This page contains 8 frames:

Primary Page: http://www.hfqpdb.com/
Frame ID: B19AD938E17C11709000BDD15C014337
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html
Frame ID: CA1534386850530C1060FAE8BD1637A4
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=555831
Frame ID: CB27F0238D10135E1083278D65314C1E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2232711491913048&output=html&adk=1812271804&adf=3025194257&lmt=1602623830&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&gdpr=1&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=2&format=0x0&url=http%3A%2F%2Fwww.hfqpdb.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602623828925&bpp=45&bdt=215&idt=99&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3723050095725&frm=20&pv=2&ga_vid=814558109.1602623829&ga_sid=1602623830&ga_hid=589641953&ga_fc=0&iag=0&icsg=36210850&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44726948%2C21067424&oid=3&pvsid=1656717402178867&pem=933&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=1152
Frame ID: 20AFE8E241948569706B1B257E58E2FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2232711491913048&output=html&h=90&slotname=5521881512&adk=2057843948&adf=4061442901&w=728&lmt=1602623830&psa=0&guci=1.2.0.0.2.2.0.0&gdpr=1&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=2&format=728x90&url=http%3A%2F%2Fwww.hfqpdb.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602623828925&bpp=3&bdt=215&idt=107&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3723050095725&frm=20&pv=1&ga_vid=814558109.1602623829&ga_sid=1602623830&ga_hid=589641953&ga_fc=0&iag=0&icsg=34395949218&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44726948%2C21067424&oid=3&pvsid=1656717402178867&pem=933&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rllo9ZCzhJ&p=http%3A//www.hfqpdb.com&dtd=1160
Frame ID: A39459E51C3093E41EED049E91A1FB96
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseefwCodb7fFEXZpsFRXCRBXXovvFekgGwhj6gc2OqSLZpcloTsGLhHeSB3HM8Y_842TLWqAQ8fEDwIioi9sHtkf73FvqOYNBUlE5q-HwG7I9zlBpmGWLA--v23BJeuB72uZgUBoD-Yde0Jhpmj7qxENSS_xlBDzBSSaWPEzeVzZAcKrCCcFYmI06Uc44TRUNomFU-x-KsJILMZkXJq0_u-gXweUlKlafbIqVk86SZJRoUpOBo3XDmMAucZo51Oua85Z-eordSUGc&sig=Cg0ArKJSzIGBhYIoeBv3EAE&adurl=
Frame ID: 7DFC8D7F49042E5EE05FCDBD54DB5E57
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 3588C5F4C38592992D8017685C5A43F9
Requests: 1 HTTP requests in this frame

Frame: https://sync.rtk.io/cs?us_privacy=1---
Frame ID: 08ECA3738DE646F964BD10A675E5874D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

67
Requests

70 %
HTTPS

54 %
IPv6

25
Domains

35
Subdomains

29
IPs

6
Countries

1095 kB
Transfer

2776 kB
Size

38
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
Request Chain 19
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 25
  • http://pixel.quantserve.com/pixel/p-fTfJtcPmQDwZG.gif HTTP 301
  • https://pixel.quantserve.com/pixel/p-fTfJtcPmQDwZG.gif
Request Chain 26
  • http://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js HTTP 301
  • https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hfqpdb.com/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.hfqpdb.com/
Protocol
HTTP/1.1
Server
66.77.206.225 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
host-206-225.bayshorehosting.com
Software
Apache / PHP/5.4.16 PleskLin
Resource Hash
41fd81548b2b7f6567ec3fc46bdf30db17f6d5542abacfd5585e52bf8398c6d8

Request headers

Host
www.hfqpdb.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 21:17:08 GMT
Server
Apache
X-Powered-By
PHP/5.4.16 PleskLin
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		131 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9236c50a60a2e2e49de1dac41ffef09f75817f1f0e9b61ec12db6afa3d4b84bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 13 Oct 2020 21:17:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
4946620656267050759
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
45784
X-XSS-Protection
0
Expires
Tue, 13 Oct 2020 21:17:08 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 17:41:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Age
12959
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
33845
X-XSS-Protection
0
Expires
Wed, 13 Oct 2021 17:41:09 GMT
tips.css
www.hfqpdb.com/css/ 		360 B
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.hfqpdb.com/css/tips.css
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
HTTP/1.1
Server
66.77.206.225 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
host-206-225.bayshorehosting.com
Software
Apache / PleskLin
Resource Hash
cf711cd0a594b10541db013cba19d97c74e644f11988b41053da3e6c0df6a301

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 21:17:08 GMT
Last-Modified
Wed, 08 Apr 2015 18:57:38 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"168-5133b1ad94c80"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
360
7636.js
cdn.thisiswaldo.com/static/js/ 		269 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.thisiswaldo.com/static/js/7636.js
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
HTTP/1.1
Server
2600:9000:206e:6a00:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
61bcad2a8da194c66614f4386bb8fd99da040c5fe3ba3259e4afa16a36918c25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 12 Oct 2020 20:18:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
89898
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 30 Sep 2020 15:57:17 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"4331a-5b089f43178f0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
VIE50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
ItzuXHwZJepNtLjFlu-ERfXJYwUQWLSwQmZSrnjNaksSywH3R2ROuQ==
js.cookie.min.js
cdn.jsdelivr.net/npm/js-cookie@2/src/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
22474
x-cache
HIT, HIT
status
200
content-length
1062
etag
W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
x-served-by
cache-fra19176-FRA, cache-hhn4042-HHN
date
Tue, 13 Oct 2020 21:17:08 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
hfqpdb_logo.png
www.hfqpdb.com/android-app/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hfqpdb.com/android-app/hfqpdb_logo.png
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
HTTP/1.1
Server
66.77.206.225 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
host-206-225.bayshorehosting.com
Software
Apache / PleskLin
Resource Hash
a00ae71538ebe0815d55c8886884001219322f4eb7300e7023cf10ddcd6b322f

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 21:17:09 GMT
Last-Modified
Mon, 12 Nov 2018 17:18:48 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"81cb-57a7ae4df6e00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33227
download-app.png
www.hfqpdb.com/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hfqpdb.com/images/download-app.png
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
HTTP/1.1
Server
66.77.206.225 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
host-206-225.bayshorehosting.com
Software
Apache / PleskLin
Resource Hash
83ec330bb0ad488bd24ac5f09bd6f399a65d3c86df6e0fde7a5ec09945913f33

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 21:17:08 GMT
Last-Modified
Tue, 25 Jun 2019 21:22:06 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"5761-58c2c85469b80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
22369
20_percent_off_1600994256.6086.png
www.hfqpdb.com/coupons/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hfqpdb.com/coupons/20_percent_off_1600994256.6086.png
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
HTTP/1.1
Server
66.77.206.225 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
host-206-225.bayshorehosting.com
Software
Apache / PleskLin
Resource Hash
0ce8a4f5b2bfe56d2c1b199d43c15389cf228f752b368b108cd2864f48534fab

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 21:17:09 GMT
Last-Modified
Thu, 24 Sep 2020 16:15:13 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"d743-5b0118142f58b"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
55107
20_percent_off_1601398516.9109.png
www.hfqpdb.com/coupons/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hfqpdb.com/coupons/20_percent_off_1601398516.9109.png
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
HTTP/1.1
Server
66.77.206.225 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
host-206-225.bayshorehosting.com
Software
Apache / PleskLin
Resource Hash
893d48a15cca700ccc81c5d2cfea1da602d5f0e80a6822a6f11404be2ad12d04

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 21:17:09 GMT
Last-Modified
Tue, 29 Sep 2020 16:53:46 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"125c3-5b076a0551ca4"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
75203
20_percent_off_1601398529.9401.png
www.hfqpdb.com/coupons/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hfqpdb.com/coupons/20_percent_off_1601398529.9401.png
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
HTTP/1.1
Server
66.77.206.225 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
host-206-225.bayshorehosting.com
Software
Apache / PleskLin
Resource Hash
c092082d95ec0a7add95c2eeacbdc2e40435b34cf6eb7bb032a7c9fa84d06eb3

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 21:17:09 GMT
Last-Modified
Tue, 29 Sep 2020 16:54:07 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"117d5-5b076a1a05ecb"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
71637
wishlist.png
www.hfqpdb.com/images/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.hfqpdb.com/images/wishlist.png
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
HTTP/1.1
Server
66.77.206.225 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
host-206-225.bayshorehosting.com
Software
Apache / PleskLin
Resource Hash
0ec074ca98ebf94fe8f939b2c5f907e1418a0dd329b825bf0903f278a438e6ff

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 21:17:09 GMT
Last-Modified
Thu, 24 Oct 2019 17:51:34 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"99a7-595abaf25f580"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
39335
btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 21:17:09 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
17891010
x-cache
HIT, HIT
status
200
surrorage-key
/en_US/i/btn/btn_donateCC_LG.gif /en_US/i/btn/btn_donateCC_LG.gif /en_US/i/btn/btn_donateCC_LG.gif /en_US/i/btn/btn_donateCC_LG.gif /en_US/i/btn/btn_donateCC_LG.gif /en_US/i/btn/btn_donateCC_LG.gif /en_US/i/btn /en_US/i /en_US
content-length
2993
x-served-by
cache-lax8623-LAX, cache-hhn4053-HHN
last-modified
Fri, 16 Aug 2019 04:57:33 GMT
server
Apache
x-timer
S1602623829.085001,VS0,VE0
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
2461, 118161
pixel.gif
www.paypalobjects.com/en_US/i/scr/ 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 21:17:09 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
17891012
x-cache
HIT, HIT
status
200
surrorage-key
/en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr/pixel.gif /en_US/i/scr /en_US/i /en_US
content-length
43
x-served-by
cache-lax8622-LAX, cache-hhn4053-HHN
last-modified
Fri, 16 Aug 2019 04:57:34 GMT
server
Apache
x-timer
S1602623829.085073,VS0,VE0
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1, 251006
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/ 		230 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 21:17:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88670
x-xss-protection
0
server
cafe
etag
13373283986949850894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Oct 2020 21:17:08 GMT
choice.js
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.hfqpdb.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.hfqpdb.com/choice.js
Requested by
Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/7636.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:a400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e94871a28e588598a5b5bb0fa62dae728a3503c79b32dec93c3144b1660bcd73

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 21:17:10 GMT
content-encoding
gzip
etag
"9831df77b8ff4179e94a56a83951637f"
last-modified
Fri, 09 Oct 2020 16:37:32 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
x-amz-server-side-encryption
AES256
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
x-amz-cf-id
034kqylzpkdy7t3f0P0MWRK9Ua6Qf7eCsHmGuQhZzsQaRr7WIAUtgQ==
via
1.1 0b828d2972235c5e8de186e29f1866fd.cloudfront.net (CloudFront)
gpt.js
securepubads.g.doubleclick.net/tag/js/
Redirect Chain
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
48185e2c57f1d5365a447d21cdb5bfa59bb23790db1c273abf682fcf24efc3fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 21:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"662 / 636 of 1000 / last-modified: 1602614144"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17724
x-xss-protection
0
expires
Tue, 13 Oct 2020 21:17:09 GMT

Redirect headers

Date
Tue, 13 Oct 2020 21:05:50 GMT
X-Content-Type-Options
nosniff
Server
sffe
Age
679
Content-Type
text/html; charset=UTF-8
Location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control
public, max-age=1800
Content-Length
249
X-XSS-Protection
0
Expires
Tue, 13 Oct 2020 21:35:50 GMT
me
ipfind.co/ 		366 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by
Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/7636.js
Protocol
HTTP/1.1
Server
50.18.199.66 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-18-199-66.us-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
fdd61689a68e1ab4e129db1c18a5f7f12ec823ea6c9e74b9875be6b6cdfcc58a

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 21:17:09 GMT
Content-Encoding
gzip
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
http://www.hfqpdb.com
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
241
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/ Frame CA15 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201008/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.hfqpdb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.hfqpdb.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 13 Oct 2020 03:54:38 GMT
expires
Tue, 27 Oct 2020 03:54:38 GMT
content-type
text/html; charset=UTF-8
etag
7382719332125555894
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4731
x-xss-protection
0
age
62550
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=191&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Only%20one%20%27enable_page_level_ads%27%20allowed%20per%20page.%0Aat%20Cl%20(http%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A210%3A299)%0Aat%20Bl%20(adsbygoogle.js%3A208%3A373)%0Aat%20Kl%20(adsbygoogle.js%3A218%3A423)%0Aat%20b%20(adsbygoogle.js%3A219%3A36)%0Aat%20adsbygoogle.js%3A71%3A146%0Aat%20He.n.ea%20(adsbygoogle.js%3A70%3A294)%0Aat%20adsbygoogle.js%3A71%3A121%0Aat%20adsbygoogle.js%3A40%3A568%0Aat%20MutationObserver.Ll.observe.childList%20(adsbygoogle.js%3A219%3A276)&shv=r20201008&eid=44726948%2C21067424&url=http%3A%2F%2Fwww.hfqpdb.com%2F
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Oct 2020 21:17:08 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
5263
date
Tue, 13 Oct 2020 19:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Tue, 13 Oct 2020 21:49:25 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
sync.html
s.adtelligent.com/ Frame CB27 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=555831
Requested by
Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/7636.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:452::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.hfqpdb.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.hfqpdb.com/

Response headers

Server
VertaMedia 1.0
Date
Tue, 13 Oct 2020 21:17:08 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
657
Access-Control-Allow-Origin
http://www.hfqpdb.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
new-impression
thisiswaldo.com/ 		1 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://thisiswaldo.com/new-impression
Requested by
Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/7636.js
Protocol
HTTP/1.1
Server
52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-219-226.us-east-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 13 Oct 2020 21:17:09 GMT
X-Content-Type-Options
nosniff, nosniff
Server
Apache/2.4.29 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1
Expires
Sun, 19 Nov 1978 05:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=589641953&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hfqpdb.com%2F&ul=en-us&de=windows-1252&dt=Harbor%20Freight%20Tools%20Coupon%20Database%20-%20Free%20coupons%2C%2025%20percent%20off%20coupons%2C%2020%20percent%20off%20coupons%2C%20No%20Purchase%20Required%20coupons%2C%20toolbox%20coupons&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1253601289&gjid=172471240&cid=814558109.1602623829&tid=UA-61744264-1&_gid=1661492691.1602623829&_r=1&_slc=1&z=884716404
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Oct 2020 21:17:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
http://www.hfqpdb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
edge.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.hfqpdb.com/choice.js
Protocol
HTTP/1.1
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 21:17:09 GMT
Content-Encoding
gzip
Etag
"O/+l6c17R2TQ0JQMJXOiXA=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Tue, 20 Oct 2020 21:17:09 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		256 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/www.hfqpdb.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:a400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5baf199502427b7900ee42ae258286b4b0d782afe3d469ba39b57a6fc6d02d4

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 13 Oct 2020 21:17:09 GMT
content-encoding
br
last-modified
Thu, 08 Oct 2020 23:18:15 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
etag
"4d9f39d1e29dade370463c80c4214e5c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-meta-qc-ineu
True
x-amz-cf-id
91UQT3FqJwIWbv_ilXy5sJsaC_AntupSooXDo32P_LwfVXdCz1IsGg==
via
1.1 0b828d2972235c5e8de186e29f1866fd.cloudfront.net (CloudFront)
p-fTfJtcPmQDwZG.gif
pixel.quantserve.com/pixel/
Redirect Chain
  • http://pixel.quantserve.com/pixel/p-fTfJtcPmQDwZG.gif
  • https://pixel.quantserve.com/pixel/p-fTfJtcPmQDwZG.gif
35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-fTfJtcPmQDwZG.gif
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Oct 2020 21:17:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status
200
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location
https://pixel.quantserve.com/pixel/p-fTfJtcPmQDwZG.gif
Date
Tue, 13 Oct 2020 21:17:09 GMT
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
0
Expires
Wed, 14 Oct 2020 21:17:09 GMT
rules-p-fTfJtcPmQDwZG.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
  • https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
3 B
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:6400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 21:09:58 GMT
via
1.1 ccc2e147947b6e1dcaa206a56faa4bb5.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 23:52:35 GMT
server
AmazonS3
age
431
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Error from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=300
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
8sDUib3mlXB7iyaaobl2SxP1e_SHJW0cmleTiZLCUnJRn7Bbxv9dqg==

Redirect headers

Date
Tue, 13 Oct 2020 21:17:09 GMT
Via
1.1 f78fee2989d34e40cb45ddfbcb9ba346.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
VIE50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
_1l0qY5U06hRHazbBhA0am0lG1yhpPh2bpAXLNgZQ6FCVo7fx-ammA==
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ 		156 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:a400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e92fdb973a6cbc15672db566bafee758bfefb8aca9e445af6518aca1dd9374f5

Request headers

Accept
application/json, text/plain, */*
Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 03:00:28 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
65801
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 03:00:27 GMT
server
AmazonS3
etag
W/"43bacde42b773c96ed7eefdc28e6a0e2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 ce1d51670567993d20733122565db596.cloudfront.net (CloudFront)
cache-control
max-age:86400
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
-sm0TFbyBJuCh_rcMs-eBy4wLdvuCzDMc7oii-x_Ay3pZbtVWqLU3g==
pubads_impl_2020100801.js
securepubads.g.doubleclick.net/gpt/ 		272 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100801.js?21067990
Requested by
Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
18204b1b043b733394e7b59f82c158848e222f3fa29c9965b5c6650f249bdc3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 21:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Oct 2020 08:43:37 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97668
x-xss-protection
0
expires
Tue, 13 Oct 2020 21:17:09 GMT
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:2200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f3c043254ca1f3d4b3c943d35565bab8227869b8a761f412bb9405b71f948bb

Request headers

Accept
application/json, text/plain, */*
Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 19:52:32 GMT
content-encoding
br
age
5078
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sun, 11 Oct 2020 19:52:29 GMT
server
AmazonS3
etag
"c9fd6dacc3995415ef1bc326d97aea76"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
via
1.1 650962b00c259fe47c193b15b2fe4b88.cloudfront.net (CloudFront)
cache-control
max-age:1296000
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
HjBc9G5K5NSjfZ526be_ndZMZPKg2MUqCL3y4SqUH0NyDaJECASL2Q==
vendor-list.json
quantcast.mgr.consensu.org/GVL-v2/ 		201 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:a400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da10a56e0973a93937e8a65aab80cae2747dace734c2fe08172acf5364386465

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 23:59:13 GMT
content-encoding
br
age
76677
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 08 Oct 2020 23:59:10 GMT
server
AmazonS3
etag
"44c519a0510c1a43716a8bacb67fdea6"
vary
Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 ce1d51670567993d20733122565db596.cloudfront.net (CloudFront)
cache-control
max-age:518400
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
J2jaT3497l3Ejee0lkQFEO8UbfjtE10YPWuJg_itZIEJ8NV9QSuO4A==
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/16/ 		465 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/16/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:a400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
394cbc3aa76171b07dd16450b0d957d00de1121b856f1d7c644b7cdcdbe5a02d

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 23:18:17 GMT
content-encoding
br
age
424733
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
access-control-max-age
604800
access-control-allow-origin
*
last-modified
Thu, 08 Oct 2020 23:17:49 GMT
server
AmazonS3
etag
W/"c8e5ebf65cd84a5eaf53e134d3a75d2a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 0b828d2972235c5e8de186e29f1866fd.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
CgPpM3_ylGqij8zcz8a9E2MnvnYdP6CnihfqICBFlnyy7_rqvxfOUA==
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		80 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22fTfJtcPmQDwZG%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.16%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22pOUlyGSbs4btPNFJvvEE3Q%22%2C%22clientTimestamp%22%3A1602623829463%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-hfpjgzhkqn9rbw7up9f%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/16/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.92 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-92.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept
application/json, text/plain, */*
Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 01:21:24 GMT
via
1.1 0b1a7654de85c273e4c8f54e3e012e2e.cloudfront.net (CloudFront)
vary
Origin
age
71746
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
80
last-modified
Tue, 26 Nov 2019 14:21:44 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
x-amz-cf-id
yx_MV0eFFBT77wbG8B5U_Ce58YtGsn0TUgCRM7PC9upbu1_e5Ybv4Q==
integrator.js
adservice.google.de/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.hfqpdb.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Oct 2020 21:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hfqpdb.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Oct 2020 21:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 20AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2232711491913048&output=html&adk=1812271804&adf=3025194257&lmt=1602623830&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&gdpr=1&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=2&format=0x0&url=http%3A%2F%2Fwww.hfqpdb.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602623828925&bpp=45&bdt=215&idt=99&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3723050095725&frm=20&pv=2&ga_vid=814558109.1602623829&ga_sid=1602623830&ga_hid=589641953&ga_fc=0&iag=0&icsg=36210850&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44726948%2C21067424&oid=3&pvsid=1656717402178867&pem=933&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=1152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2232711491913048&output=html&adk=1812271804&adf=3025194257&lmt=1602623830&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&gdpr=1&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=2&format=0x0&url=http%3A%2F%2Fwww.hfqpdb.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602623828925&bpp=45&bdt=215&idt=99&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3723050095725&frm=20&pv=2&ga_vid=814558109.1602623829&ga_sid=1602623830&ga_hid=589641953&ga_fc=0&iag=0&icsg=36210850&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44726948%2C21067424&oid=3&pvsid=1656717402178867&pem=933&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=1152
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.hfqpdb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnAvVKt6xUC6gjJUpz52Dro2TFCyFE4Bip1dzHdd_Kl8FfVB-QOtRifr_4D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.hfqpdb.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 13 Oct 2020 21:17:10 GMT
server
cafe
content-length
671
x-xss-protection
0
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405f8354addef1122e5aa8e0792ff65778ae3ee2f4092be9d875b4c6ff8f5192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 21:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602502693699453"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27594
x-xss-protection
0
expires
Tue, 13 Oct 2020 21:17:10 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A394 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2232711491913048&output=html&h=90&slotname=5521881512&adk=2057843948&adf=4061442901&w=728&lmt=1602623830&psa=0&guci=1.2.0.0.2.2.0.0&gdpr=1&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=2&format=728x90&url=http%3A%2F%2Fwww.hfqpdb.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602623828925&bpp=3&bdt=215&idt=107&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3723050095725&frm=20&pv=1&ga_vid=814558109.1602623829&ga_sid=1602623830&ga_hid=589641953&ga_fc=0&iag=0&icsg=34395949218&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44726948%2C21067424&oid=3&pvsid=1656717402178867&pem=933&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rllo9ZCzhJ&p=http%3A//www.hfqpdb.com&dtd=1160
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2232711491913048&output=html&h=90&slotname=5521881512&adk=2057843948&adf=4061442901&w=728&lmt=1602623830&psa=0&guci=1.2.0.0.2.2.0.0&gdpr=1&us_privacy=1---&gdpr_consent=tcunavailable&tcfe=2&format=728x90&url=http%3A%2F%2Fwww.hfqpdb.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602623828925&bpp=3&bdt=215&idt=107&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3723050095725&frm=20&pv=1&ga_vid=814558109.1602623829&ga_sid=1602623830&ga_hid=589641953&ga_fc=0&iag=0&icsg=34395949218&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44726948%2C21067424&oid=3&pvsid=1656717402178867&pem=933&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=rllo9ZCzhJ&p=http%3A//www.hfqpdb.com&dtd=1160
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.hfqpdb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnAvVKt6xUC6gjJUpz52Dro2TFCyFE4Bip1dzHdd_Kl8FfVB-QOtRifr_4D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.hfqpdb.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 13 Oct 2020 21:17:10 GMT
server
cafe
content-length
15592
x-xss-protection
0
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-2232711491913048&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20201011_200540&sat=1602545826979&afm=0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.067&alldns=0.067&allp=14&fd=(0%2C3%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1348&su=www.hfqpdb.com&r=0.1
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Oct 2020 21:17:10 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		370 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/7636.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
97a2cac4cc9c6e886cb18882fb4b3d7990c519868edda9f7b6060b3ee9060e1f

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 13 Oct 2020 21:17:10 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
http://www.hfqpdb.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
312
prebid
ib.adnxs.com/ut/v3/ 		19 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/7636.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Oct 2020 21:17:10 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.153:80
AN-X-Request-Uuid
1944c311-fe70-4cd2-8b0e-0df0304a13ce
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.hfqpdb.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
the-eighth-d.openx.net/w/1.0/ 		190 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://the-eighth-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.hfqpdb.com%2F&ch=windows-1252&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=3c07921f-e7c6-4260-9243-76774a54cc23&nocache=1602623830966&gdpr=0&us_privacy=1---&pubcid=2ca460d2-9c98-4980-b0b8-f39bd0fa255e&schain=1.0%2C1!newormedia.com%2C7636%2C1%2C%2C%2C&aus=728x90&divIds=waldo-tag-7648&auid=541031806
Requested by
Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/7636.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.195.1 /
Resource Hash
0c550d101efdb4573828c6671afe05ccd01540b6565f29899e44e5e464b8abc3

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Oct 2020 21:17:11 GMT
content-encoding
gzip
server
OXGW/16.195.1
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://www.hfqpdb.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
175
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		65 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/7636.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
d3ef7099759f3a03aa4d8ad604c8666d3c73e6d2f09a6e3fb699d16e8cfbbd7e

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Oct 2020 21:17:11 GMT
content-encoding
gzip
status
200, 200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.hfqpdb.com
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		203 B
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=7726&pi=3&gdprApplies=0&uspConsent=1---&schain=1.0%2C1!newormedia.com%2C7636%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fwww.hfqpdb.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=https%3A%2F%2Fwww.hfqpdb.com%2Fharborfreightcoupons&ns=9728
Requested by
Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/7636.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.107.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-107-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1780046b881bf345b38eedba9dec4142531901b403c5b390f2882a9740a9970b

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Oct 2020 21:17:11 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://www.hfqpdb.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
auction
tlx.3lift.com/header/ 		0
0
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
0
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
0
aardvark
bidder.rtk.io/lC8y/cM1b/ 		137 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.rtk.io/lC8y/cM1b/aardvark?version=1&jsonp=false&rtkreferer=http%3A%2F%2Fwww.hfqpdb.com%2F&w=1600&h=1200&schain=1.0%2C1!newormedia.com%2C7636%2C1%2C%2C%2C&gdpr=false&us_privacy=1---&cM1b=1751b9b63beb2ec
Requested by
Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/7636.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
147.75.107.42 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
lbadstorm-pk-nj-102
Software
RTK AdStorm/1.0 /
Resource Hash
4f397aa955fae9816115005ede93b4032a932a8681155947868769f57e591775

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 13 Oct 2020 21:17:12 GMT
Content-Encoding
gzip
Server
RTK AdStorm/1.0
Etag
"ebfe9b4445f0c64b337661d0e4a49677add420fb"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
http://www.hfqpdb.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Rtk-Nid
adstorm-pk-nj-103:137
Access-Control-Allow-Headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, Access-Control-Allow-Origin
Content-Length
125
Expires
0
cygnus
htlb.casalemedia.com/ 		25 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=296677&v=7.2&r=%7B%22id%22%3A%221823be8700b8dfc%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22195e6e6c58d2c8d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22296677%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fwww.hfqpdb.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22newormedia.com%22%2C%22sid%22%3A%227636%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by
Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/7636.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
868e2b119583343d56bce6a55940334b5ec0ba20e4a91aaf3d33367a301bb735

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Oct 2020 21:17:12 GMT
content-encoding
gzip
server
Apache
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.hfqpdb.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
expires
Tue, 13 Oct 2020 21:17:12 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1656717402178867&correlator=1649094100366844&output=ldjh&impl=fifs&adsid=NT&eid=21067706%2C21067990&vrg=2020100801&gdpr_consent=tcunavailable&gdpr=1&tcfe=2&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201013&iu_parts=124067137%2Chfqpdb728x90FS_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cust_params=universal_passback%3Dyes&cookie_enabled=1&bc=23&abxe=1&lmt=1602623831&dt=1602623831971&dlt=1602623828709&idt=795&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1110&adks=522367536&ucis=1&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.hfqpdb.com%2F&dssz=24&icsg=34395949218&std=0&vis=1&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=814558109.1602623829&ga_sid=1602623830&ga_hid=589641953&fws=512&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100801.js?21067990
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
6ef03c421d0af72350406354fb22f0e4d99376cf262e216ff067c2aef318e45b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 21:17:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11159
x-xss-protection
0
google-lineitem-id
5306225646
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138317560085
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.hfqpdb.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e6edf8d88582da523b1876c905e1eb76.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://e6edf8d88582da523b1876c905e1eb76.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100801.js?21067990
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100801.js?21067990
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 7DFC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseefwCodb7fFEXZpsFRXCRBXXovvFekgGwhj6gc2OqSLZpcloTsGLhHeSB3HM8Y_842TLWqAQ8fEDwIioi9sHtkf73FvqOYNBUlE5q-HwG7I9zlBpmGWLA--v23BJeuB72uZgUBoD-Yde0Jhpmj7qxENSS_xlBDzBSSaWPEzeVzZAcKrCCcFYmI06Uc44TRUNomFU-x-KsJILMZkXJq0_u-gXweUlKlafbIqVk86SZJRoUpOBo3XDmMAucZo51Oua85Z-eordSUGc&sig=Cg0ArKJSzIGBhYIoeBv3EAE&adurl=
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Oct 2020 21:17:12 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201008/r20110914/ Frame 7DFC 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201008/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100801.js?21067990
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
033dccc31e95d9f4b267d264f046f8584d4fb2741066e334cc35b88c6450d25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 15:55:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7310
x-xss-protection
0
server
cafe
etag
8108057924216370432
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Oct 2020 15:55:51 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201008/r20110914/client/ Frame 7DFC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201008/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100801.js?21067990
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 15:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19727
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1330
x-xss-protection
0
server
cafe
etag
15429208973290199181
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Oct 2020 15:48:25 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 7DFC 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100801.js?21067990
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a3b80afb5b8fe9f9bc923d1b7550d652bfaf3d8d33ad453a6694e484215af6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 21:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602502693699453"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28907
x-xss-protection
0
expires
Tue, 13 Oct 2020 21:17:12 GMT
l
www.google.com/ads/measurement/ Frame 7DFC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaSyn8thhwmrMSn8HZBIwu46ej3Noyw2cRpZESZQG8cJVr1F3aHZrKEdUOZJqtpy4Prel1IWjWVd9WMEzEheWjDRa-DqvQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100801.js?21067990
Protocol
HTTP/1.1
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
14460037330533466462
tpc.googlesyndication.com/simgad/ Frame 7DFC 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14460037330533466462
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100801.js?21067990
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
000df62ea8897c629d63d5b188e66b0567e8a04c20e3051ef53a93085a11bec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 13:43:20 GMT
x-content-type-options
nosniff
age
113632
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47130
x-xss-protection
0
last-modified
Tue, 21 Jul 2020 16:45:30 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Oct 2021 13:43:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7DFC 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRq2KMWazqnPiVcKwVa9EL_lMM1Y2o8XJd2TAU26vxxBJjRW5Y7t-gUir_EWfG8OKwfjB51hHgybQwCvbpNlBFO6p_I6RnEQd30hfJyUhZiN1PuplRRbahtDU3BqK9hVeeutxqDjljqrGy1rUHM3iSyNGemYrfAp7ukjpMJ7RBAPWoEYw38pLv5-Nz1JMm7E31e9TUuBYIpfeUS6dsAQu-KhqvYFdx9K_EHldufVIpLkLpdudJkEP38YcRQr2JLj6xb0DJIuN9ERhuxA&sig=Cg0ArKJSzO74r7mqJS7FEAE&adurl=
Requested by
Host: www.hfqpdb.com
URL: http://www.hfqpdb.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Oct 2020 21:17:12 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 7DFC 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce2a40a237c7803b8f98b7b77628a574e15f7cf0f2ebf2a1053a418ed52d15d3

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201008&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7b57e7924b8517c33b0a2c625ab6fe4fba703182032b4d061d833b98f1375d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Oct 2020 21:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6738
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 21:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601061966610483"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6293
x-xss-protection
0
expires
Tue, 13 Oct 2020 21:17:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7DFC 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsui_pUqjvBHU_-dMcDBrX1PsdE-VX4SFvsaBuNIjvYTZ6z6hsX3UFqw0UjQOummCLXZH53l33Ocz_8OL1ILOqN1-9BZ3kypf9k95qcBfl8&sig=Cg0ArKJSzN4fgZ9KjiTiEAE&adk=522367536&tt=-1&bs=1600%2C1200&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&p=1110,436,1200,1164&postrxl=1&mcvt=1014&rs=0&ht=0&tfs=109&tls=1123&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=6&niot_cbk=13&md=2&btr=0&cpmav=0&lm=2&rst=1602623832598&dlt&rpt=33&isd=0&msd=0&xdi=0&bmi=1&ps=1600%2C1348&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-5-11-11-0-0-0&tvt=1120&is=728%2C90&iframe_loc=http%3A%2F%2Fwww.hfqpdb.com%2F&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20201012
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Oct 2020 21:17:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 3588 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/217/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.hfqpdb.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.hfqpdb.com/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Tue, 13 Oct 2020 20:55:52 GMT
expires
Wed, 13 Oct 2021 20:55:52 GMT
last-modified
Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1281
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201008&jk=1656717402178867&bg=!eXqlelrNAAWqWepuqlhsg_S4v5vLywIAAAB5UgAAABUKAPhrZC5GoopxEGMXyV9hqBK8_XARCAgdmhuGEoR2oTqkVDe5lc7X-1j6x_bAdWqGFIuK2Yfd100ohhQ7jt_W3JYe7ZPLP08Gt2ReqBMZmIxRxQgAeGO4lpd9_PhawBngv2_a84isf-LH0QS2ggmoh9AaKB0XPFzuLaZigf7VrDGHMjhSIVB3u6l_XzZmOUclvWwWIN6EBaCtHyTtGsu_P6Q7ELrNZUwHFxbqUBcpN20ZFwpHba-TYH6IiqfZHcaWUmtk5dDa7xF0VVtSKodua_vshJQKmIdATShtosZgvBKHtfNBAzCnreh3l6FCT1f17rxZBYD875FxX5kBwC9TFmvllRC2u6HN2kCAyedN51L6kI4V5BomfGXcPt7YBtMiBTH7saHvV-Ey9uNzG3uDPFYBcdc7BT3BLGAtLFnslEncS-x-KQH-goMsKJdPeb9rYzpkJWDytmU4ElNJ7lrxu-xifyMwOfvojZYHNUojikJ_3-XF2Ctu46Aumpb58Cn0Dft_Lb1wSQSMPUWLwMFFuYwqlSbzlWS64_437M3FxBaRApwI0Xi_XzOGp1el-A8DFhMWY-AFHzTOmWXLXqloZSOAaO7NdfA772YGV9RoUW1pLfIWmIVjDEgsp6f22rJyaynBGSfsAKQ-38o5SSG1lJZB3PAjEaIyrvabUXkDb4WagnGeVwrya___EDz2_w0rB-ErZu7c8yEMVsECwN863PfYzHvdNv3dc0wBn-dSVOJRxGn0ehMpzOYUPh2XskvpPHSQPwH9TT-3pHOQvpu3-iFJmxByp8nUWtVBBwlzC-ViOQN3E1-GIgFZhO8t-7VpyoMZRgNyHbh6r9Fo9Sfzfk3t4W6FKz4CxLgsVZQoKokHJ7-xLXd9ZQjyNHKS1fAoAfp-KqAqIEYqJ7NDgHpt6nRXiRaeG905h4XIl8w
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Oct 2020 21:17:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/ 		108 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=9zrfwmk&fmt=json
Requested by
Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/7636.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.46.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-46-226.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cf6ec28375e5444308537be28fbb768768799a5d70773ac38674bbba47baea71

Request headers

Referer
http://www.hfqpdb.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Oct 2020 21:17:16 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.hfqpdb.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Thu, 12 Nov 2020 21:17:17 GMT
Cookie set cs
sync.rtk.io/ Frame 08EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.rtk.io/cs?us_privacy=1---
Requested by
Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/7636.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
147.75.107.42 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
lbadstorm-pk-nj-102
Software
RTK CookiePixel/v1.2.1 /
Resource Hash

Request headers

Host
sync.rtk.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.hfqpdb.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.hfqpdb.com/

Response headers

Date
Tue, 13 Oct 2020 21:17:17 GMT
Content-Type
text/html; charset=utf-8
Content-Length
645
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Pragma
no-cache
Server
RTK CookiePixel/v1.2.1
Set-Cookie
rtkuuid=ef4cb16b-5529-4656-9e0e-ff47c95febb6; Path=/; Domain=rtk.io; Expires=Mon, 11 Jan 2021 21:17:17 GMT; Secure; SameSite=None
X-Rtk-Nid
adstorm-pk-nj-107:8002

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=3.27.0&referrer=http%3A%2F%2Fwww.hfqpdb.com%2F&tmax=3000&gdpr=false&us_privacy=1---
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DDst6TPmS97ZYEiy3jYGsVDn&bidId=14d25b47ba39e58&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.27.0&strVersion=3.2.1&secure=false&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22newormedia.com%22%2C%22sid%22%3A%227636%22%2C%22hp%22%3A1%7D%5D%7D
Domain
btlr.sharethrough.com
URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=myEtNmA9iqbiibwzNYA6kHtj&bidId=15be170879cb2f5&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.27.0&strVersion=3.2.1&secure=false&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22newormedia.com%22%2C%22sid%22%3A%227636%22%2C%22hp%22%3A1%7D%5D%7D

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| trustedTypes object| adsbygoogle function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_redemption_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| adDomainCheck function| waldoIsInArray function| waldoInitScripts function| waldoSetTagsOnPage function| isElementInViewport function| isElementInViewport2 function| waldoInitGPT function| waldoInitGPTSingleSlot function| waldoAddSelectMediaCookie function| fetchHeaderBids function| waldoTriggerHB function| waldoAddCloseBtn function| waldoPassbackCheck function| waldoInitTags function| hbRefreshBid function| hbRandomMinMaxRefreshMulti function| hbRandomMinMaxRefresh function| hbRandomMinMaxRefreshOnView function| getRandomNumber function| waldoGeoBidsCheck function| waldoGetUserData function| waldoLoadPassback function| waldoCreateCookie function| waldoReadCookie function| waldoEmailDetected function| waldoRecordImpression function| waldoAddCCPAWidget function| waldoSetPbjsUSPString number| refEn string| updateDate number| tagsInitDone object| gptAdSlots string| adDomain object| breakpoints number| domainValid number| PREBID_TIMEOUT number| interstitialDone object| waldoTimeOuts object| waldoAdRefreshes object| allAdUnits object| blockAdsOn string| pubwiseSiteId number| adTagsInitFlag number| siteId number| bidDivAvailable object| waldoTagsStatus object| googletag object| pbjs number| switchUserSync number| waldoRestrictIp number| waldoImpressionDone string| blockedPageAds number| waldoGDPR object| waldoCountry object| waldoContinent object| waldoDataPointsDone number| closeBtnAdded object| unlimitedRefGeos object| waldoGPTSlots object| waldoTagsOnPage object| waldoSlotIds object| waldoDefinedSlots object| waldoAdUnitsAddedToPbjs object| waldoAdRefreshesOnView number| waldoCCPAWidgetAdded undefined| oriRenderAd object| countriesToExclude number| browserWidth object| adUnits object| passbackAdUnits undefined| affiliateBanners number| waldoCheckIndividualImps string| waldoOriPathName object| waldo function| __tcfapi function| __uspapi function| pbjsChunk object| _pbjsGlobals object| _clrm function| google_spfd object| google_sv_map object| google_image_requests function| Cookies boolean| _gfp_p_ number| google_lpabyc number| google_unique_id string| GoogleAnalyticsObject function| ga function| saveCouponToList function| toggleList number| index object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState object| _qevents function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| regeneratorRuntime function| __tcfapiui object| scCGSHMRCache function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms

38 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: PugT
Value: 1602623833
.pubmatic.com/ Name: SPugT
Value: 1602623833
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADyB06_DDMAABCPr92aqg
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-6883216933374261389
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 22918-29422050-eff0-455e-a67e-4928c9dd3f11&KRTB&23031-29422050-eff0-455e-a67e-4928c9dd3f11
.hfqpdb.com/ Name: __gads
Value: ID=7f9a5a5954155076:T=1602623832:S=ALNI_MbFJIKPKtm28HvfUJLapmnox7CGLQ
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2665443907637192399
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-siIaIbZ9FyKqdholsCIPceVwGiaqd0Qv5XXNaaWV&KRTB&22979-siIaIbZ9FyKqdholsCIPceVwGiaqd0Qv5XXNaaWV
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_b0a1a78c-95ef-4165-af3f-85d4d28b54c9
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-758d3dbb-0d99-11eb-b39b-61dee2eb39ac
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8804234517518283972
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEFPT2Mm5knhWs30o4TRlaHw&KRTB&22987-CAESEFPT2Mm5knhWs30o4TRlaHw&KRTB&23025-CAESEFPT2Mm5knhWs30o4TRlaHw
.pubmatic.com/ Name: SyncRTB3
Value: 1603756800%3A13_56_54_88_78_55_161_3_22_81_99_204_104_166_8_165_176_189_5_220_7_21_223_71%7C1603411200%3A63%7C1603152000%3A15_67_2%7C1605139200%3A203%7C1603843200%3A35
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:e1775f86-1955-4900-aca7-8331de9309df&KRTB&16736-uid:e1775f86-1955-4900-aca7-8331de9309df&KRTB&23019-uid:e1775f86-1955-4900-aca7-8331de9309df&KRTB&23114-uid:e1775f86-1955-4900-aca7-8331de9309df
.adtelligent.com/ Name: vmuid
Value: a62e1df873e1fdff
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-61a93a58-3703-4583-928f-9b7dc3c0389c
.pubmatic.com/ Name: PUBMDCID
Value: 3
.adtelligent.com/ Name: a306114
Value: PM_UID6C6B66A9-9168-4FAE-B858-47F929EE7C55
.adtelligent.com/ Name: a310756
Value: 1f54fcc36d628bfe6408e77a207fcd9b702a1cfa
.adform.net/ Name: uid
Value: 8804234517518283972
.hfqpdb.com/ Name: _gat
Value: 1
www.hfqpdb.com/ Name: waldo-pbjs-pubCommonId
Value: 2ca460d2-9c98-4980-b0b8-f39bd0fa255e
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnAvVKt6xUC6gjJUpz52Dro2TFCyFE4Bip1dzHdd_Kl8FfVB-QOtRifr_4D
.tapad.com/ Name: TapAd_DID
Value: 74c447f0-0d99-11eb-8535-3e35ece8b3ff
.pubmatic.com/ Name: DPSync3
Value: 1603756800%3A197_219_201%7C1602633600%3A174
.pubmatic.com/ Name: pi
Value: 157288:2
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:GLtApumz1KsrFs5
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-hHM2BMvrozxHsQYfzE5aVow9&KRTB&23212-hHM2BMvrozxHsQYfzE5aVow9
.hfqpdb.com/ Name: _gid
Value: GA1.2.1661492691.1602623829
.tapad.com/ Name: TapAd_TS
Value: 1602623830511
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3983646928580941047
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 6C6B66A9-9168-4FAE-B858-47F929EE7C55
.hfqpdb.com/ Name: _ga
Value: GA1.2.814558109.1602623829

2 Console Messages

Source Level URL
Text
console-api log URL: http://cdn.thisiswaldo.com/static/js/7636.js(Line 21)
Message:
triggered on event listener
console-api log URL: http://cdn.thisiswaldo.com/static/js/7636.js(Line 20)
Message:
sending ad server request

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
audit-tcfv2.quantcast.mgr.consensu.org
bidder.rtk.io
btlr.sharethrough.com
cdn.jsdelivr.net
cdn.thisiswaldo.com
e6edf8d88582da523b1876c905e1eb76.safeframe.googlesyndication.com
edge.quantserve.com
g2.gumgum.com
ghb.adtelligent.com
googleads.g.doubleclick.net
htlb.casalemedia.com
ib.adnxs.com
ipfind.co
match.adsrvr.org
pagead2.googlesyndication.com
pixel.quantserve.com
quantcast.mgr.consensu.org
rules.quantcount.com
s.adtelligent.com
securepubads.g.doubleclick.net
ssc.33across.com
sync.rtk.io
test.quantcast.mgr.consensu.org
the-eighth-d.openx.net
thisiswaldo.com
tlx.3lift.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.hfqpdb.com
www.paypalobjects.com
btlr.sharethrough.com
tlx.3lift.com
104.111.215.135
147.75.107.42
151.101.114.133
172.217.23.162
2600:9000:206e:2200:3:a4cd:8380:93a1
2600:9000:206e:6400:6:44e3:f8c0:93a1
2600:9000:206e:6a00:4:164e:ca00:93a1
2600:9000:206e:a400:9:46dc:4700:93a1
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2002
2a00:1450:4001:803::2004
2a00:1450:4001:806::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:819::2001
2a00:1450:4001:81f::200e
2a04:4e42:1b::621
2a06:8640:452::2
2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
35.244.159.8
37.252.173.22
50.18.199.66
52.15.219.226
52.48.46.226
54.194.107.225
66.77.206.225
67.202.110.24
99.86.243.92
000df62ea8897c629d63d5b188e66b0567e8a04c20e3051ef53a93085a11bec2
033dccc31e95d9f4b267d264f046f8584d4fb2741066e334cc35b88c6450d25e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c550d101efdb4573828c6671afe05ccd01540b6565f29899e44e5e464b8abc3
0ce8a4f5b2bfe56d2c1b199d43c15389cf228f752b368b108cd2864f48534fab
0ec074ca98ebf94fe8f939b2c5f907e1418a0dd329b825bf0903f278a438e6ff
1780046b881bf345b38eedba9dec4142531901b403c5b390f2882a9740a9970b
18204b1b043b733394e7b59f82c158848e222f3fa29c9965b5c6650f249bdc3e
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3c043254ca1f3d4b3c943d35565bab8227869b8a761f412bb9405b71f948bb
394cbc3aa76171b07dd16450b0d957d00de1121b856f1d7c644b7cdcdbe5a02d
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
405f8354addef1122e5aa8e0792ff65778ae3ee2f4092be9d875b4c6ff8f5192
41fd81548b2b7f6567ec3fc46bdf30db17f6d5542abacfd5585e52bf8398c6d8
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
48185e2c57f1d5365a447d21cdb5bfa59bb23790db1c273abf682fcf24efc3fa
4a3b80afb5b8fe9f9bc923d1b7550d652bfaf3d8d33ad453a6694e484215af6a
4f397aa955fae9816115005ede93b4032a932a8681155947868769f57e591775
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
61bcad2a8da194c66614f4386bb8fd99da040c5fe3ba3259e4afa16a36918c25
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ef03c421d0af72350406354fb22f0e4d99376cf262e216ff067c2aef318e45b
83ec330bb0ad488bd24ac5f09bd6f399a65d3c86df6e0fde7a5ec09945913f33
868e2b119583343d56bce6a55940334b5ec0ba20e4a91aaf3d33367a301bb735
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119
893d48a15cca700ccc81c5d2cfea1da602d5f0e80a6822a6f11404be2ad12d04
9236c50a60a2e2e49de1dac41ffef09f75817f1f0e9b61ec12db6afa3d4b84bf
97a2cac4cc9c6e886cb18882fb4b3d7990c519868edda9f7b6060b3ee9060e1f
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a00ae71538ebe0815d55c8886884001219322f4eb7300e7023cf10ddcd6b322f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5baf199502427b7900ee42ae258286b4b0d782afe3d469ba39b57a6fc6d02d4
a7b57e7924b8517c33b0a2c625ab6fe4fba703182032b4d061d833b98f1375d5
c092082d95ec0a7add95c2eeacbdc2e40435b34cf6eb7bb032a7c9fa84d06eb3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce2a40a237c7803b8f98b7b77628a574e15f7cf0f2ebf2a1053a418ed52d15d3
cf6ec28375e5444308537be28fbb768768799a5d70773ac38674bbba47baea71
cf711cd0a594b10541db013cba19d97c74e644f11988b41053da3e6c0df6a301
d3ef7099759f3a03aa4d8ad604c8666d3c73e6d2f09a6e3fb699d16e8cfbbd7e
d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc
da10a56e0973a93937e8a65aab80cae2747dace734c2fe08172acf5364386465
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92fdb973a6cbc15672db566bafee758bfefb8aca9e445af6518aca1dd9374f5
e94871a28e588598a5b5bb0fa62dae728a3503c79b32dec93c3144b1660bcd73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbaa02863040d15c4410d572c4d213c2b8c75425279c5a01672c6ff86fd9d6c3
fdd61689a68e1ab4e129db1c18a5f7f12ec823ea6c9e74b9875be6b6cdfcc58a