www.fifthdomain.com Open in urlscan Pro
2.16.186.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fifthdomain.com/
Effective URL:
https://www.fifthdomain.com/
Submission: On April 08 via api (April 8th 2021, 2:08:48 pm UTC) from US

Summary HTTP 251 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 58 IPs in 5 countries across 35 domains to perform 251 HTTP transactions. The main IP is 2.16.186.176, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.fifthdomain.com.
TLS certificate: Issued by R3 on April 2nd 2021. Valid for: 3 months.

This is the only time www.fifthdomain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.172.75.131 54.172.75.131	14618 (AMAZON-AES) (AMAZON-AES)
1 16	2.16.186.176 2.16.186.176	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2600:9000:201... 2600:9000:2016:a600:8:1b61:ddc0:21	16509 (AMAZON-02) (AMAZON-02)
10	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 12	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	40.112.243.12 40.112.243.12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:710... 2a02:26f0:7100:1b8::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f03... 2a03:2880:f036:1d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
5	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	13.226.156.101 13.226.156.101	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	54.230.180.67 54.230.180.67	16509 (AMAZON-02) (AMAZON-02)
3	151.101.1.194 151.101.1.194	54113 (FASTLY) (FASTLY)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
1	52.160.40.218 52.160.40.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	213.19.162.21 213.19.162.21	3356 (LEVEL3) (LEVEL3)
3 6	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
7	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	35.201.103.212 35.201.103.212	15169 (GOOGLE) (GOOGLE)
1	52.222.179.41 52.222.179.41	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f13... 2a03:2880:f136:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
44	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	18.192.133.97 18.192.133.97	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
4 7	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:10c... 2a02:26f0:10c:488::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	213.254.244.24 213.254.244.24	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	2606:4700:10:... 2606:4700:10::6816:e17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
5	2600:9000:218... 2600:9000:2182:6e00:15:a460:2f80:21	16509 (AMAZON-02) (AMAZON-02)
1	13.225.87.22 13.225.87.22	16509 (AMAZON-02) (AMAZON-02)
2	213.254.244.19 213.254.244.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
15	2600:9000:209... 2600:9000:2093:ea00:f:b302:fdc0:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:9600:1b:7b40:7bc0:21	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
251	58

1 54.172.75.131 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

fifthdomain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.16.186.176 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-176.deploy.static.akamaitechnologies.com

www.fifthdomain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2016:a600:8:1b61:ddc0:21 (United States)

ASN16509 (AMAZON-02, US)

d1voyiv1eh2vzr.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:6c00::210:bb11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.armytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.112.243.12 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

portal.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:1b8::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
686eb719.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f036:1d:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-101.dus51.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.180.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-180-67.ham50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.194 (United States)

ASN54113 (FASTLY, US)

clarium.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.162.21 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.14 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

csp.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.103.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)

capablecup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.179.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-41.ham50.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f136:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.133.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:10c:488::4469 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.24 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:e17 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2182:6e00:15:a460:2f80:21 (United States)

ASN16509 (AMAZON-02, US)

dv90bhm02uda6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.22 (United States)

ASN16509 (AMAZON-02, US)

video-api-cdn.mco.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps20226.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:2093:ea00:f:b302:fdc0:21 (United States)

ASN16509 (AMAZON-02, US)

dq0mmww6n9gqf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:9600:1b:7b40:7bc0:21 (United States)

ASN16509 (AMAZON-02, US)

d1d3jupgwm7m5r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	467 KB
26	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	172 KB
26	cloudfront.net d1voyiv1eh2vzr.cloudfront.net d1z2jf7jlzjs58.cloudfront.net dv90bhm02uda6.cloudfront.net dq0mmww6n9gqf.cloudfront.net d1d3jupgwm7m5r.cloudfront.net	7 MB
24	2mdn.net s0.2mdn.net	248 KB
17	fifthdomain.com 2 redirects fifthdomain.com www.fifthdomain.com	210 KB
15	ampproject.org cdn.ampproject.org	323 KB
13	google.com 3 redirects www.google.com adservice.google.com	20 KB
10	armytimes.com www.armytimes.com	308 KB
8	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	17 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	571 KB
7	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	6 KB
7	google-analytics.com www.google-analytics.com	75 KB
6	doubleverify.com cdn.doubleverify.com tps.doubleverify.com tps20226.doubleverify.com	95 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
4	azureedge.net csp.azureedge.net	10 KB
4	facebook.net connect.facebook.net	156 KB
4	googletagservices.com www.googletagservices.com	120 KB
3	openx.net 2 redirects us-u.openx.net	833 B
3	capablecup.com capablecup.com	30 KB
3	fastly.net clarium.global.ssl.fastly.net	98 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	hellobar.com my.hellobar.com	43 KB
2	clarium.io protected-by.clarium.io	690 B
2	facebook.com www.facebook.com	497 B
2	parsely.com cdn.parsely.com p1.parsely.com	24 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	52 KB
2	googletagmanager.com www.googletagmanager.com	97 KB
2	cityspark.com portal.cityspark.com p.cityspark.com	5 KB
1	arcpublishing.com video-api-cdn.mco.arcpublishing.com	10 KB
1	createjs.com code.createjs.com	48 KB
1	akstat.io 686eb719.akstat.io	205 B
1	sail-horizon.com ak.sail-horizon.com	43 KB
1	quantserve.com pixel.quantserve.com	372 B
1	jsdelivr.net cdn.jsdelivr.net	37 KB
1	google.de adservice.google.de	165 B
251	35

	Domain	Requested by
30	tpc.googlesyndication.com	securepubads.g.doubleclick.net capablecup.com www.fifthdomain.com clarium.global.ssl.fastly.net 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com cdn.ampproject.org tpc.googlesyndication.com
24	s0.2mdn.net	82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com www.fifthdomain.com s0.2mdn.net
16	www.fifthdomain.com	1 redirects www.fifthdomain.com
15	dq0mmww6n9gqf.cloudfront.net	dv90bhm02uda6.cloudfront.net
15	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com clarium.global.ssl.fastly.net tpc.googlesyndication.com www.googletagservices.com
15	cdn.ampproject.org	clarium.global.ssl.fastly.net
12	www.google.com	3 redirects www.fifthdomain.com www.gstatic.com www.google.com 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
10	www.armytimes.com	www.fifthdomain.com d1voyiv1eh2vzr.cloudfront.net
7	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
7	www.google-analytics.com	www.fifthdomain.com www.google-analytics.com
6	googleads.g.doubleclick.net	82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com clarium.global.ssl.fastly.net
5	dv90bhm02uda6.cloudfront.net	www.fifthdomain.com dv90bhm02uda6.cloudfront.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fastlane.rubiconproject.com	d1voyiv1eh2vzr.cloudfront.net
5	www.gstatic.com	www.google.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.fifthdomain.com
4	googleads4.g.doubleclick.net	82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com www.fifthdomain.com
4	csp.azureedge.net	portal.cityspark.com csp.azureedge.net
4	ib.adnxs.com	2 redirects d1voyiv1eh2vzr.cloudfront.net googleads.g.doubleclick.net
4	connect.facebook.net	www.fifthdomain.com connect.facebook.net
4	www.googletagservices.com	d1voyiv1eh2vzr.cloudfront.net securepubads.g.doubleclick.net 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
4	d1voyiv1eh2vzr.cloudfront.net	www.fifthdomain.com
3	cdn.doubleverify.com	s0.2mdn.net www.fifthdomain.com cdn.doubleverify.com
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	capablecup.com	www.fifthdomain.com capablecup.com
3	82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net clarium.global.ssl.fastly.net
3	clarium.global.ssl.fastly.net	www.fifthdomain.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	d1voyiv1eh2vzr.cloudfront.net csp.azureedge.net
2	tps20226.doubleverify.com	cdn.doubleverify.com
2	secure.adnxs.com	1 redirects
2	eus.rubiconproject.com	d1voyiv1eh2vzr.cloudfront.net eus.rubiconproject.com
2	my.hellobar.com	www.googletagmanager.com my.hellobar.com
2	protected-by.clarium.io	82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
2	www.facebook.com	connect.facebook.net
2	www.googletagmanager.com	www.fifthdomain.com
1	ade.googlesyndication.com
1	d1d3jupgwm7m5r.cloudfront.net
1	video-api-cdn.mco.arcpublishing.com	dv90bhm02uda6.cloudfront.net
1	token.rubiconproject.com	eus.rubiconproject.com
1	acdn.adnxs.com	d1voyiv1eh2vzr.cloudfront.net
1	tps.doubleverify.com	cdn.doubleverify.com
1	code.createjs.com	s0.2mdn.net
1	ad.doubleclick.net	capablecup.com
1	686eb719.akstat.io	s.go-mpulse.net
1	ak.sail-horizon.com	www.googletagmanager.com
1	pixel.quantserve.com	portal.cityspark.com
1	cdn.jsdelivr.net	portal.cityspark.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	c.go-mpulse.net	s.go-mpulse.net
1	p.cityspark.com	portal.cityspark.com
1	p1.parsely.com	www.fifthdomain.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	d1z2jf7jlzjs58.cloudfront.net	www.fifthdomain.com
1	s.go-mpulse.net	www.fifthdomain.com
1	portal.cityspark.com	www.fifthdomain.com
1	fifthdomain.com	1 redirects
251	59

This site contains links to these domains. Also see Links.

Domain
link.fifthdomain.com
hub.fifthdomain.com
www.c4isrnet.com
cybercon.fifthdomain.com
www.federaltimes.com
www.facebook.com
twitter.com
www.linkedin.com
sightlinemediagroup.com
boards.greenhouse.io
www.militarytimes.com
www.airforcetimes.com
www.armytimes.com
www.marinecorpstimes.com
www.navytimes.com
www.defensenews.com
www.historynet.com

Subject Issuer	Validity	Valid
star.arcpublishing.com R3	`2021-04-02` - `2021-07-01`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.cityspark.com Go Daddy Secure Certificate Authority - G2	`2020-02-13` - `2022-04-13`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-05` - `2022-04-06`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-25` - `2022-03-26`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
capablecup.com R3	`2021-03-12` - `2021-06-10`	3 months	crt.sh
ak.sail-horizon.com Amazon	`2021-01-07` - `2022-02-04`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-25` - `2021-11-24`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
mco.arcpublishing.com Amazon	`2020-06-04` - `2021-07-04`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.fifthdomain.com/
Frame ID: 32BC2DE383E44CA933F7BA04ED9858E2
Requests: 132 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/5G5AE-KMGCC-C42VV-E7W82-35RPE
Frame ID: 85F83C8C6788225B4EE9C1B36FCCBE64
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvmUwUAAAAALnU4uCzuMVUdrSfky5tXlTl7LOh&co=aHR0cHM6Ly93d3cuZmlmdGhkb21haW4uY29tOjQ0Mw..&hl=en&v=539Evs44yecoSf-lkJBQzKKj&size=normal&cb=rilmi6ffslv3
Frame ID: 8F904CB688E691ECD4A3FBECCE0E721B
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=539Evs44yecoSf-lkJBQzKKj&k=6LdvmUwUAAAAALnU4uCzuMVUdrSfky5tXlTl7LOh&cb=o6msy5r2a4p2
Frame ID: AD182A5639F90B37769A90CA9C8E5A7B
Requests: 3 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 7BA5B5ACCC13AD17E2D632A3CD558130
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: FDA2102A3D78D094EB2CB2CD18B5D411
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: E9F8CF838036E5CCDE70B8B9FF87D5B1
Requests: 16 HTTP requests in this frame

Frame: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FF1F689AC9C61FD74E93B73650B684F9
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 12A18E225D9F6AEF82495983BB67A88F
Requests: 15 HTTP requests in this frame

Frame: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AA89D60C6BBEE0FFED942915F38AA04B
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 9F38466AC5631ED2348ABC60CB699E2B
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 13E0157A069651C44D9F5C09090A86C8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGNe5uqABMAE&v=APEucNUt3uUu7haFfPSdEg7rQOQVV55LzPGImjo_QP9yD8kwWB3RSXyZ176KJ1LOsz82AdmgOBf3j_vWvkIhx3ipdxqEF_4azTO9Xf7_lFV2sl1XK4ws1RAzx-OI0IPOABQtYusE-T0rkbinNEGzRm5MlMV-EFpomqblAvVg8XswDIiv-RBA1WkvsLTFpBVfMOcNcKqtjjdTvfi2K313Z5J9A1rwWWP8gg
Frame ID: 524424A6855DAEBE1C4884A30D5B98A8
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7sWxDIy8vEAhj6pbuiATAB&v=APEucNX7R2L8dN-fsMBHSF9LoT15Jfxonxc8IhIeAo5_JFz6KVUcvD8SDHryK_ipxI0gL7y6e9-IYpwMbXB5laC4ug9pqWPMVTrDv78Rlw3M4UGstN9DX-c59B02XhZS_2A56rylYy91t5Isctj7Z4mqqQh217Uur78uLqo6DNmVcMYCplsk5_vlQlR3izzwGC4PhAd1L-Feps-N3B6g9Lbfs1cF2_lsBQ
Frame ID: 8280ED28187942A7758312547E917779
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9EDB3A2098DD54DF50E2C8F179DB624B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
Frame ID: 5DB9DDFFE96E56F0B97EC1873C99E0F8
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C62A1B43E8BBB74818DCC243C4507738
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1165.js
Frame ID: 782D252749C047ED348984F60440C840
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/t2tv7.html
Frame ID: E5E1C0C3379F8C2747F3C71BE07C1012
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7DA8E94E62BDA8409D573067C4B5C544
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 79A148DCAB076252804F4D1C727EFD41
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://fifthdomain.com/ HTTP 301
http://www.fifthdomain.com/ HTTP 301
https://www.fifthdomain.com/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

251
Requests

99 %
HTTPS

55 %
IPv6

35
Domains

59
Subdomains

58
IPs

5
Countries

10494 kB
Transfer

16318 kB
Size

9
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://link.fifthdomain.com/join/5ft/sign-up?source=fif-nav/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://hub.fifthdomain.com/whitepapers/?source=fd-nav
Title: White Papers

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/cyber/2020/07/24/where-do-space-force-and-space-command-fit-into-the-pentagons-cyber-plans/
Title: Where do Space Force and Space Command fit into the Pentagon’s cyber plans?

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/cyber/2020/07/19/with-a-new-setup-the-air-force-hopes-to-improve-information-warfare-operations/
Title: With a new setup, the Air Force hopes to improve information warfare operations

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/information-warfare/2020/07/20/the-new-ways-the-military-is-fighting-against-information-warfare-tactics/
Title: The new ways the military is fighting against information warfare tactics

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/information-warfare/2020/07/15/air-force-information-warfare-command-reaches-critical-milestone/
Title: Air Force information warfare command reaches critical milestone

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/battlefield-tech/it-networks/5g/
Title: 5G: The Future Network

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/cyber/2020/07/27/covid-19-is-changing-the-air-forces-cyber-training/
Title: COVID-19 is changing the Air Force’s cyber training

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/smr/information-warfare/2020/07/26/how-the-defense-department-is-reorganizing-for-information-warfare/
Title: How the Defense Department is reorganizing for information warfare

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/smr/information-warfare/2020/07/23/memes-the-pandemic-and-the-new-tactics-of-information-warfare/
Title: Memes, the pandemic and the new tactics of information warfare

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/cyber/2020/07/23/us-air-force-seeks-research-to-boost-operational-technologys-cybersecurity/
Title: US Air Force seeks research to boost operational technology’s cybersecurity

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/smr/information-warfare/2020/07/21/the-armys-new-directorate-eyes-multidomain-integration/
Title: The Army’s new directorate eyes multidomain integration

Search URL Search Domain Scan URL

URL: https://link.fifthdomain.com/join/5ft/sign-up?source=QuickLinks
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://cybercon.fifthdomain.com/
Title: CyberCon

Search URL Search Domain Scan URL

URL: http://hub.fifthdomain.com/whitepapers/?source=QuickLinks
Title: Whitepapers

Search URL Search Domain Scan URL

URL: http://hub.fifthdomain.com/ebooks/
Title: E-Books

Search URL Search Domain Scan URL

URL: https://link.fifthdomain.com/join/5ft/sign-up
Title: For more newsletters click here

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/cyber/2020/06/30/senators-seek-to-cut-army-cyber-program-for-greater-joint-investment/
Title: Senators seek to cut Army cyber program for greater joint investment

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/cyber/2020/06/30/senate-wants-more-details-on-cyber-commands-tools/
Title: Senate wants more details on Cyber Command’s tools

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/cyber/2020/06/24/senate-wants-better-threat-sharing-between-pentagon-and-industry/
Title: Senate wants better threat sharing between Pentagon and industry

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/global/europe/2020/06/04/british-army-launches-its-first-cyberwar-regiment/
Title: British Army launches its first cyberwar regiment

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/it-networks/2020/06/23/four-ways-the-house-wants-military-it-to-improve/
Title: Four ways the House wants military IT to improve

Search URL Search Domain Scan URL

URL: https://www.federaltimes.com/management/career/2020/05/08/commissions-join-together-in-urging-congress-to-implement-federal-cyber-reforms/
Title: Commissions lobby for cyber reforms in the defense policy bill

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/cyber/2020/06/25/lightning-in-her-veins-how-katie-arrington-is-convincing-defense-contractors-to-love-cybersecurity/
Title: ‘Lightning in her veins’: How Katie Arrington is convincing defense contractors to love cybersecurity

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/opinion/2020/07/15/the-key-to-securing-the-defense-industrial-base-is-collaboration/
Title: The key to securing the defense industrial base is collaboration

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/opinion/2020/07/13/why-military-agencies-must-establish-cybersecurity-readiness-now-through-comply-to-connect/
Title: Why military agencies must establish cybersecurity readiness now through Comply-to-Connect

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/opinion/2020/07/06/understanding-russias-quest-to-rid-itself-of-foreign-tech/
Title: Understanding Russia’s quest to rid itself of foreign tech

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/opinion/commentary/2020/06/30/india-must-actively-protect-its-air-defense-systems-ooda-loop/
Title: India must actively protect its air defense systems’ OODA loop

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FifthDomain/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/theFifthDomain?lang=en
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fifth-domain-cyber
Title:

Search URL Search Domain Scan URL

URL: https://sightlinemediagroup.com/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://boards.greenhouse.io/sightlinemediagroup?gh_src=cpxe2a1
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.militarytimes.com/
Title: Military News

Search URL Search Domain Scan URL

URL: https://www.airforcetimes.com/
Title: Air Force News

Search URL Search Domain Scan URL

URL: https://www.armytimes.com/
Title: Army News

Search URL Search Domain Scan URL

URL: https://www.marinecorpstimes.com/
Title: Marine Corps News

Search URL Search Domain Scan URL

URL: https://www.navytimes.com/
Title: Navy News

Search URL Search Domain Scan URL

URL: https://www.defensenews.com/
Title: Defense News

Search URL Search Domain Scan URL

URL: https://www.federaltimes.com/
Title: Federal News

Search URL Search Domain Scan URL

URL: https://www.c4isrnet.com/
Title: C4ISR

Search URL Search Domain Scan URL

URL: https://www.historynet.com/
Title: History

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fifthdomain.com/ HTTP 301
http://www.fifthdomain.com/ HTTP 301
https://www.fifthdomain.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 157

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 173

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 174

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKLlLNNnUwH6dP8E0W6G3-k&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKLlLNNnUwH6dP8E0W6G3-k&google_cver=1&C=1

Request Chain 200

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YG8OWyNKLcz3MTfq1mV2ngAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKLlLNNnUwH6dP8E0W6G3-k&google_cver=1

Request Chain 201

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBWdAkGBp3FkxJ8zcfkB8pk&google_cver=1

Request Chain 202

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYzMDExNTE5ODc1MjE3ODA5Nw%3D%3D

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG2-T9O-sMPotE_tG0ewmRA&google_cver=1

Request Chain 204

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTViMzIzYWItOTNjMi0yNTEyLWYyNzAtNjEyNDMxZDMzNmVk

Request Chain 251

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

251 HTTP transactions
33 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.fifthdomain.com/
Redirect Chain

http://fifthdomain.com/
http://www.fifthdomain.com/
https://www.fifthdomain.com/

202 KB
38 KB

215ms
168ms

Document
text/html

2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: cc6fe81b4bff1f0210b6fc3ea5e3973666f75c6d0663acdd388eaa732851313f

Request headers

:method: GET
:authority: www.fifthdomain.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html;charset=UTF-8
server: openresty
x-akamai-transformed: 9 203583 0 pmb=mRUM,2
vary: Accept-Encoding
content-encoding: gzip
cache-control: private, max-age=60
expires: Thu, 08 Apr 2021 14:09:23 GMT
date: Thu, 08 Apr 2021 14:08:23 GMT
server-timing: cdn-cache; desc=HIT edge; dur=119

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://www.fifthdomain.com/
Cache-Control: private, max-age=0
Expires: Thu, 08 Apr 2021 14:08:23 GMT
Date: Thu, 08 Apr 2021 14:08:23 GMT
Connection: keep-alive
Server-Timing: cdn-cache; desc=HIT edge; dur=1

GET
H2 200 a4f27b03d9.css
www.fifthdomain.com/pb/gr/c/default/r0TtU0djSfaS5s/css/ 20 KB
4 KB 326ms
323ms Stylesheet
text/css 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifthdomain.com/pb/gr/c/default/r0TtU0djSfaS5s/css/a4f27b03d9.css?v=94
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 66d0f17e8e4eb78590da06bf24e1f3da4f6a64f5759c5d36e6eb24ee87d78fed

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
etag: "e857d"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=299
content-length: 4270
expires: Fri, 08 Apr 2022 14:08:24 GMT

GET
H2 200 fifthdomain.css
d1voyiv1eh2vzr.cloudfront.net/stable/style/themes/ 210 KB
20 KB 79ms
36ms Stylesheet
text/css 2600:9000:2016:a600:8:1b61:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1voyiv1eh2vzr.cloudfront.net/stable/style/themes/fifthdomain.css
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:a600:8:1b61:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dc7139804a226a261c44bf5d1dc06f4efc4c1cc166443f95266da83b2125954

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:23 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 17:39:59 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
etag: W/"72d6d11e20c4dffc399de7d9c211cffd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 10f98dde1a7268d8ae3e667259705b8c.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-id: OUsp_Cc26f8GPRIo83wlXEAwsiFfDbphctAnNaUk_kbvve67PHQLVA==

GET
H2 200 font-awesome.min.css
www.fifthdomain.com/pb/resources/assets/fontawesome/latest/css/ 30 KB
7 KB 300ms
297ms Stylesheet
text/css 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifthdomain.com/pb/resources/assets/fontawesome/latest/css/font-awesome.min.css?token=version7
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
etag: "26955"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=31536000
x-edgeconnect-cache-status: 0
server-timing: cdn-cache; desc=HIT, edge; dur=269
content-length: 7050
expires: Fri, 08 Apr 2022 14:08:24 GMT

GET
H2 200 style.css
www.fifthdomain.com/pb/gr/p/default/r0TtU0djSfaS5s/ 28 KB
5 KB 474ms
471ms Stylesheet
text/css 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifthdomain.com/pb/gr/p/default/r0TtU0djSfaS5s/style.css?v=94
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 64060800887732685fab0e8fa14cc12fd8ea09aade34bb8f7f361af17c7a1e54

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 19
date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
x-edgeconnect-midmile-rtt: 20
etag: "afa51"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=31536000
x-edgeconnect-cache-status: 1
server-timing: cdn-cache; desc=HIT, edge; dur=438
content-length: 4567
expires: Fri, 08 Apr 2022 14:08:24 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
www.fifthdomain.com/pb/resources/scripts/jquery/ 84 KB
30 KB 199ms
197ms Script
application/javascript 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifthdomain.com/pb/resources/scripts/jquery/jquery-2.2.4.min.js
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 19
date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
etag: "59925311-14e4a"
x-edgeconnect-midmile-rtt: 6
server-timing: cdn-cache; desc=HIT, edge; dur=157
content-length: 29855
last-modified: Tue, 15 Aug 2017 01:49:05 GMT
server: openresty
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 14:08:24 GMT

GET
H2 200 da39a3ee5e.js Show response
www.fifthdomain.com/pb/gr/c/default/r0TtU0djSfaS5s/load_immediately/ 0
225 B 373ms
371ms Script
application/javascript 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifthdomain.com/pb/gr/c/default/r0TtU0djSfaS5s/load_immediately/da39a3ee5e.js?v=94
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
etag: "d41d8"
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=323
content-length: 0
expires: Fri, 08 Apr 2022 14:08:24 GMT

GET
H2 200 prebid.js Show response
d1voyiv1eh2vzr.cloudfront.net/prebid/ 201 KB
64 KB 58ms
16ms Script
application/javascript 2600:9000:2016:a600:8:1b61:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1voyiv1eh2vzr.cloudfront.net/prebid/prebid.js?v=3.3.10
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:a600:8:1b61:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c07614e1f63f0e2a3ffa09b00d4f88c90c16becbbfe83360faa0a41dee8abc6

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 03:45:30 GMT
content-encoding: gzip
last-modified: Thu, 19 Mar 2020 16:08:15 GMT
server: AmazonS3
age: 42727
etag: W/"30bf11ab48c0a3c17cf61fc87df72863"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f98dde1a7268d8ae3e667259705b8c.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: yP2kO420dViIEjotKtk1B8xM6wDDUe4k4QYhoqXLqNqzaDl6cQxIkA==

GET
H2 200 dfp_helper.js Show response
d1voyiv1eh2vzr.cloudfront.net/utils/ 15 KB
5 KB 57ms
16ms Script
application/javascript 2600:9000:2016:a600:8:1b61:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1voyiv1eh2vzr.cloudfront.net/utils/dfp_helper.js
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:a600:8:1b61:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1ce9a1c99be6ac4c4bcb0ca8e5612e87388b4262d2a00b5da84d72df50da5d5

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 18:28:17 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 17:03:56 GMT
server: AmazonS3
age: 128504
etag: W/"22045ddc1e8f6e2944e05223066b57d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 10f98dde1a7268d8ae3e667259705b8c.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: Zvxz7G5s__Edlo2w8YJgEJV9wigF8St2KY8aYiwBx7TxufJdRTebkw==

GET
H2 200 5a71f9f4c6.js Show response
www.fifthdomain.com/pb/gr/c/default/r0TtU0djSfaS5s/load_immediately/ 2 KB
1 KB 427ms
425ms Script
application/javascript 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifthdomain.com/pb/gr/c/default/r0TtU0djSfaS5s/load_immediately/5a71f9f4c6.js?v=94
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 01b70ac7ac883903a1f1af229d5f33f0384fc979c0783de2a9013578d5a11e4a

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
etag: "9ae6a"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=371
content-length: 850
expires: Fri, 08 Apr 2022 14:08:24 GMT

GET
H2 200 fifthdomain.js Show response
d1voyiv1eh2vzr.cloudfront.net/prebid/config/ 273 B
608 B 75ms
34ms Script
application/javascript 2600:9000:2016:a600:8:1b61:ddc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1voyiv1eh2vzr.cloudfront.net/prebid/config/fifthdomain.js
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:a600:8:1b61:ddc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a56bde91c3e09d7388ec0ad58e30a4c720ba0503dc3f9f52aeffd8974050db42

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:22 GMT
via: 1.1 10f98dde1a7268d8ae3e667259705b8c.cloudfront.net (CloudFront)
last-modified: Mon, 06 Apr 2020 13:27:59 GMT
server: AmazonS3
age: 42902
etag: "055156eb37d4be0a815feed01ee7af72"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
content-length: 273
x-amz-cf-id: ispTiGqReLjUFcFwPGpQJaoBPKKMtG0IxJqOz9DI8NWlQmLPXPWbGg==

GET
H2 200 fifth-logo-white-flat.svg
www.fifthdomain.com/pb/resources/assets/svg/ 2 KB
1 KB 46ms
41ms Image
image/svg+xml 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fifthdomain.com/pb/resources/assets/svg/fifth-logo-white-flat.svg
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: cec34d3e7840270cb13131064d669a95e8862575f045bf0c072f1845b207ad05

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2017 01:49:23 GMT
server: openresty
etag: "59925323-7d1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: private, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=7
accept-ranges: bytes
content-length: 906
expires: Fri, 08 Apr 2022 14:08:24 GMT

GET
H2 200 t_bb437a9f733c45fda018d2572afd3061_name_New_Mil_Thumb_Final.jpg
www.armytimes.com/resizer/RQ7rd_cudnKfexRdshz6geOEQQg=/350x233/filters:quality(100)/d2nzl2jt8r9iyg.cloudfront.net/01-22-2021/ 18 KB
19 KB 69ms
36ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.armytimes.com/resizer/RQ7rd_cudnKfexRdshz6geOEQQg=/350x233/filters:quality(100)/d2nzl2jt8r9iyg.cloudfront.net/01-22-2021/t_bb437a9f733c45fda018d2572afd3061_name_New_Mil_Thumb_Final.jpg
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Server /
Resource Hash: 1ffe069ec3d46a4edbc4c237e36d9efb10bc3b6a558d543576d5243f7ffea9f9

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "74eb97f0c616ce0cb0aaf472a46801d6bd6d5d85"
content-type: image/jpeg
cache-control: private, max-age=25750203
server-timing: cdn-cache; desc=HIT, edge; dur=17
content-length: 18752
expires: Mon, 31 Jan 2022 14:58:27 GMT

GET
H2 200 t_f1542cff05a04f009e42ba4552811cbd_name_AI_Work_from_Home.jpg
www.armytimes.com/resizer/80bwjkpGLwOdQoQ4ph9J6ZSPoEM=/350x233/filters:quality(100)/d2nzl2jt8r9iyg.cloudfront.net/12-29-2020/ 24 KB
24 KB 71ms
38ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.armytimes.com/resizer/80bwjkpGLwOdQoQ4ph9J6ZSPoEM=/350x233/filters:quality(100)/d2nzl2jt8r9iyg.cloudfront.net/12-29-2020/t_f1542cff05a04f009e42ba4552811cbd_name_AI_Work_from_Home.jpg
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Server /
Resource Hash: 1b5c387112856e5a1543fba69ba4ff98ddc561fbd03d4ebf92adadd04762dd15

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "ba992e05660b49171ecd94a8003942f0674dbe9c"
content-type: image/jpeg
cache-control: private, max-age=22986389
server-timing: cdn-cache; desc=MISS, edge; dur=-499, origin; dur=513
content-length: 24265
expires: Thu, 30 Dec 2021 15:14:53 GMT

GET
H2 200 t_8aae89ec7320471eb9acbf1888e3a02b_name_5_EW_Copy_01_00_00_18_22_Still006.jpg
www.armytimes.com/resizer/wnkwdz0awKAa4eZq7nVo1vxFxgc=/350x233/filters:quality(100)/d2nzl2jt8r9iyg.cloudfront.net/12-30-2019/ 17 KB
17 KB 75ms
42ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.armytimes.com/resizer/wnkwdz0awKAa4eZq7nVo1vxFxgc=/350x233/filters:quality(100)/d2nzl2jt8r9iyg.cloudfront.net/12-30-2019/t_8aae89ec7320471eb9acbf1888e3a02b_name_5_EW_Copy_01_00_00_18_22_Still006.jpg
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Server /
Resource Hash: c383a4219542a2d51d884d06a76334097e9235b9d2c19d41f259a39fe11a051c

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "e52e7b9e826a504ca1de913be5ec2112496ccfad"
content-type: image/jpeg
cache-control: private, max-age=22908283
server-timing: cdn-cache; desc=HIT, edge; dur=25
content-length: 17316
expires: Wed, 29 Dec 2021 17:33:07 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
704 B 28ms
24ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b29cf157201a5fa56c82cde303c6f7e86b49f56c4e01286e2e749f0b5651a0c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Thu, 08 Apr 2021 14:08:24 GMT

GET
H/1.1 200
OK widget.min.js Show response
portal.cityspark.com/js/ 3 KB
1 KB 689ms
158ms Script
application/x-javascript 40.112.243.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.cityspark.com/js/widget.min.js
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.112.243.12 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ccd6d32e24ec18ac811591d6cf517a2199da6c29afe460cc3b251cf76eef7f10

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 14:08:24 GMT
Content-Encoding: gzip
ETag: "0a28575ee4bd61:0"
Last-Modified: Fri, 26 Jun 2020 19:17:40 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Arr-Disable-Session-Affinity: true
Accept-Ranges: bytes
Content-Length: 1090

GET
H2 200 facebook-white.svg
www.fifthdomain.com/pb/resources/assets/svg/icons/ 351 B
509 B 45ms
42ms Image
image/svg+xml 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fifthdomain.com/pb/resources/assets/svg/icons/facebook-white.svg
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 031df97a8345d64c99d932f9a5f68fe225052c834fe4d436fd0f8588d015d594

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2017 01:49:23 GMT
server: openresty
etag: "59925323-15f"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: private, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=8
accept-ranges: bytes
content-length: 257
expires: Fri, 08 Apr 2022 14:08:24 GMT

GET
H2 200 twitter-white.svg
www.fifthdomain.com/pb/resources/assets/svg/icons/ 820 B
681 B 62ms
59ms Image
image/svg+xml 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fifthdomain.com/pb/resources/assets/svg/icons/twitter-white.svg
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 336b54c24b2cd76c8434f81b3953138c4dccb207a4bdf9b0801d6e4364482d31

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2017 01:49:23 GMT
server: openresty
etag: "59925323-334"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: private, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=7
accept-ranges: bytes
content-length: 429
expires: Fri, 08 Apr 2022 14:08:24 GMT

GET
H2 200 linkedin-white.svg
www.fifthdomain.com/pb/resources/assets/svg/icons/ 1022 B
862 B 64ms
61ms Image
image/svg+xml 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fifthdomain.com/pb/resources/assets/svg/icons/linkedin-white.svg
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 08476e3bfe9a4535fec4ad2be6846eaf0caadb3474c41c180c2394f7bc429bc1

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
last-modified: Tue, 15 Aug 2017 01:49:22 GMT
server: openresty
etag: "59925322-3fe"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: private, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=12
accept-ranges: bytes
content-length: 612
expires: Fri, 08 Apr 2022 14:08:24 GMT

GET
H2 200 e48668fcac.js Show response
www.fifthdomain.com/pb/gr/c/default/r0TtU0djSfaS5s/js/ 8 KB
3 KB 366ms
366ms Script
application/javascript 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifthdomain.com/pb/gr/c/default/r0TtU0djSfaS5s/js/e48668fcac.js?v=94
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 33b8266e55aac519cbd73f53d4ce1f7b46ca07ef65648734e748c8bc166152a5

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
etag: "626dc"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=16878518
server-timing: cdn-cache; desc=HIT, edge; dur=342
content-length: 2362
expires: Wed, 20 Oct 2021 22:37:02 GMT

GET
H2 200 39e9e0f450.js Show response
www.fifthdomain.com/pb/gr/c/default/r0TtU0djSfaS5s/footjs/ 167 KB
39 KB 364ms
363ms Script
application/javascript 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifthdomain.com/pb/gr/c/default/r0TtU0djSfaS5s/footjs/39e9e0f450.js?v=94
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: e0eddae0a944a84b24c57b5f23633669029eb57472d8a43987874b10a2f2dbf9

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
etag: "85b5c"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=31536000
x-edgeconnect-cache-status: 0
server-timing: cdn-cache; desc=HIT, edge; dur=336
content-length: 39770
expires: Fri, 08 Apr 2022 14:08:24 GMT

GET
H2 200 render.js Show response
www.fifthdomain.com/pb/gr/p/default/r0TtU0djSfaS5s/ 13 KB
4 KB 318ms
312ms Script
application/javascript 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifthdomain.com/pb/gr/p/default/r0TtU0djSfaS5s/render.js?v=94
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 61d15f3f48dc88a6a9bd3fd7454f017f217fcabe73b4aea19335c04eac4f8a74

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
etag: "9450a"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=16878517
server-timing: cdn-cache; desc=HIT, edge; dur=281
content-length: 3732
expires: Wed, 20 Oct 2021 22:37:01 GMT

GET
H2 200 icon
fonts.googleapis.com/ 591 B
466 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons&display=block

Requested by

Host: d1voyiv1eh2vzr.cloudfront.net
URL: https://d1voyiv1eh2vzr.cloudfront.net/stable/style/themes/fifthdomain.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

227e9a173f8c78a7148af7f2d66bcd2e93bab54d07b122a18f26368705b30ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://d1voyiv1eh2vzr.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Apr 2021 14:08:23 GMT
server: ESF
date: Thu, 08 Apr 2021 14:08:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Apr 2021 14:08:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 4898
date: Thu, 08 Apr 2021 12:46:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 08 Apr 2021 14:46:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
42 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W4XB555

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c8c241db188026a214e5e50e83c7542c13b43628f07bcfdddac28c2dd4d656e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42534
x-xss-protection: 0
last-modified: Thu, 08 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Apr 2021 14:08:24 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 60 KB
20 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: d1voyiv1eh2vzr.cloudfront.net
URL: https://d1voyiv1eh2vzr.cloudfront.net/utils/dfp_helper.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e10ae42c5bcedb77583cc52f40c2c2f5020c3135e961cf30b156be91ddc95cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "836 / 164 of 1000 / last-modified: 1617880698"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20380
x-xss-protection: 0
expires: Thu, 08 Apr 2021 14:08:24 GMT

GET
H2 200 5G5AE-KMGCC-C42VV-E7W82-35RPE Show response
s.go-mpulse.net/boomerang/ Frame 85F8 202 KB
51 KB 289ms
263ms Script
application/javascript 2a02:26f0:7100:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/5G5AE-KMGCC-C42VV-E7W82-35RPE
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: br
last-modified: Sun, 31 Jan 2021 09:09:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 41ms
12ms Script
application/x-javascript 2a03:2880:f036:1d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f036:1d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a6457ba9ed1145b70ecfa8fca1450c9fd4c26f93a3b5cbbe85fb975414392902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jsgTNSu/W01e7KrIhuOqUA==
cross-origin-resource-policy: cross-origin
expires: Thu, 08 Apr 2021 14:15:38 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: OkfGLn8+emu+yLl1orbS1LG1p7uweF1WHUrydPm+EAKMdf4I9ACY+Swk5/gArKJ1NPoGzpo3RTwmDws03wdWqw==
x-fb-trip-id: 512678718
x-fb-content-md5: 8133271ea06b2b3807c9c76c45af4c13
date: Thu, 08 Apr 2021 14:08:24 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "fa664c27eb0cc29ccc7687044ccc0f75"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 fontawesome-webfont.woff2
www.fifthdomain.com/pb/resources/assets/fontawesome/latest/fonts/ 75 KB
76 KB 58ms
58ms Font
application/octet-stream 2.16.186.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fifthdomain.com/pb/resources/assets/fontawesome/latest/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/pb/resources/assets/fontawesome/latest/css/font-awesome.min.css?token=version7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.176 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-176.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://www.fifthdomain.com
Referer: https://www.fifthdomain.com/pb/resources/assets/fontawesome/latest/css/font-awesome.min.css?token=version7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
server: openresty
etag: "af7ae"
access-control-allow-origin: *
cache-control: private, max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=3
content-length: 77160
expires: Fri, 08 Apr 2022 14:08:24 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d9b5f969354c3ad1578d8cc97cc9dd646b210e221a6e9c18da81a281d57b502

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28a513b49b5f50f01a809cdde2c8a94e16784b33805c372760fd2aa7894567ac

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feda8744d27a41b56d4a3fc7575797afd46c4b4dd6efea4423df2d5abf426bbb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 738 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c2017b988362e8c21fc540af1706db31d3c2b46454660eaaaccd81b140e5694

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2184a51a8e785a20e79a4341d62338fcfe092a06b695a338c40503e969e7fd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 447 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dbc83a19de5e53675d94ac530e42b76a05af58bb9620aa6b4dcc57f76059494

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 501 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a2575a994b2fe26c09d98d446aa58310a669d3cf1fd71866154f9a0184a5b8a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 707 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0d6c86638502af9d06d0eb5b782fcbee6c6a8dfccf5538c303dc40180f961ee

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04937e25b28260f6aa96329aa6cc39e4c3c86cba9214d238f36b066ef5e807ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 681 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59b8dbaa96769486a1e0e6d71c20a1717f3bc92e14acd24d153b9cffa5ac0937

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 674 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3d9677aacfb2e418e882b5a96b9bd135e58b9a61dc5d26087dd635c82e9545c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 486 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a05330886d937516987d1c1d609d6b105ea768bff237e6bb2dc86220b3970ab7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 713 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1444e03f38e58fc1861d03ca2fac00f6c9d864953f9319486203643299b814e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0613c744e0d2779f9f692ac6c571421847cb28117fba1bd78519855ec6821afe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7e540d639d9fb743e1c73aeba2ab6526941ee81766e6d83a2a04c3e26ca3dae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68a4a1b84344550042195a8dcada7e7879122fd9e77dfa06a3b3e8d3fe5f77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cd16995b481c31b07518cdea1d4ef7354944dd90413da0b50748a3d271f6115

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22fe9bedfa6db2dccb780bb092b172a86175e2ed3bf92d235f64066d47162049

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84d5fb424739d36af2200d9a1556a50a38b573a9245e0729285c230927040fa6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28143c95b989b8fee05202abe07c1d0a8f1f7d8e70f1d500d9286459ea062870

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v83/ 100 KB
100 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v83/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

772d0bb40223f70dc0c1caa7a571f3fa516d7863fd8721e4ebab33de77577f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.fifthdomain.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 22:29:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:05:26 GMT
server: sffe
age: 574716
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102004
x-xss-protection: 0
expires: Fri, 01 Apr 2022 22:29:48 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 199 KB
61 KB 37ms
12ms Script
application/x-javascript 2a03:2880:f036:1d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=cd65e0d445bb8439e5f91fd6732f4d45&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f036:1d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

619db9e388cc319e86a8fac31bf89e4b934e85624f65bd43e54acaf620bb16f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.fifthdomain.com
Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 55nyLobhjRlE6/ttJmOWRg==
cross-origin-resource-policy: cross-origin
expires: Fri, 08 Apr 2022 12:17:54 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 61302
x-fb-rlafr: 0
x-fb-debug: Fwbx9+ldT6BqPw9AOlaK97NDmlsx1H+6AwIcFOmax+9FuZp3DC5ZbiMoh254oBrHCOKaFKw1Bze1Tgm6z2l5Kw==
x-fb-trip-id: 512678718
x-fb-content-md5: 1fc271384a4d3388509e6882726b8d39
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 08 Apr 2021 14:08:24 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5d8576a88f6b7d310e9b1a496c857a42"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 t_307937c7264b49abafdcc7f23f20f102_name_Screen_Shot_2021_02_05_at_1_53_31_PM.png
www.armytimes.com/resizer/EUW5JwZDSfLsxIJbbrGYGPYLPfE=/350x197/filters:quality(100)/d2nzl2jt8r9iyg.cloudfront.net/02-05-2021/ 21 KB
21 KB 280ms
280ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.armytimes.com/resizer/EUW5JwZDSfLsxIJbbrGYGPYLPfE=/350x197/filters:quality(100)/d2nzl2jt8r9iyg.cloudfront.net/02-05-2021/t_307937c7264b49abafdcc7f23f20f102_name_Screen_Shot_2021_02_05_at_1_53_31_PM.png
Requested by: Host: d1voyiv1eh2vzr.cloudfront.net
URL: https://d1voyiv1eh2vzr.cloudfront.net/stable/style/themes/fifthdomain.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Server /
Resource Hash: 23fd6a695ed67d14664a5fe9e04bf594e8c142604008966ced1a9ac65300dfb1

Request headers

Referer: https://d1voyiv1eh2vzr.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "0331f7f122b44ed37fd33460202163e87851531f"
content-type: image/jpeg
cache-control: private, max-age=26439984
server-timing: cdn-cache; desc=HIT, edge; dur=269
content-length: 21591
expires: Tue, 08 Feb 2022 14:34:48 GMT

GET
H2 200 pubads_impl_2021040101.js Show response
securepubads.g.doubleclick.net/gpt/ 286 KB
101 KB 44ms
14ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060696

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 08:39:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103004
x-xss-protection: 0
expires: Thu, 08 Apr 2021 14:08:24 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/ 333 KB
130 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c650e4060b014920f3496b56f6fc1ba0ea77ea1bfd25e4d172e5d265879d552a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.fifthdomain.com
Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3408
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132831
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 04:03:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 13:11:36 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 865d58958026e9e613d8bbcb55d168ff89854eac1c1d88d091688a51ce63d995

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0067d0441ac5d66d8e942a1131dd2d3dc511b33944867d2825f8fa038b19047

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40d77e79d3c8e0dc1491cbbe031791d2fae4bbffea3a2cff6056e5ec9eb95227

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fc197226f4a180914c4cba28ba399aaae0409218f0be477aa4d19c182c29d88

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afafdd3efe843886f234783a517d43eccdf9f32cb1a47a7d3abffd70e7679de9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 708 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2363e252ee24955ea6558767ffd7f9fb7adc263e782a7e0e77633abbe263581d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1d105ae50cf12dfb49bcaed73c7ea73f6ab28fa94546654d5d79d8a3f39321e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 674 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b16d732ed99d3b744e7b339649cc69980abf012b866a243e698120d8e7ceb646

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 94 KB
36 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KSHSVFX&t=gtm2&cid=446842817.1617890905

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a676d0a55246e2fc0b85dcc9cd79bfc3bf298ca3f998e4064a7df38d30aa855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37142
x-xss-protection: 0
expires: Thu, 08 Apr 2021 14:08:24 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 81ms
33ms Script
application/x-javascript 13.226.156.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-101.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 03:17:13 GMT
Via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
Age: 39071
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/x-javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: cM2q3CtTpI67gJcURGtUQRMUEG3fPpwgILrBk1ceFujwrYoIc68cyA==
Expires: Fri, 09 Apr 2021 03:17:13 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 178 KB
55 KB 46ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PZK5NC5

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

640cafaab6c7310ba67ecbaee15337692a2e255612d7d778f6b2bc6a929c2db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56294
x-xss-protection: 0
last-modified: Thu, 08 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Apr 2021 14:08:24 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
88 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-83055206-1&cid=446842817.1617890905&jid=1286921036&gjid=1018292101&_gid=135463717.1617890905&_u=aGDAgEADQAAAAE~&z=1509477715

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Apr 2021 14:08:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.fifthdomain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
113 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=754276220&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fifthdomain.com%2F&ul=en-us&de=UTF-8&dt=Fifth%20Domain%3A%20Cyber&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGjAAEADQAAAAG~&jid=228236223&gjid=482661148&cid=446842817.1617890905&tid=UA-64771074-2&_gid=295898925.1617890905&_r=1&gtm=2wg3v0W4XB555&cd1=&cd2=Fifth%20Domain%2C%20cyber%2C%20infosec%2C%20cybersecurity%2C%20cyberspace%2C%20cyberwar&cd3=Section&cd8=%2F&cd12=Home&cd16=0&z=1701103894

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fifthdomain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
120 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=754276220&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fifthdomain.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Fifth%20Domain%3A%20Cyber&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQ~&jid=1286921036&gjid=1018292101&cid=446842817.1617890905&tid=UA-83055206-1&_gid=135463717.1617890905&gtm=2wg3v0W4XB555&cd1=&cd2=Fifth%20Domain%2C%20cyber%2C%20infosec%2C%20cybersecurity%2C%20cyberspace%2C%20cyberwar&cd3=Section&cd8=%2F&cd12=Home&z=724527144

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43522
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KYOYQNWSMFDZHJQ535HOEIPDZ4.jpg
www.armytimes.com/resizer/biruNxmHS5Jm3EDYgKK-IOarGYo=/540x303/filters:quality(100)/cloudfront-us-east-1.images.arcpublishing.com/mco/ 43 KB
44 KB 55ms
54ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.armytimes.com/resizer/biruNxmHS5Jm3EDYgKK-IOarGYo=/540x303/filters:quality(100)/cloudfront-us-east-1.images.arcpublishing.com/mco/KYOYQNWSMFDZHJQ535HOEIPDZ4.jpg
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Server /
Resource Hash: 3c316ead557dc2d5c8a86336ff59c4463ebe43070d07daedb7c0cf858d4016be

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "853463a4c63a8abd8bd54f92e69f410dc49ef2f2"
content-type: image/jpeg
cache-control: private, max-age=16877903
server-timing: cdn-cache; desc=HIT, edge; dur=42
content-length: 44236
expires: Wed, 20 Oct 2021 22:26:47 GMT

GET
H2 200 F6OXSRCDB5F7JD2GPMXBNBM4X4.jpg
www.armytimes.com/resizer/xkctBCm2ReqLQepuCcGb-qVXVjM=/540x303/filters:quality(100)/cloudfront-us-east-1.images.arcpublishing.com/mco/ 45 KB
46 KB 40ms
39ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.armytimes.com/resizer/xkctBCm2ReqLQepuCcGb-qVXVjM=/540x303/filters:quality(100)/cloudfront-us-east-1.images.arcpublishing.com/mco/F6OXSRCDB5F7JD2GPMXBNBM4X4.jpg
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Server /
Resource Hash: caa3a42dfca23257a9a01744c0a24ef80d2372a1e9fed385665478423c4f4ac7

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "1641468cc392d681103ec02301a87231e4887eaa"
content-type: image/jpeg
cache-control: private, max-age=16877836
server-timing: cdn-cache; desc=HIT, edge; dur=22
content-length: 46330
expires: Wed, 20 Oct 2021 22:25:40 GMT

GET
H2 200 CDZQ4FCFRVF2TPVCBIDEBJDRHM.jpg
www.armytimes.com/resizer/BMw7zGnlF8J3F99Wp4666PKGO8A=/540x303/filters:quality(100)/cloudfront-us-east-1.images.arcpublishing.com/mco/ 40 KB
40 KB 52ms
51ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.armytimes.com/resizer/BMw7zGnlF8J3F99Wp4666PKGO8A=/540x303/filters:quality(100)/cloudfront-us-east-1.images.arcpublishing.com/mco/CDZQ4FCFRVF2TPVCBIDEBJDRHM.jpg
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Server /
Resource Hash: 8e839ec99bf300782abd11506b139f2a66fcf9074888dd398b9125018d30f864

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "67b2c9e6a8ed773a9cb915f045d99ebc4fdc3d8f"
content-type: image/jpeg
cache-control: private, max-age=16877842
server-timing: cdn-cache; desc=MISS, edge; dur=-1555, origin; dur=1583
content-length: 40663
expires: Wed, 20 Oct 2021 22:25:46 GMT

GET
H2 200 UDK66CTJERDGRIDVCMDWMKCF5U.jpg
www.armytimes.com/resizer/BYYyr7h-Im-0vPWGXcge04NdRRQ=/540x303/filters:quality(100)/cloudfront-us-east-1.images.arcpublishing.com/mco/ 20 KB
20 KB 45ms
44ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.armytimes.com/resizer/BYYyr7h-Im-0vPWGXcge04NdRRQ=/540x303/filters:quality(100)/cloudfront-us-east-1.images.arcpublishing.com/mco/UDK66CTJERDGRIDVCMDWMKCF5U.jpg
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Server /
Resource Hash: 04041fffb12e3e71cfd538c920ae9041e7608e440495c894fc27eb26189d938b

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "d59ddb78b533a952ee68c6dfd76f51ef20739ae2"
content-type: image/jpeg
cache-control: private, max-age=16877784
server-timing: cdn-cache; desc=MISS, edge; dur=-558, origin; dur=573
content-length: 19994
expires: Wed, 20 Oct 2021 22:24:48 GMT

GET
H2 200 YHZXDIPFHZESBB2L7QEWCFJA3I.JPG
www.armytimes.com/resizer/tzjCT512NExnMe_ghjZ9i2YBe4w=/540x303/filters:quality(100)/cloudfront-us-east-1.images.arcpublishing.com/mco/ 23 KB
24 KB 63ms
63ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.armytimes.com/resizer/tzjCT512NExnMe_ghjZ9i2YBe4w=/540x303/filters:quality(100)/cloudfront-us-east-1.images.arcpublishing.com/mco/YHZXDIPFHZESBB2L7QEWCFJA3I.JPG
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Server /
Resource Hash: 0b8184cdea75a29d7d353e702074c65be7507a2a0e5fd91f909fbf9e588cce85

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:24 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "f89329f7d02254d94261d5af335caeed57bb7588"
content-type: image/jpeg
x-edgeconnect-cache-status: 1
cache-control: private, max-age=16877872
server-timing: cdn-cache; desc=MISS, edge; dur=-523, origin; dur=550
content-length: 23907
expires: Wed, 20 Oct 2021 22:26:16 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 8F90 20 KB
11 KB 29ms
28ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvmUwUAAAAALnU4uCzuMVUdrSfky5tXlTl7LOh&co=aHR0cHM6Ly93d3cuZmlmdGhkb21haW4uY29tOjQ0Mw..&hl=en&v=539Evs44yecoSf-lkJBQzKKj&size=normal&cb=rilmi6ffslv3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2cb6c144e7f9c6d9cd03f83dc7e2c8b217b7672269fe158bebf0f7c7e2cedc9d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EelEajqeFfn2JCfvVcJyxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdvmUwUAAAAALnU4uCzuMVUdrSfky5tXlTl7LOh&co=aHR0cHM6Ly93d3cuZmlmdGhkb21haW4uY29tOjQ0Mw..&hl=en&v=539Evs44yecoSf-lkJBQzKKj&size=normal&cb=rilmi6ffslv3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fifthdomain.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.fifthdomain.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Apr 2021 14:08:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-EelEajqeFfn2JCfvVcJyxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11217
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p.js Show response
cdn.parsely.com/keys/fifthdomain.com/ 66 KB
23 KB 61ms
18ms Script
application/x-javascript 54.230.180.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/fifthdomain.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.180.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-180-67.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 49c91f41b553f7ae822ffd2fd6057211171b57cb5a214fc072e26715ff0d1d1c

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 08 Apr 2021 04:46:31 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 19:25:03 GMT
server: nginx
age: 33713
etag: W/"602ebf0f-10715"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 9a017d15c75b3a14dee95340cd7042cb.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: pNoGhAEVDHbYrmFj7GfAzkW-CHBrmy4QEvmK9A2Toj2IXisJ2p5iRw==
expires: Fri, 09 Apr 2021 04:46:31 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
424 B 51ms
22ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-64771074-2&cid=446842817.1617890905&jid=228236223&gjid=482661148&_gid=295898925.1617890905&_u=aGjAAEADQAAAAG~&z=1423211914

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Apr 2021 14:08:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.fifthdomain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wrap.js Show response
clarium.global.ssl.fastly.net/gpt/a/ 135 KB
40 KB 39ms
8ms Script
text/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b9c890370dcc6e0ecab6d3e1de05e797ec893c8fb4d3f5e0715cd862d2ab7142

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 14:08:25 GMT
Via: 1.1 varnish
Server: nginx
Age: 15
X-Served-By: cache-hhn4033-HHN
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript;charset=UTF-8
Content-Encoding: gzip
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Connection: keep-alive
Accept-Ranges: bytes
X-Timer: S1617890905.011663,VS0,VE0
Content-Length: 40184
X-Cache-Hits: 9

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 415ms
99ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1617890905037&plid=9965047&idsite=fifthdomain.com&url=https%3A%2F%2Fwww.fifthdomain.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.fifthdomain.com%2F&sref=&sts=1617890905029&slts=0&title=Fifth+Domain%3A+Cyber&date=Thu+Apr+08+2021+16%3A08%3A25+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=23589534&u=pid%3D54fef6871947b2ad1fc3b55dd17a1833
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 14:08:25 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 08-Apr-2021 14:08:25 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/ Frame 8F90 50 KB
25 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvmUwUAAAAALnU4uCzuMVUdrSfky5tXlTl7LOh&co=aHR0cHM6Ly93d3cuZmlmdGhkb21haW4uY29tOjQ0Mw..&hl=en&v=539Evs44yecoSf-lkJBQzKKj&size=normal&cb=rilmi6ffslv3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fcb26c87712320932ea7fb2434ba2737af71b6e96dd238dbcb312e454992837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 01:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 04:03:42 GMT
server: sffe
age: 217983
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25506
x-xss-protection: 0
expires: Wed, 06 Apr 2022 01:35:22 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/ Frame 8F90 333 KB
130 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c650e4060b014920f3496b56f6fc1ba0ea77ea1bfd25e4d172e5d265879d552a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3409
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132831
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 04:03:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 13:11:36 GMT

GET
H/1.1 200
OK widgetinfo Show response
p.cityspark.com/api/widgets/ 12 KB
4 KB 746ms
159ms Script
application/json 52.160.40.218
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cityspark.com/api/widgets/widgetinfo?wid=8797&callback=jsonp1617891503876
Requested by: Host: portal.cityspark.com
URL: https://portal.cityspark.com/js/widget.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0719d944be3ee0e268d1850d382272b5288d842d7f0368bebc4af6a13cd41fa0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 14:08:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8

GET
H3-Q050 200 g-ytAvc0uT2OS__BEmyXFuORtcgdDkDfxjRftpS8ZKo.js Show response
www.google.com/js/bg/ Frame 8F90 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/g-ytAvc0uT2OS__BEmyXFuORtcgdDkDfxjRftpS8ZKo.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83ecad02f734b93d8e4bffc1126c9716e391b5c81d0e40dfc6345fb694bc64aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvmUwUAAAAALnU4uCzuMVUdrSfky5tXlTl7LOh&co=aHR0cHM6Ly93d3cuZmlmdGhkb21haW4uY29tOjQ0Mw..&hl=en&v=539Evs44yecoSf-lkJBQzKKj&size=normal&cb=rilmi6ffslv3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:01:38 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 407
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5739
x-xss-protection: 0
expires: Fri, 08 Apr 2022 14:01:38 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 8F90 102 B
277 B 16ms
16ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=539Evs44yecoSf-lkJBQzKKj

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

323a404da27563a474e80ef101218c27d83d425c4a3390b18e9b4cda31cc926e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvmUwUAAAAALnU4uCzuMVUdrSfky5tXlTl7LOh&co=aHR0cHM6Ly93d3cuZmlmdGhkb21haW4uY29tOjQ0Mw..&hl=en&v=539Evs44yecoSf-lkJBQzKKj&size=normal&cb=rilmi6ffslv3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 08 Apr 2021 14:08:25 GMT

GET
H3-Q050 200 bframe Show response
www.google.com/recaptcha/api2/ Frame AD18 7 KB
1 KB 21ms
20ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=539Evs44yecoSf-lkJBQzKKj&k=6LdvmUwUAAAAALnU4uCzuMVUdrSfky5tXlTl7LOh&cb=o6msy5r2a4p2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e0bd112f460792bb129a4a06d4613c7a6358ae4004cb1b0c68e8b15b87e6640c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iRj7BWXaopQmRdgwLVkkUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=539Evs44yecoSf-lkJBQzKKj&k=6LdvmUwUAAAAALnU4uCzuMVUdrSfky5tXlTl7LOh&cb=o6msy5r2a4p2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fifthdomain.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.fifthdomain.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Apr 2021 14:08:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-iRj7BWXaopQmRdgwLVkkUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/ Frame AD18 50 KB
25 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=539Evs44yecoSf-lkJBQzKKj&k=6LdvmUwUAAAAALnU4uCzuMVUdrSfky5tXlTl7LOh&cb=o6msy5r2a4p2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fcb26c87712320932ea7fb2434ba2737af71b6e96dd238dbcb312e454992837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 01:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 04:03:42 GMT
server: sffe
age: 217983
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25506
x-xss-protection: 0
expires: Wed, 06 Apr 2022 01:35:22 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/ Frame AD18 333 KB
130 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/539Evs44yecoSf-lkJBQzKKj/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=539Evs44yecoSf-lkJBQzKKj&k=6LdvmUwUAAAAALnU4uCzuMVUdrSfky5tXlTl7LOh&cb=o6msy5r2a4p2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c650e4060b014920f3496b56f6fc1ba0ea77ea1bfd25e4d172e5d265879d552a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3409
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132831
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 04:03:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 13:11:36 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 85F8 607 B
880 B 49ms
34ms XHR
application/json 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=5G5AE-KMGCC-C42VV-E7W82-35RPE&d=www.fifthdomain.com&t=5392970&v=1.632.0&if=&sl=0&si=sx7ax6hk7mg-qr90m0&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=642053
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/5G5AE-KMGCC-C42VV-E7W82-35RPE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d32aa111686f84b22ac196a4d3e95c426105c5ba54b38d8d732edac79b40d2a9

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 08 Apr 2021 14:08:25 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 607
Content-Type: application/json

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 303 B
1 KB 291ms
31ms XHR
application/json 213.19.162.21
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17856&site_id=318040&zone_id=1632804&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.fifthdomain.com%2F&tk_flint=pbjs_lite_v3.13.0-pre&x_source.tid=0dc1ab74-bdfd-4607-8ffa-8025adbfed20&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9520923800285441
Requested by: Host: d1voyiv1eh2vzr.cloudfront.net
URL: https://d1voyiv1eh2vzr.cloudfront.net/prebid/prebid.js?v=3.3.10
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: bfc9e9ed504c02711c1c49bae719271313289d088c55cbb89aec11df26aef699

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:25 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fifthdomain.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 303
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 304 B
1 KB 293ms
32ms XHR
application/json 213.19.162.21
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17856&site_id=318040&zone_id=1632804&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.fifthdomain.com%2F&tk_flint=pbjs_lite_v3.13.0-pre&x_source.tid=bd5d5896-6b67-490d-af54-0b0b21ec7a68&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7173128155722208
Requested by: Host: d1voyiv1eh2vzr.cloudfront.net
URL: https://d1voyiv1eh2vzr.cloudfront.net/prebid/prebid.js?v=3.3.10
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a8141add2546cee649df63bfd96cd8a0cb9d0bd7dcac2bd7a888cf3db92cad5a

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:25 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fifthdomain.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 304
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 298ms
33ms XHR
application/json 213.19.162.21
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17856&site_id=318040&zone_id=1632804&size_id=15&rf=https%3A%2F%2Fwww.fifthdomain.com%2F&tk_flint=pbjs_lite_v3.13.0-pre&x_source.tid=68f7bbc8-aa14-4388-8901-d80eeeaa93c1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.29067445474360687
Requested by: Host: d1voyiv1eh2vzr.cloudfront.net
URL: https://d1voyiv1eh2vzr.cloudfront.net/prebid/prebid.js?v=3.3.10
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: da811b5da2af25fbf536a2e5b73112e549237529a0da21e50bc05f9bf4c2cf7f

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:25 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fifthdomain.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 296ms
32ms XHR
application/json 213.19.162.21
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17856&site_id=318040&zone_id=1632804&size_id=15&rf=https%3A%2F%2Fwww.fifthdomain.com%2F&tk_flint=pbjs_lite_v3.13.0-pre&x_source.tid=cd37ad4e-a162-43a9-9953-72020747d347&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3538237397374051
Requested by: Host: d1voyiv1eh2vzr.cloudfront.net
URL: https://d1voyiv1eh2vzr.cloudfront.net/prebid/prebid.js?v=3.3.10
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: fece2398160545850d81132b60b35e2863a116a7e09c8d53e562b2bf9a6433f3

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:25 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fifthdomain.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 298ms
31ms XHR
application/json 213.19.162.21
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17856&site_id=318040&zone_id=1632804&size_id=10&rf=https%3A%2F%2Fwww.fifthdomain.com%2F&tk_flint=pbjs_lite_v3.13.0-pre&x_source.tid=c951c1ef-bc3e-4600-bc44-7e576c9fc36e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.822367401086401
Requested by: Host: d1voyiv1eh2vzr.cloudfront.net
URL: https://d1voyiv1eh2vzr.cloudfront.net/prebid/prebid.js?v=3.3.10
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 374efd1aa45ff22e33546a6021b7c504a7a165b8a6c2ab0b8b33c837602376a7

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:25 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fifthdomain.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 48 B
744 B 242ms
16ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d1voyiv1eh2vzr.cloudfront.net
URL: https://d1voyiv1eh2vzr.cloudfront.net/prebid/prebid.js?v=3.3.10

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:25 GMT
X-Proxy-Origin: 89.249.64.220; 89.249.64.220; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.236:80
AN-X-Request-Uuid: ba018a61-36b1-4260-b37e-fcd306a4a980
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.fifthdomain.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 28ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.fifthdomain.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 14:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 28ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.fifthdomain.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 14:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 187 KB
43 KB 1192ms
1191ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=919650656752053&correlator=905240449434800&output=ldjh&impl=fifs&eid=31060550%2C31060696%2C31060698%2C44739387&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210408&iu_parts=114235265%2CFifthDomain%2Chome%2Cskin%2Cleaderboard%2Crectangle%2Chalf-page&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=3000x1500%2C970x90%7C970x250%2C300x250%7C300x600%2C300x250%2C300x250%2C300x600&prev_scp=%7CPOS%3Datf%7CPOS%3Datf%7CPOS%3Dbtf%7CPOS%3Dbtf%7CPOS%3Dbtf&eri=1&cust_params=Section%3DHome%26ID%3D%252Ffifth-domain%252Fhome%26URL%3Dhttp%253A%252F%252Fmco-fifth-domain-prod-classic.web.origin.aws.arc.pub%252Fhomepage%252F%26page-type%3Dresults&cookie_enabled=1&bc=31&abxe=1&lmt=1617890905&dt=1617890905642&dlt=1617890903859&idt=839&frm=20&biw=1600&bih=1200&oid=3&adxs=-700%2C315%2C1076%2C1076%2C1076%2C1076&adys=0%2C97%2C326%2C1216%2C1639%2C1909&adks=2032595003%2C3838101118%2C3703431340%2C4012406172%2C428997851%2C2293608032&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.fifthdomain.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C1600x128%7C300x250%7C300x250%7C300x250%7C300x600&msz=3000x-1%7C1600x128%7C300x250%7C300x250%7C300x250%7C300x600&ga_vid=446842817.1617890905&ga_sid=1617890906&ga_hid=754276220&ga_fc=false&fws=516%2C516%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C300%2C300%2C300%2C300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

6769f1b5d9db99bf55b86300de70774259c49a332a6cbe29a1adf87a81f3335b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43113
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fifthdomain.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 53ms
14ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 7BA5 48 KB
19 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 1536
date: Thu, 08 Apr 2021 13:42:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 08 Apr 2021 15:42:49 GMT

GET
H2 200 WidgetTemplate2.min.css
csp.azureedge.net/cdn/widget/ Frame 7BA5 4 KB
2 KB 141ms
9ms Stylesheet
text/css 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Requested by: Host: portal.cityspark.com
URL: https://portal.cityspark.com/js/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:25 GMT
content-encoding: gzip
last-modified: Fri, 26 Jun 2020 19:17:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d64bee6a327941"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1712

GET
H2 200 jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js) Show response
cdn.jsdelivr.net/g/ Frame 7BA5 115 KB
37 KB 7ms
7ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/g/jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js)

Requested by

Host: portal.cityspark.com
URL: https://portal.cityspark.com/js/widget.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2466343
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 38019
etag: W/"1ca18-fw6ZPglKViimyicfOtWQPF7WA8s"
x-served-by: cache-fra19156-FRA, cache-hhn4023-HHN
date: Thu, 08 Apr 2021 14:08:25 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.fireSlider.min.js Show response
csp.azureedge.net/cdn/js/ Frame 7BA5 13 KB
5 KB 136ms
10ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/js/jquery.fireSlider.min.js
Requested by: Host: portal.cityspark.com
URL: https://portal.cityspark.com/js/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:25 GMT
content-encoding: gzip
last-modified: Fri, 26 Jun 2020 19:17:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d64bee6a324253"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4442

GET
H2 200 rad.js Show response
csp.azureedge.net/cdn/js/ Frame 7BA5 5 KB
2 KB 132ms
11ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/js/rad.js
Requested by: Host: portal.cityspark.com
URL: https://portal.cityspark.com/js/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:25 GMT
content-encoding: gzip
etag: "1d64bee6a3265ea"
last-modified: Fri, 26 Jun 2020 19:17:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1892

GET
H2 200 p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame 7BA5 35 B
372 B 130ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif

Requested by

Host: portal.cityspark.com
URL: https://portal.cityspark.com/js/widget.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7BA5 12 KB
922 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500

Requested by

Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63d9e1fb392138badd064ac8014c98a52d5009ff79ba86acce4103289e63687b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://csp.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Apr 2021 13:50:20 GMT
server: ESF
date: Thu, 08 Apr 2021 14:08:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Apr 2021 14:08:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7BA5 7 KB
767 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700

Requested by

Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://csp.azureedge.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Apr 2021 12:43:50 GMT
server: ESF
date: Thu, 08 Apr 2021 14:08:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Apr 2021 14:08:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 7BA5 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.fifthdomain.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 21:15:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 233557
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Tue, 05 Apr 2022 21:15:49 GMT

GET icomoon.woff
csp.azureedge.net/cdn/widget/fonts/ Frame 7BA5 0
0

GET
H3-Q050 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 7BA5 15 KB
16 KB 49ms
34ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.fifthdomain.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
age: 533089
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 icomoon.ttf
csp.azureedge.net/cdn/widget/fonts/ Frame 7BA5 2 KB
2 KB 8ms
8ms Font
application/x-font-ttf 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.azureedge.net/cdn/widget/fonts/icomoon.ttf?-35bf
Requested by: Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 745d298c124bd38392bcef5d3d707004d15989870c3889a50cea881568b585eb

Request headers

Origin: https://www.fifthdomain.com
Referer: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:26 GMT
last-modified: Fri, 26 Jun 2020 19:17:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1d64bee6a327110"
content-type: application/x-font-ttf
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1936

GET
H2 200 dzy8rctizF7On6DG0j_j9mQcspCrnoKD512cQRI17CdmertINwtmCBRRmPbWrIlFYz2ow Show response
capablecup.com/v2/0/ 103 KB
30 KB 263ms
219ms Script
text/javascript 35.201.103.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://capablecup.com/v2/0/dzy8rctizF7On6DG0j_j9mQcspCrnoKD512cQRI17CdmertINwtmCBRRmPbWrIlFYz2ow

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

b16a612f15c5bf92f34a8d8dec3e29ebbce929aa865aad69350fcd61d9903a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "dc119a83322618b358a4e0f6102bde45fdef1435f2042ed127954fdb2d53647d"
vary: Accept-Encoding, Accept-Language
x-hostname: 2c48c892
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Thu, 08 Apr 2021 14:08:26 GMT
timing-allow-origin: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f036:1d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f036:1d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23784
x-fb-rlafr: 0
pragma: public
x-fb-debug: oyJpwgd6Ed8BhBAoA5BvtzUiapKV9Nt0OIDKHpCRDVOZ9Dod+xK+ZFHGjHvISw/hRyyV4bvAz+itBJ8L1LRZoQ==
x-fb-trip-id: 512678718
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 08 Apr 2021 14:08:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 121 KB
43 KB 57ms
18ms Script
application/javascript 52.222.179.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4XB555
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.179.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-179-41.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50bf87dcf89e67ab9afe28b6c7f363610e46e8dc563db11291df3a73415c74b0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:06:41 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 21:15:24 GMT
server: AmazonS3
age: 105
etag: W/"84774265ca1d01d1839ea005c6403f3a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c47c25ef93083c096cbff8a42ea330d9.cloudfront.net (CloudFront)
cache-control: max-age=600; must-revalidate
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: 942y4wyGqYZV06WoUFB3KSIN_A72yH7Laa_x_KzHRk0RkR5E5ZW5JA==

POST
H2 204 /
686eb719.akstat.io/ 0
205 B 43ms
40ms Other
image/gif 2a02:26f0:7100:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://686eb719.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/5G5AE-KMGCC-C42VV-E7W82-35RPE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:7100:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:26 GMT
content-type: image/gif
access-control-allow-origin: https://www.fifthdomain.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Thu, 08 Apr 2021 14:08:26 GMT

GET
H2 200 1133199730164562 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 72ms
71ms Script
application/x-javascript 2a03:2880:f036:1d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1133199730164562?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f036:1d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9280a7d8c17651f552981e4bb3c975d765e6d0992e24f6c00f4b33f09faaaa62

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Ru9+phk/bWnVM5fDaKy9J2X/FrjvwWR4Q1pSWbowQfJM15LmKA+V9bEuipi425uYUWiAVBQGbJQH0yVxiloxPQ==
x-fb-trip-id: 512678718
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 08 Apr 2021 14:08:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 37ms
12ms Image
image/gif 2a03:2880:f136:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1133199730164562&ev=PageView&dl=https%3A%2F%2Fwww.fifthdomain.com%2F&rl=&if=false&ts=1617890906394&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1617890906392.233507365&it=1617890906280&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f136:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 08 Apr 2021 14:08:26 GMT

GET
H2 200 Bztdkt Show response
ad.doubleclick.net/ddm/adj/Baral/ 11 B
645 B 39ms
16ms Script
text/javascript 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Baral/Bztdkt

Requested by

Host: capablecup.com
URL: https://capablecup.com/v2/0/dzy8rctizF7On6DG0j_j9mQcspCrnoKD512cQRI17CdmertINwtmCBRRmPbWrIlFYz2ow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame FDA2 3 KB
2 KB 36ms
21ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: capablecup.com
URL: https://capablecup.com/v2/0/dzy8rctizF7On6DG0j_j9mQcspCrnoKD512cQRI17CdmertINwtmCBRRmPbWrIlFYz2ow

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fifthdomain.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.fifthdomain.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1479
date: Wed, 07 Apr 2021 18:25:51 GMT
expires: Thu, 07 Apr 2022 18:25:51 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 70955
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame E9F8 190 KB
55 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72221
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Wed, 07 Apr 2021 18:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 18:04:45 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E9F8 12 KB
5 KB 47ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 545870
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Fri, 02 Apr 2021 06:30:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 06:30:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E9F8 87 KB
27 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72221
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Wed, 07 Apr 2021 18:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 18:04:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E9F8 27 KB
9 KB 49ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72221
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Wed, 07 Apr 2021 18:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 18:04:45 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E9F8 40 KB
13 KB 47ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72221
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Wed, 07 Apr 2021 18:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 18:04:45 GMT

GET
DATA 200
OK truncated
/ Frame E9F8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0afb0f39b82b1d2075583c1114b5bdd2c62a398492cb52cae04e3166a86b7154

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 container.html Show response
82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FF1F 6 KB
3 KB 35ms
20ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fifthdomain.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.fifthdomain.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 08 Apr 2021 14:08:25 GMT
expires: Fri, 08 Apr 2022 14:08:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 15129833301409655948
tpc.googlesyndication.com/daca_images/simgad/ Frame E9F8 36 KB
36 KB 10ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15129833301409655948

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f31a5211880b7352f5822f1c9d6c4c436913736dc9fbe0a815510c004d5cce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 15:23:53 GMT
x-content-type-options: nosniff
age: 168273
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36426
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 14:45:39 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Apr 2022 15:23:53 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E9F8 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 20729
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 09 Apr 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E9F8 295 B
389 B 8ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 53015
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 08 Apr 2021 23:24:51 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame E9F8 0
0 17ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTx7KMA9DSsjf_y35PN7O_Nd8kamKpslTzqF1M76NcLR6SEh3cyzq1gQ1UMuM6Kvfua2qTt
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E9F8 0
0 79ms
64ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3tXkWQ5vYNvTKsmHx_AP2vKc-AfagYu_Yfiv2ZHQDcCNtwEQASDRh_U3YJX68IGMB6ABzoH_0wPIAQKpAtyMTT8Imao-4AIAqAMByAMIqgT8AU_QaEjMH4iz1d0YQ_f6H1oI22lEsdTnF6t82vyuNMINtGsWUGMxX7kZ6rja3m-KV285fTg9FtgDbpIKyujUjYPxKm4Xw763DjLchpA0WTNArQBBohXoWYVg2gM9BNXGaebVJp4ifUN25plpWbdSULKXnIx65Y3wd4QsPZqyud_pyOVEgxF_EQQb1fLis17Q0oE2Ws_dhwFzOYKPDLjRfXBAG40Wyz9zI4QdOAbJuSiZzFVQopa6JdlU1fz4LblkOkroqbll524pr_1Bc4Uy8PQf_-h5OqW6Wbkt5wYe6vMp4vK1HZQTG7bm3dqAclJXC49W95oJyp_7o88lxcAElvWL87AD4AQBkgUECAQYAZIFBAgFGASgBgKAB5r-gCyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQxvkO0ggJCIDhgFAQARgdgAoDyAsB2BMNshcaChgIABIUcHViLTQwMDQzMTgxMjg3OTQ1NzU&sigh=X4TF4Xs07ss&tpd=AGWhJmvMbUR2yLKQewCa_9gaaPg7VrWB4pP0mGxburpD6XzhVw
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617795245888949"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Thu, 08 Apr 2021 14:08:26 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
87 B 23ms
22ms Other
text/plain 2a03:2880:f136:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f136:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary0n47zOy9ZxZWGlpF

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 08 Apr 2021 14:08:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.fifthdomain.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 12A1 190 KB
54 KB 41ms
26ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72221
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Wed, 07 Apr 2021 18:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 18:04:45 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 12A1 12 KB
5 KB 53ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 545870
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Fri, 02 Apr 2021 06:30:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 06:30:36 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 12A1 87 KB
27 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72221
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Wed, 07 Apr 2021 18:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 18:04:45 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 12A1 27 KB
10 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72221
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Wed, 07 Apr 2021 18:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 18:04:45 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 12A1 40 KB
13 KB 53ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72221
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Wed, 07 Apr 2021 18:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 18:04:45 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 12A1 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 20729
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 09 Apr 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 12A1 295 B
320 B 8ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 53015
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 08 Apr 2021 23:24:51 GMT

GET
DATA 200
OK truncated
/ Frame 12A1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1463f89cc1db962879c76a135da97f56c536d90a231d7e89f137ffd5da05e8e5

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 container.html Show response
82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AA89 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fifthdomain.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.fifthdomain.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 08 Apr 2021 14:08:25 GMT
expires: Fri, 08 Apr 2022 14:08:25 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 9F38 190 KB
54 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72221
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Wed, 07 Apr 2021 18:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 18:04:45 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9F38 12 KB
4 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 545870
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Fri, 02 Apr 2021 06:30:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 06:30:36 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9F38 87 KB
27 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72221
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Wed, 07 Apr 2021 18:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 18:04:45 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9F38 27 KB
9 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72221
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Wed, 07 Apr 2021 18:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 18:04:45 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9F38 40 KB
13 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 72221
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Wed, 07 Apr 2021 18:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 18:04:45 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9F38 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 20729
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 09 Apr 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9F38 295 B
320 B 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 53015
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 08 Apr 2021 23:24:51 GMT

GET
DATA 200
OK truncated
/ Frame 9F38 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22d3b0e15735f434d8bfb1715cfe90c884e413bd7f39af91d8b68d05d8afa9a2

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 11664427071109676762
tpc.googlesyndication.com/simgad/ Frame 12A1 20 KB
20 KB 10ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11664427071109676762?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnC8ufJS7vZXZO3n-5il7uDReBVqQ

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c017a1ec16130c70a43457d8c0bfb8c099f63c2084683c90963e8e16c2f26cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 10:35:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:12:10 GMT
server: sffe
age: 99194
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20024
x-xss-protection: 0
expires: Thu, 07 Apr 2022 10:35:12 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 12A1 0
0 17ms
16ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQbxUMF28NPUOgRuCWHVR1Ea-3677K6pPOTvMo9VNV3vBhyMvSVeY0J0OChcBJhyYEUrJ23
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 12A1 0
0 59ms
57ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ctf7XWQ5vYN7TKsmHx_AP2vKc-AfvxticYum1sbfhDYHvu9z9GxABINGH9TdglfrwgYwHoAGO5dn9A8gBAuACAKgDAcgDCKoEggJP0KHn0LUQAgBFCOTfMo2pp0h-T2YwZ9TcjKcyZJdsNXLg_LvoOqD_9waKV13wTw2kBrW6GeHbunqTUNgbPhLi8fxMqKfYEJZ_cMzeTJoMoN0dRplqck0_EBERN_2xAHOSJ7pVsFmqAlHY7o6SyeGkDJ6I6Uae5wgT2S1_6zIzKgRUYEycxaQKSqAqO-ZkOn-0Gd3yJAbfdXPHlcQ0tt5lFS5CPUHg27VPY1ECztKBd3UDDSGeuLz6Wgorq7fdS5-P3Qcnj5DEwrBaPWvxGOsBO1fj22jTXEZBLmUz1_7k1osF1KMZtuavYHBj1X-LPFVrrb35wxQ4_ghmhDUuIBoCeBHABJDKp-TWA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfamqYCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEIPDDdIICQiA4YBQEAEYHYAKA8gLAdgTC7IXGgoYCAASFHB1Yi00MDA0MzE4MTI4Nzk0NTc1&sigh=RZoY1CcqOi8&tpd=AGWhJmsF3iILN3OKcDnjYT8kXy2nlLyNcEkZIQbW1JDcTxyu1w
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 13644810512522140247
tpc.googlesyndication.com/simgad/ Frame 9F38 107 KB
107 KB 12ms
11ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13644810512522140247?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkpuXc-trd2pqxnt7MnnZreWhYiJA

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b263b4ba44cbc163b0a0c8e8f4c593f11f4b57aaa78a49acfc8a6e17697fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 19:00:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 15:56:48 GMT
server: sffe
age: 500853
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109156
x-xss-protection: 0
expires: Sat, 02 Apr 2022 19:00:53 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9F38 0
0 60ms
60ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUzfcWQ5vYODTKsmHx_AP2vKc-AfJ5qqZYseGqOC3Db_hHhABINGH9TdglfrwgYwHoAHy-9PfA8gBAqkCPfqP9dHtsz7gAgCoAwHIAwiqBIACT9BwiyS3US9Qq1YNIvLFezn9u0YN4wOjiIfNLmq_zbmivWnlpID_X-PBh2u5Th68prdmXFRImRI7dlkqtv7gI-mLtQHJu6vd-nFwGSFaCotYMU3m_bNn-FjRo5BCDU57WvjMhGuQBG3LOIwLutCEacMYKlUSxAmCviyJkTZZ-hQxe-w_6oQSbJ2Ape3wDm-eUZGH1Ahp9s7v_88GVMJ-_PUszkfsTOuSi0a-FeDEdVlqg_uIepKjPWEjSnbKDgzD5sX7YJOo_JnykcZbpIkjqYeIPDKUR0NRj7LxcMTvFqLQkJGRZsgo1ZQV0m_MPRUGDVnHsOBnpe8Wf6_ZqfE-UsAEgKqG1rQD4AQBkgUECAQYAZIFBAgFGASgBgKAB9nlsiaoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQuaIP0ggJCIDhgFAQARgdgAoDyAsB2BMNmBYBshcaChgIABIUcHViLTQwMDQzMTgxMjg3OTQ1NzU&sigh=21QCFO8yoVo&tpd=AGWhJmvAgq5ZOkHxOE530Btt2gPfPrBDTc9mMuicE_cfpgwI6g
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f162.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 28ms
15ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060696

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a2c1f35333b7d69e3fc1a5f36a811548354f4acbed7585c830f66fb3b37479e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 14:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6554
x-xss-protection: 0

POST
H2 200 v2iblwv-QQXmSrMw1sjS_XxongJ_0Cf6mMfmZzfiXQAhaCGkLgW46nbiweHL-7aU6MiWpvfph Show response
capablecup.com/ 216 B
616 B 41ms
17ms Fetch
application/json 35.201.103.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://capablecup.com/v2iblwv-QQXmSrMw1sjS_XxongJ_0Cf6mMfmZzfiXQAhaCGkLgW46nbiweHL-7aU6MiWpvfph

Requested by

Host: capablecup.com
URL: https://capablecup.com/v2/0/dzy8rctizF7On6DG0j_j9mQcspCrnoKD512cQRI17CdmertINwtmCBRRmPbWrIlFYz2ow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d977f841b9d5365c68ad5a01bb0fc5e9f39986770b5fb7a9219a6103bb2b1660

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Thu, 08 Apr 2021 14:08:27 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fifthdomain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 2c48c892
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Thu, 08 Apr 2021 14:08:26 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js?31060696

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 08 Apr 2021 14:08:27 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E9F8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 08 Apr 2021 14:08:27 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
clarium.global.ssl.fastly.net/ Frame FF1F 95 KB
29 KB 27ms
26ms Script
text/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/?wrapper=8HbxrPva3fkLwVJXWqQj7NG3pwQ&tpid=OEhieHJQdmEzZmtMd1ZKWFdxUWo3TkczcHdRLzI2NTQ1ODc4NTU6MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6Ik9FaGllSEpRZG1FelptdE1kMVpLV0ZkeFVXbzNUa2N6Y0hkUkx6STJOVFExT0RjNE5UVTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyNjU0NTg3ODU1LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f76ea897cdb005cc497fe7f82f653a608b0f2ba7a74b3f1d1fabc5b952143176

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 14:08:27 GMT
Content-Encoding: gzip
Age: 0
X-Cache-Status: hit
X-Cache: MISS
Connection: keep-alive
Content-Length: 29360
X-Served-By: cache-hhn4033-HHN
Access-Control-Allow-Origin: *
Server: nginx
X-Timer: S1617890907.190628,VS0,VE18
ETag: 64b7a80b8f557404650d693f67ec66ce556b031f
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF1F 42 B
65 B 70ms
53ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AOwr93gjiIUSZzImJ4RHJbUCKjwll6h_JSXv_XPWdYQyZ6gwRCBZ-tpQhAWXyfZTCp22lUGwmbhD2sPWrRbP6WFJhwTNreDJ12Wu86pQHVXDT5ED0

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame FF1F 2 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Apr 2021 14:07:15 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF1F 118 KB
36 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617795240117122"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Thu, 08 Apr 2021 14:08:27 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame FF1F 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 13:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Apr 2021 13:59:50 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame FF1F 0
0 14ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQQqtS3kAehUQvN9kfh6KW_YhUXnK-O7uARMW4H8sNYxjf2CJEGXG-TkwDyEdTKZxUYQIA
Requested by: Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
clarium.global.ssl.fastly.net/ Frame AA89 95 KB
29 KB 26ms
10ms Script
text/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/?wrapper=8HbxrPva3fkLwVJXWqQj7NG3pwQ&tpid=OEhieHJQdmEzZmtMd1ZKWFdxUWo3TkczcHdRLzI2NTQ1ODc4NTU6MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6Ik9FaGllSEpRZG1FelptdE1kMVpLV0ZkeFVXbzNUa2N6Y0hkUkx6STJOVFExT0RjNE5UVTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyNjU0NTg3ODU1LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f76ea897cdb005cc497fe7f82f653a608b0f2ba7a74b3f1d1fabc5b952143176

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 14:08:27 GMT
Content-Encoding: gzip
Age: 0
X-Cache-Status: hit
X-Cache: HIT
Connection: keep-alive
Content-Length: 29360
X-Served-By: cache-hhn4037-HHN
Access-Control-Allow-Origin: *
Server: nginx
X-Timer: S1617890907.205838,VS0,VE3
ETag: 64b7a80b8f557404650d693f67ec66ce556b031f
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA89 42 B
476 B 67ms
53ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AbuTREZYadTDj7tC1ghyZtqtCYA7W-KN7DvZYTO8PdD3yL7W33sTqKMaYaai2be4La3DjFHMsIHisTrQQ-I7iSbVvsyHzi708kUxYP08C_FQEnczE

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame AA89 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Apr 2021 14:07:15 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA89 118 KB
36 KB 40ms
29ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617795240117122"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Thu, 08 Apr 2021 14:08:27 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame AA89 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 13:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Apr 2021 13:59:50 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame AA89 0
0 16ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7jiWG6sQBQqBo0fW-WdiuwZ56g-xH9rBi-tVFFHP1aJX3y18UrqkPn-Ru3oHW3cEmRYqv
Requested by: Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 15129833301409655948
tpc.googlesyndication.com/daca_images/simgad/ Frame E9F8 36 KB
36 KB 8ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15129833301409655948

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f31a5211880b7352f5822f1c9d6c4c436913736dc9fbe0a815510c004d5cce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Apr 2021 15:23:53 GMT
x-content-type-options: nosniff
age: 168274
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36426
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 14:45:39 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Apr 2022 15:23:53 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E9F8 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 20730
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 09 Apr 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E9F8 295 B
325 B 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 53016
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 08 Apr 2021 23:24:51 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 12A1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

61ms
46ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 08 Apr 2021 14:08:27 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9F38
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

88ms
77ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 08 Apr 2021 14:08:27 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 13E0 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fifthdomain.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.fifthdomain.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 08 Apr 2021 14:06:02 GMT
expires: Fri, 08 Apr 2022 14:06:02 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 145
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 v2rjfU65szRiHwr0fa-Zi-uWC7TOsWlNBC2hCbP5qRG7HCJq96BQlUmXxtsQR4j8AO0SnVw0a Show response
capablecup.com/ 3 B
36 B 36ms
36ms Fetch
application/json 35.201.103.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://capablecup.com/v2rjfU65szRiHwr0fa-Zi-uWC7TOsWlNBC2hCbP5qRG7HCJq96BQlUmXxtsQR4j8AO0SnVw0a

Requested by

Host: capablecup.com
URL: https://capablecup.com/v2/0/dzy8rctizF7On6DG0j_j9mQcspCrnoKD512cQRI17CdmertINwtmCBRRmPbWrIlFYz2ow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.103.212 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Thu, 08 Apr 2021 14:08:27 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fifthdomain.com
access-control-allow-credentials: true
x-hostname: 2c48c892
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H3-Q050 200 11664427071109676762
tpc.googlesyndication.com/simgad/ Frame 12A1 20 KB
20 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11664427071109676762?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnC8ufJS7vZXZO3n-5il7uDReBVqQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c017a1ec16130c70a43457d8c0bfb8c099f63c2084683c90963e8e16c2f26cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 10:35:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:12:10 GMT
server: sffe
age: 99195
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20024
x-xss-protection: 0
expires: Thu, 07 Apr 2022 10:35:12 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 12A1 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 20730
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 09 Apr 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 12A1 295 B
321 B 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 53016
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 08 Apr 2021 23:24:51 GMT

GET
H3-Q050 200 13644810512522140247
tpc.googlesyndication.com/simgad/ Frame 9F38 107 KB
107 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13644810512522140247?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkpuXc-trd2pqxnt7MnnZreWhYiJA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b263b4ba44cbc163b0a0c8e8f4c593f11f4b57aaa78a49acfc8a6e17697fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 19:00:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 15:56:48 GMT
server: sffe
age: 500854
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109156
x-xss-protection: 0
expires: Sat, 02 Apr 2022 19:00:53 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9F38 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 20730
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 09 Apr 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9F38 295 B
321 B 9ms
9ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Apr 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 53016
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 08 Apr 2021 23:24:51 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame FF1F 68 B
345 B 85ms
19ms Image
image/png 18.192.133.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_OEhieHJQdmEzZmtMd1ZKWFdxUWo3TkczcHdRLzI2NTQ1ODc4NTU6MzAweDI1MA==&v=5&s=a4ef6da03c2ec94264553266b108d61db96ca6df&id=eyJkZnAiOnsiYWQiOjc4MDkwNzQ1LCJjIjpudWxsLCJsIjowLCJvIjoyNjU0NTg3ODU1LCJBIjoiMTE0MjM1MjY1L0ZpZnRoRG9tYWluL2hvbWUvcmVjdGFuZ2xlIiwieSI6MCwiY28iOjAsInMiOiIzMDB4MjUwLTEifX0%3D&sb=3&cb=2571718&h=www.fifthdomain.com
Requested by: Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.133.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:27 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame AA89 68 B
345 B 85ms
18ms Image
image/png 18.192.133.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_OEhieHJQdmEzZmtMd1ZKWFdxUWo3TkczcHdRLzI2NTQ1ODc4NTU6MzAweDI1MA==&v=5&s=a4ef6da03c2ec94264553266b108d61db96ca6df&id=eyJkZnAiOnsiYWQiOjc4MDkwNzQ1LCJjIjpudWxsLCJsIjowLCJvIjoyNjU0NTg3ODU1LCJBIjoiMTE0MjM1MjY1L0ZpZnRoRG9tYWluL2hvbWUvcmVjdGFuZ2xlIiwieSI6MCwiY28iOjAsInMiOiIzMDB4MjUwLTMifX0%3D&sb=3&cb=6384478&h=www.fifthdomain.com
Requested by: Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.133.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:27 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5244 478 B
311 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGNe5uqABMAE&v=APEucNUt3uUu7haFfPSdEg7rQOQVV55LzPGImjo_QP9yD8kwWB3RSXyZ176KJ1LOsz82AdmgOBf3j_vWvkIhx3ipdxqEF_4azTO9Xf7_lFV2sl1XK4ws1RAzx-OI0IPOABQtYusE-T0rkbinNEGzRm5MlMV-EFpomqblAvVg8XswDIiv-RBA1WkvsLTFpBVfMOcNcKqtjjdTvfi2K313Z5J9A1rwWWP8gg

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN8DEPHb-r4CGNe5uqABMAE&v=APEucNUt3uUu7haFfPSdEg7rQOQVV55LzPGImjo_QP9yD8kwWB3RSXyZ176KJ1LOsz82AdmgOBf3j_vWvkIhx3ipdxqEF_4azTO9Xf7_lFV2sl1XK4ws1RAzx-OI0IPOABQtYusE-T0rkbinNEGzRm5MlMV-EFpomqblAvVg8XswDIiv-RBA1WkvsLTFpBVfMOcNcKqtjjdTvfi2K313Z5J9A1rwWWP8gg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkMaG6P4ZF1Bj4orWDTR_rRGky4MYpnxDF5hjcHPSsJwqiBRo9DsaERfG6aDAg; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 08 Apr 2021 14:08:27 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FF1F 57 KB
23 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFrhTCDwEQB06Ye7A5ZickN_5_DcSavEQMogt5KlKcQzPJ8flCp08ctq29IHRZM_vWZkyjYOTWkMC7MUULot1uEB9d-tEC6S305YVL2bv7SO_llMLNZBb39LejOG39pgifP6Sah_kYzh5IsgwGARsZn0y0-g&dbm_d=AKAmf-CmYrJ-ymRmyxkJ5l2_u0Mu7RBzyn-CuTla3xt9GgkOYIHRethAUV3-rIIjjEZFiFUNc0kYVNDvammpDUTCMvRCbAqgvhisKrUPQkcJrbMIQGSer_HzmZ8KfmDmLFC_wK294sRNIib7L47oen97V_NvZx6PtcJmJWIE7KPNYSL2hViFA2gQKeqSlUjU_KK7wE-7sPhH3irWjNoKnguMpdhICh0uXzoxFweO0P7eESb97JAdIeq2iz5F2wdGjtJTQwjMVPZKy933mb8Z1WUxpndgw1Oodo7YBZ1EqVCbvE_pTurA2TjWkQI-F_gRRFEHiuO7U_7__Y_pxZ05GUoSZMW1jf6S_yc0GbIOI5y7ivY7mZVkJoUDH8aSgMtq4-yKOLikf3vNmDgzyyP4Coe5jmcn1Ys4utiisu6WLOWyj8AkLfLe8p8cDBNn3-zqE8geRdQHVk1DoUH_CI41RFemUMp-Y0LN8MfYzpdE2cB6-IUhZg7tIqtd7hniJb8Ns-ZwEFxHW9u4myRs_76lQQxGmhbHqqgYegeZ0Q9hj0J-3MgB3qS_pJ1ftkAHxBUoVcei5EVVz4OZcRm3CjEWDZZNIhLi3JBBlF9ccBTqm0_776s-9F5Rk01kFs-QnLLmPvrwdrJjf0V_XYLWQe1B7y-1XOKnNO23-lL0Wzwgmk3-T4o5YvAvm3rzoSPdRDzyRQ7GMxRG7NDxXv37a3h0IjVcfLH6NtCgycg3W_LDrjK6kfYJMn3nXtWWOea-nIqwB-74LrEVmGOmt6Ldq4J_LCtegSOvM4yneOaGSF-QYaBRqCRXdZ1ilJ67Fd8Hk5fPB8gz5YdmVwfMvnHErJEni2bcTwtZxGEv6BobVIZ7umjbdCuGe4zDEcAnWJsqkgNPpVk89rFNEGHhzh01upz-_zNHwTT_foUJkiH0qaBl_bXV6_A7h9hPKyU6zfiy3wH4yCLYUdbc5DuzLNouS3NghaAEKaLiWKo8lplL3k1CtxI2lujFd7B2vXbTKTbUo5gMW-RtwGPOO0bAl22qC8sdiAaCoeTk9iEWtFboljQue--KiuWgdCfIdNftzy2lecCh1O8je4VNfqJiws2JhprdYBX8xvlYECjrvVtqOHw6eTqqR9Teuuky5KklXM4B22y4tWpWHCjGxtGG1Clg-sZxJW9XtmGU-qAzmzVbOnSBrLnivQqtNaNivL5l5AXC3vdtuLD7qU5HpyLPbFHyHB7n4imczxkKQzvdHfLzPvAL7d9KqoehsdKa08CJVEEg7N89d9yiOpK8pFquhTMcvAx_MkIV8bubClUBg6bnxCOu1rBV3UY17jE9F7przy_Ppq3nGOxgLsCWG3ivvgpAqIkwgSYYjje2QOMuoK6ZBxiV9BAbT40A3GuIKXzPkmUOPCvhXn2jowQsJ1U6wM4Mn_QHPWIV_kQIqEWdAEP_WcuyHbppJqZYiQTr2iBxSbLsahdDZGO-lba5uKxr9Dis0fqOTikbebO1JEh8UqPZDtRO2WckMiNKysln1RFwATkWa4nbNoTFnLzbQn4i6omkzsTPAwIQrx0qZXox_0P2NfP7LEQ3BmHpCJSULfcoOHu77dK3j8ReVesUHw4KMa4Osn0NE8WAHiHc73TpnO7fVj_qb5ANz52vptcZGboIH-_QTAtk0bQlHVwCGkwCjIvbPrWlJFq3vvYykBxXc9ddLW50fRckLQGFasOuW3bcCIpOWGPu9B9aaZotlUVPUhUi737sl-_rS_dzVl-uxzjGJGti6mDusgJb-qrTIZEJSuXnwhl2U23lpg0oJEgcIK_0zK4L804kQMMRjbpLEPGOsSJNwgUhC2_1Y3hoZVszNqTTqp1ljGydBezfdp6vV6kuQReUWE4KMuemEESSnCDIq13TQDfn1gWpfSZL2MIGUi_ZBfmPT1Sci7jQWC_IGCN0OGfAYYhKfjUyUjsJ9-7EFqM5fyl4pUvAisahcbXIs-u7bN0qJEGAQvlV0MRmIZrxfbMofISs7TMlAsF3ldz0fonjwfrT-xpxhDxMKBlsjm7Cwbp64e6-QzXimhTH4KN1Vme5yFwagHi-8fGDhdsDrdA4YxFaXUwHmSJq00JiJrWLznJCp77f-T6LOR1cxVZOcyEguDfB2vf7MCkFIgjJdvOiOhzOa9gMnDD3E5GeA_ot6QqijeBu2Up_RClWpfcNs6QtUwXgmY6fG-tY65kw49X54DNscblJNIuZXlUS05FwE17xBcmvAg0MrwRSOHQcIDMQM18CjA9-MuS9t7_os0OOvyqVeUTJ23IQiHWTpQzqcT9L0wP2OW9jaVjDOvjgWX3V8XtWTg6boC6BkDfOx35Qen4J8MP7jcwsVd9efcC3mW3ruBdYjQDso5BMm4Dpl_5vvxEwQbkpjMoHyD93Abd07fVm5pT-jL0EjihZMHH0EM7XfGEz8KWxNE4xPH_VcFg7yPjT3JllhdlQNCLmgh3Ccqs16qm9791VGERUXpXAN6WM6C8dJbdVHZIlu9XdgjjrysHsBAF_OJdbNFPGpYPrGm3MvV0nqboeLHNNnbVWPrCA04dZ3CY96d2GDlGh9_v6sURbir8tGy4OKRgH5p9wbMyV3Hz8kZW1TZfslfmT_6xEPkNb1pafvwZydvG43fajzC8JI5wUqwoT2FY6A-jvWKGugwLwfqmCwgQf1qNRcDufr2tpaZXbWTw-QuKAS8DOss4sCThOEPMC6LusgexJL6BYPsY4EPXIjinsg4CZQ9IYEQs7o7sDbSoaWCVR17qNK7UHoJc3Aj5P3Mve-_cMbrPaarQU7oUAYFsftU9VH5_tjEoIHe7gX0p7ocbvDDzKl4hQQy6NmFpbl0D5jac_I3cjNHtLEErunq3VuSdszqoeOWBsyCPeNsrszS0YuMtwKWOKzCcMPI7WSOrar094WEW7W2VVU8IBZwHF3Ad-cbPjE-puc2MUC-2bZK0OJo0Zi2uuybKewgNwUykOst4EOFanxhQt_SFZ3nCN36sJ8Bs7a0W2lE7C-U_g-DmhH6pN_RNRCeerfXMvDYixbeqH7oxSl55fLyiRlnkR86wjlOZh7bOEOKTknT63pwvpyjjBepufpa4I9DsZesQh10o8GbeUmy5IqwOEJ2A&cid=CAASPeRoWMsqeaKycF7g7gr0DdfpnYJjFEbWmHrr70zUMYhkLqIbuaf2VwymxXtFmvFdCrK3gHJ32t6-suOpXB4&rfl=1%2Chttps%253A%252F%252Fwww.fifthdomain.com%252F%240

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=8HbxrPva3fkLwVJXWqQj7NG3pwQ&tpid=OEhieHJQdmEzZmtMd1ZKWFdxUWo3TkczcHdRLzI2NTQ1ODc4NTU6MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6Ik9FaGllSEpRZG1FelptdE1kMVpLV0ZkeFVXbzNUa2N6Y0hkUkx6STJOVFExT0RjNE5UVTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyNjU0NTg3ODU1LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0975c9ff6b138a1fae7338c4dd62993868e01c40af0f9faf66dec42c43740bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8280 611 B
321 B 16ms
15ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7sWxDIy8vEAhj6pbuiATAB&v=APEucNX7R2L8dN-fsMBHSF9LoT15Jfxonxc8IhIeAo5_JFz6KVUcvD8SDHryK_ipxI0gL7y6e9-IYpwMbXB5laC4ug9pqWPMVTrDv78Rlw3M4UGstN9DX-c59B02XhZS_2A56rylYy91t5Isctj7Z4mqqQh217Uur78uLqo6DNmVcMYCplsk5_vlQlR3izzwGC4PhAd1L-Feps-N3B6g9Lbfs1cF2_lsBQ

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CM7sWxDIy8vEAhj6pbuiATAB&v=APEucNX7R2L8dN-fsMBHSF9LoT15Jfxonxc8IhIeAo5_JFz6KVUcvD8SDHryK_ipxI0gL7y6e9-IYpwMbXB5laC4ug9pqWPMVTrDv78Rlw3M4UGstN9DX-c59B02XhZS_2A56rylYy91t5Isctj7Z4mqqQh217Uur78uLqo6DNmVcMYCplsk5_vlQlR3izzwGC4PhAd1L-Feps-N3B6g9Lbfs1cF2_lsBQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkMaG6P4ZF1Bj4orWDTR_rRGky4MYpnxDF5hjcHPSsJwqiBRo9DsaERfG6aDAg; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 08 Apr 2021 14:08:27 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame AA89 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 13:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17914786394753848863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Apr 2021 13:57:19 GMT

GET
H3-Q050 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/ Frame AA89 6 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 13:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1633
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Apr 2021 13:41:14 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AA89 0
575 B 75ms
50ms Other
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgUQWPSbVO-H5nZMnsW6JWFzEo_P3n1OVfzfewEVnh3MUSZlvLIoZ13do3BcFXc4Stoso9-Dh16AM_BZr5psm45c2XAam9Fb8rEQEH3HyCUHi88T8FOQ5L57RxpMNBUJKi0VRJL-5XVs1CskDG28NPL6zH0tmozCeW3QEv9NKJGnya323YF-U-bfUWEquqF_3c7wbhEcBtzV7gosrefzhpAhEXkf6kU59sO5HvNspZZ-2A0HaCrcOzQHVgWx3gkIBvCl42fmbnFt9nsuRohIqMb5IIDohhPbtPBaH2mMSRwzPSZk80D7kw0WvHPLJyXGq80Of336ZZQ0ysE0uB5JORc3iKD4b1ZnBaaAKh-R9Xrk3LzgAH1mMDiMuq91pahWegA5atcQ3mGmIb5H4KFI3jbwUol3_3MnHZcLHweL06OL_WeIbPz9M9CP7oOI1EX-1-_wLKTFcsMW0FyrhFdUTbcBJ_fATg4sI9PDAXalWGnPhsTQ80ZKxxNUa9dWWa2n3B-NZ4VClKOEU0WRQqzgFfmX4V1X7kNvEq_AJnB5ulQ2N8icXDJcs-hH5bx9cOygc054Vl46mYDR9SRRFbqlCr64Q74EBBEqE0BJ131UQM3pmRuaaGC7micYWFFt8Z0I0A7aLBLReZxAjlh9scihvhoOvMqxOncvLElMZT8bth_R9VOtC1KAtLi66evPv5n5D-0I-rcaB7avdZtgKMRZBHjxAtxiJyKz-g9CLRp76yL_oQSdJRWHrx-wJ1TenvRNi9ASMqvbWF_7kL5dXBIC93jaSg8wH9gUP8FoNJQnSN6DN7IAeFW4xGogx0dvJMVJMFx1jL21yzBn1otMdMwBA_0ofFGnKiUF3x9iOCbEdQhtcGa3ldo8ys5p8UkBvcskKKEa56K6UveGU_wpTERFFkL6yjxTcSzNgyxoCZDgHVhz5YMveyYQC2DnxUmrZT6ihz0adBviySZF4gJkWiiAPni9Yq9DhpZaSjAw-EzOdtKmrwi1k_Zx-VhohXm9oEDZhH876JROfmAK9mKurFQ-2y6P-G-TwCO8-xMB30KTYxhfcl7TvSyNqzS8A6sSo9wWdtKiYfH53eVHh5H6ibqoelbnFVrFm_ujEWyK0_KaFh2l34_qtrr70Y1ESyf-IHfNV7BptHDjS3ATsn0zhUPLr-ltvTxxmhJmY&sai=AMfl-YQd4wHBOiUf6WSElrZMNEd4fzcJW0N5b0CCUyziQ9fqaPAcngTIucjCg8h4yC6aPlEFavzvJbZb-ObSAH1WNmhntSFHM87tVsc6JIVTKZkNT53yGP3KZBZV4naAauvJXoPzmfonfYRTDS_FzIGYeRsPICYOZk0UiZmWyeW4TZCNjUx1Ja1EJydU7tRhQeQJgpw4qy6otSTkGTfEXff7rpZFF1E8Ui4lvR8JCiBpEJDvVhG-K3zNdyWoezQc-74oqtLVUwn57qnSTYK0lH62XHUVb49n0kzr7GtizRPIwb8X8GZHBeZArHj8Wmw5u_nXVj_CVw2iJIwRMMMcvDD72TByvMsD-gLZ7ofC9RvdO-5eQLQOOjpYjiTbGbTVN-Qjs8nxsMo7&sig=Cg0ArKJSzNr6guSOLn8dEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210406.49117&adurl=

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 08 Apr 2021 14:08:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AA89 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 11:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11163
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 11:02:24 GMT

GET
H2 200 16580217461275992068
s0.2mdn.net/simgad/ Frame AA89 25 KB
25 KB 28ms
7ms Image
image/gif 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16580217461275992068

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb51286b8f4f379b780ba048e46b792d0cb38e0def5ffda5346da34b53873fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 22:00:01 GMT
x-content-type-options: nosniff
age: 58106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25328
x-xss-protection: 0
last-modified: Mon, 29 Mar 2021 13:38:50 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 22:00:01 GMT

GET
H3-Q050 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame FF1F 111 KB
39 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 08:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19123
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Apr 2021 08:49:44 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/ Frame FF1F 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Apr 2021 14:03:17 GMT

GET
H3-Q050 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame FF1F 21 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8469
x-xss-protection: 0
server: cafe
etag: 10238838524035937739
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Apr 2021 14:06:48 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame AA89 0
515 B 78ms
43ms Other
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 14:08:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9EDB 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 05 Apr 2021 17:24:05 GMT
expires: Tue, 05 Apr 2022 17:24:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 247462
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 5244 170 B
506 B 42ms
17ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGNe5uqABMAE&v=APEucNUt3uUu7haFfPSdEg7rQOQVV55LzPGImjo_QP9yD8kwWB3RSXyZ176KJ1LOsz82AdmgOBf3j_vWvkIhx3ipdxqEF_4azTO9Xf7_lFV2sl1XK4ws1RAzx-OI0IPOABQtYusE-T0rkbinNEGzRm5MlMV-EFpomqblAvVg8XswDIiv-RBA1WkvsLTFpBVfMOcNcKqtjjdTvfi2K313Z5J9A1rwWWP8gg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5244
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKLlLNNnUwH6dP8E0W6G3-k&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKLlLNNnUwH6dP8E0W6G3-k&google_cver=1&C=1

43 B
894 B

40ms
40ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKLlLNNnUwH6dP8E0W6G3-k&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGNe5uqABMAE&v=APEucNUt3uUu7haFfPSdEg7rQOQVV55LzPGImjo_QP9yD8kwWB3RSXyZ176KJ1LOsz82AdmgOBf3j_vWvkIhx3ipdxqEF_4azTO9Xf7_lFV2sl1XK4ws1RAzx-OI0IPOABQtYusE-T0rkbinNEGzRm5MlMV-EFpomqblAvVg8XswDIiv-RBA1WkvsLTFpBVfMOcNcKqtjjdTvfi2K313Z5J9A1rwWWP8gg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Apr 2021 14:08:27 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKLlLNNnUwH6dP8E0W6G3-k&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 08 Apr 2021 14:08:27 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5244
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YG8OWyNKLcz3MTfq1mV2ngAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKLlLNNnUwH6dP8E0W6G3-k&google_cver=1

43 B
894 B

53ms
53ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKLlLNNnUwH6dP8E0W6G3-k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEPHb-r4CGNe5uqABMAE&v=APEucNUt3uUu7haFfPSdEg7rQOQVV55LzPGImjo_QP9yD8kwWB3RSXyZ176KJ1LOsz82AdmgOBf3j_vWvkIhx3ipdxqEF_4azTO9Xf7_lFV2sl1XK4ws1RAzx-OI0IPOABQtYusE-T0rkbinNEGzRm5MlMV-EFpomqblAvVg8XswDIiv-RBA1WkvsLTFpBVfMOcNcKqtjjdTvfi2K313Z5J9A1rwWWP8gg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Apr 2021 14:08:27 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKLlLNNnUwH6dP8E0W6G3-k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8280
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBWdAkGBp3FkxJ8zcfkB8pk&google_cver=1

43 B
1018 B

63ms
22ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBWdAkGBp3FkxJ8zcfkB8pk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7sWxDIy8vEAhj6pbuiATAB&v=APEucNX7R2L8dN-fsMBHSF9LoT15Jfxonxc8IhIeAo5_JFz6KVUcvD8SDHryK_ipxI0gL7y6e9-IYpwMbXB5laC4ug9pqWPMVTrDv78Rlw3M4UGstN9DX-c59B02XhZS_2A56rylYy91t5Isctj7Z4mqqQh217Uur78uLqo6DNmVcMYCplsk5_vlQlR3izzwGC4PhAd1L-Feps-N3B6g9Lbfs1cF2_lsBQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:27 GMT
X-Proxy-Origin: 89.249.64.220; 89.249.64.220; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.122:80
AN-X-Request-Uuid: a9d5980b-d906-4c23-b23c-4b8c106f0326
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBWdAkGBp3FkxJ8zcfkB8pk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 8280
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYzMDExNTE5ODc1MjE3ODA5Nw%3D%3D

170 B
484 B

46ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYzMDExNTE5ODc1MjE3ODA5Nw%3D%3D

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:27 GMT
X-Proxy-Origin: 89.249.64.220; 89.249.64.220; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.239:80
AN-X-Request-Uuid: ea17c0de-b058-489d-b83a-bd6e79ddceed
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYzMDExNTE5ODc1MjE3ODA5Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8280
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG2-T9O-sMPotE_tG0ewmRA&google_cver=1

43 B
180 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG2-T9O-sMPotE_tG0ewmRA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7sWxDIy8vEAhj6pbuiATAB&v=APEucNX7R2L8dN-fsMBHSF9LoT15Jfxonxc8IhIeAo5_JFz6KVUcvD8SDHryK_ipxI0gL7y6e9-IYpwMbXB5laC4ug9pqWPMVTrDv78Rlw3M4UGstN9DX-c59B02XhZS_2A56rylYy91t5Isctj7Z4mqqQh217Uur78uLqo6DNmVcMYCplsk5_vlQlR3izzwGC4PhAd1L-Feps-N3B6g9Lbfs1cF2_lsBQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.50 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:27 GMT
via: 1.1 google
server: OXGW/16.205.50
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG2-T9O-sMPotE_tG0ewmRA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 8280
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTViMzIzYWItOTNjMi0yNTEyLWYyNzAtNjEyNDMxZDMzNmVk

170 B
190 B

41ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTViMzIzYWItOTNjMi0yNTEyLWYyNzAtNjEyNDMxZDMzNmVk

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 08 Apr 2021 14:08:27 GMT
content-encoding: gzip
server: OXGW/16.205.50
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTViMzIzYWItOTNjMi0yNTEyLWYyNzAtNjEyNDMxZDMzNmVk
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
DATA 200
OK truncated
/ Frame AA89 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16cefc66e4b66398b053621360757a2dec44703fb4aa18d9a867cb91558fe73a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 13E0 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 11:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 11225
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Fri, 08 Apr 2022 11:01:22 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame FF1F 7 KB
3 KB 32ms
10ms Script
application/javascript 2a02:26f0:10c:488::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=21544354&cmp=25428490&sid=4115836&plc=298689888&num=&adid=&advid=10679125&adsrv=1&btreg=491565386&btadsrv=doubleclick&crt=148400532&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:488::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 554bc1440e7f58e518aae4facf8b6d5f34af6695c3a8d03c12003d1eb973989b

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 14:08:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Mar 2021 17:07:15 GMT
Server: Microsoft-IIS/10.0
ETag: "80e34b4c5026d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3005

GET
H3-Q050 200 index.html Show response
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/ Frame 5DB9 7 KB
3 KB 33ms
20ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eacac66c85d3b4af5518fcd0d3f943f692bedad76520f826d7abeaee198bbfb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /10679125/1616794527802/FSLY_RNC_300x250/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2251
date: Thu, 08 Apr 2021 08:11:36 GMT
expires: Fri, 09 Apr 2021 08:11:36 GMT
last-modified: Fri, 26 Mar 2021 21:35:27 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 21411
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame FF1F 0
74 B 49ms
49ms Other
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuT5xNnd10jrILGd3LXHdFGYnBsrGdEq4QDHoUO3G1sZULSvtJWVyvCVnYlBKV42TosYwxqTiadAaOzYroAQWtk71LfF2Td6hGtotPed5B75NIZq5XXXSMTv9agpiXTcg9NawVJnVhKzzmTj4goESAUmsakJx2JxLyuIgvnKtEc3Wvni5Kx13oUnjVG0U9a9exj0KmLcFYBad3Am2XgrsH2Btn_H93fo_x7UFWcTZ6OGMt3b7fyVi7AaBndDz9pPjR_ulVpvgJABgYdD5e9f9xAUo6mKNML_4_lC0bGgaBfC8sSAieD-tj2B35IbuXi0qty8BG9dKJ_KNOUOKRIA0YnFQc7LNjKYb-TiWyOxWsawwAKCpRpSLAv8tithZrxeYWykFCEOCU6zbOGbgbfTSbEnwf-g7caqcz3qYmStoqu2AKk8CIgRJsM8Mt8eAelpZXYIe5FFeLZ3bzRR013QiMPF83Jk6q8tlncHMdsWfqLI-Cp_7bhSkPg0HIo51QfVJxtcaXggDpgqPSZtw6ThBXWVZ9YBy0E34pZmL4LUWEr7YpJVVMtBTrMEaEs9yxGY42vf4TCNZg8YQ7EeV6ECa2jSAg2ncZPXTAAIjZMzKCCu6bkOsyA_GAdsZ1GGHg7lUI6X1STWqOOZm3xxGO0gu1-WwPpJ6nZmmlp9x0_zbhbLCPhsgtpG8mDcmvd351bsS3m7FXzUZHr-6FuA2FcIV1qWE7NXgwz1VoCkwzedd4_Pat399OdwVoTGyPPY2MPQSOlUcHax6jIx3V-F5hG-V4Zs7E865V6_PMHvDohavpHwInKEbz-tZhR8ugZswMi9WzTTQeZYV9b4Re_6q-2DAIez7rSLywx_Z9XCYamA8Y9Nz0BdXkUBFtDAO930JlnT8WayDMebKQDVoYPq_AhWvF4yyn-xrn1cPLskJp3hS_r8liBGJJ-sNcRPmZo8TKkr6edEZ2YzMSCAoEf5MDBy9l2ZRkULJpm4PBWL2wSrG8VNCWBehKUCoyWzgrX-ez6py7JhskBlNKkJmA8RQUa9yGIMuNrZbxGZuAS8eukDc2ptt3fjh-K64OUf4vcWgdGTf8qTZoFhaorPKziycC-JVgIua3yT2bAY3Z_HQUkyu2Zup-R9FBeSd6TkW4WatuwABM5DhR5dpwshPJOFY0cLfOdz9qg9CYZbawD4nMb6crEI7nwkFjzUCIZG1kxZbgt5u3Sxf6bKDaK_itlZQ&sai=AMfl-YQSvRvEa1S2hLygoqgTpBefN8qBdMMfDDKu_mm4mWSe_0AcViPrygSTlwRZk6-9sb2XlPkjAMFVNr5bL018KoSyIY9frFPPm0plhgfW8ftMaEs1U6JingSVNO90veY2a5kThQyAapuuv2MGtNhKO8Wa6bfzfkTd0yFqGTubpiPr8SWtfmNL41Swd2s7ljmVPw5tVW9v3Go1VSNUCRwcrDkeK-y8iRS2G6b0M6eL5g&sig=Cg0ArKJSzIo0XnSYCaG4EAE&urlfix=1&omid=0&rm=1&ctpt=130&cbvp=1&cstd=126&cisv=r20210406.61555&adurl=

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 08 Apr 2021 14:08:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FF1F 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 11:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11163
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 11:02:24 GMT

GET
DATA 200
OK truncated
/ Frame FF1F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eaedcb37e5cc6daa0b4a2e7d1e39ed25c26dbc6efeb689dd119598ece85d856

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C62A 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 05 Apr 2021 17:24:05 GMT
expires: Tue, 05 Apr 2022 17:24:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 247462
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dv-measurements1165.js Show response
cdn.doubleverify.com/ Frame 782D 476 KB
86 KB 10ms
10ms Script
application/javascript 2a02:26f0:10c:488::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1165.js
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:488::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7e739cb08237c433c5fc87622578034ce4d4b9233f7cef03d0c9183d3295e9ca

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 14:08:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Mar 2021 12:00:54 GMT
Server: Microsoft-IIS/10.0
ETag: "01ff4555c25d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946083600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87677

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9EDB 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 11:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 11225
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Fri, 08 Apr 2022 11:01:22 GMT

GET
H3-Q050 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5DB9 186 KB
48 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Apr 2021 14:08:27 GMT

GET
H2 200 createjs-2015.11.26.min.js Show response
code.createjs.com/ Frame 5DB9 186 KB
48 KB 47ms
15ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/createjs-2015.11.26.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:27 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Thu, 08 Apr 2021 14:23:27 GMT

GET
H3-Q050 200 FSLY_RNC_300x250.js Show response
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/ Frame 5DB9 89 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/FSLY_RNC_300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0870c570b17dac85ab0e4dffb6d92c33718a8781ed818f0dd56b670857e7deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 20:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64307
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18194
x-xss-protection: 0
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 08 Apr 2021 20:16:40 GMT

GET
H/1.1 200
OK t2tv7.html Show response
cdn.doubleverify.com/ Frame E5E1 12 KB
4 KB 10ms
9ms Document
text/html 2a02:26f0:10c:488::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/t2tv7.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:488::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991

Request headers

Host: cdn.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/

Response headers

Cache-Control: max-age=946080000
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges: bytes
ETag: "0ba3b8f4cdcf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3880
Date: Thu, 08 Apr 2021 14:08:27 GMT
Connection: keep-alive

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 782D 1 KB
1 KB 69ms
26ms Script
text/javascript 213.254.244.24
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&bridua=3&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%3A7E95%40%3E2%3A%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D7%3A7E95%40%3E2%3A%3F%5D4%40%3ETar9EEADTbpTauTauga2f%60ef%60dgedh76fbae5b7g%602ga6bhh2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=779&ddur=33&uid=1617890907909251&jsCallback=dvCallback_1617890907909819&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1165&tgjsver=1165&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=13&brh=2&dvp_epl=245&noc=16&ctx=21544354&cmp=25428490&sid=4115836&plc=298689888&crt=148400532&btreg=491565386&btadsrv=doubleclick&adsrv=1&advid=10679125&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=382512218316.4304&dvp_tukv=3211052.602014027&dvp_uuid=85590074.08637364&dvp_strhd=0.8399970829486847&dvpx_strhd=0.8399970829486847&dvp_tuid=331259782265&dvp_vcms=59&dvp_slmsd=71&dvp_vcmsd=130
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.24 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ded666915f4a7eb4dcbf4cf62d1adf051481327547d299a3b0610ce85e91382e

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:27 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 4/7/2021 2:08:27 PM

GET
H3-Q050 200 FAST2008_Sec_RunInCircles_300x250Ad5.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 29 KB
29 KB 18ms
7ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/FAST2008_Sec_RunInCircles_300x250Ad5.jpg?1615848915348

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

661d288c3a8a3e64f2d7aba5765e83fa4de4e79d807fd344397113d3dc1001a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29971
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame FF1F 0
50 B 55ms
54ms Other
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 14:08:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame C62A 14 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 11:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 11226
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Fri, 08 Apr 2022 11:01:22 GMT

GET
H3-Q050 200 Untitled1_0006_Layer42.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 4 KB
4 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0006_Layer42.jpg?1615848915348

Requested by

Host: 82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
URL: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e034735fbf5d3075f8130860691c61cc1ae53f9a702220bad95f149fa428d15d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4357
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H3-Q050 200 Untitled1_0007_Layer41.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 4 KB
4 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0007_Layer41.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4b8b3bd5ab2b1a8f609da5dbeb91d05cb279c90e61b19533cdbeeccb058f885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:27 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4356
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H3-Q050 200 Untitled1_0008_Layer40.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 4 KB
4 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0008_Layer40.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f24daa7872107f18c9082f7458884526fa50cd12db1f4a6185457875aa027414

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4440
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H3-Q050 200 Untitled1_0009_Layer39.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 4 KB
5 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0009_Layer39.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1b36e94578435c57e05e2126799f2d9d381a549b264283be24bd1d8c9645709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4591
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H3-Q050 200 Untitled1_0010_Layer38.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 5 KB
5 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0010_Layer38.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76ccafa82b5368284e89c7d9a083e9dc2c84c1f64559c3cce67b1eda5a134c3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4962
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H3-Q050 200 Untitled1_0011_Layer37.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 5 KB
5 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0011_Layer37.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d808c9e186064c6d5a802bb5313e2604ca06c841a48fbf85b13e18aeadb292d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5086
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H3-Q050 200 Untitled1_0012_Layer36.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 5 KB
5 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0012_Layer36.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da15ff6ce93738bfd89cd30fe185fdc10b7da66f85a58352a7c2df37c944f590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:27 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5245
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E9F8 42 B
176 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6XminbxdEAMsX-y22by8faAdrkqwkb0pJvb1qO3rhZZTN-50SQfxkzk1FLeTmsfT98KOpNbZDEQx7Mlr2FMmVysH_3vpv32lUbs6GR9fEBA9U-kngNttH17JU6w&sai=AMfl-YQazK1MsNQrTjKK_L1M1mWByx6NffUInHHti0wxRRxzBz6XqBwRDLvcbgmygUkU_fwx0Ad_EiBooTYpH7vvjWDdK2tUshuLq0CAJOl1fo5W1zIJbhXzK2Q-5-7j7w6w&sig=Cg0ArKJSzH8MvgUdCxRYEAE&cid=CAASPeRoV0Kqg2OJW09Upjf0RfZfZmN4vl4RAWHpylda-aSyn0sZX9yEgCq132gsj_MeP2M-c04dZEpRd_1OyZk&id=ampim&o=315,97&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1062&mtos=0,0,1062,1062,1062&tos=0,0,1062,0,0&tfs=256&tls=1318&g=100&h=100&tt=1318&r=v&avms=ampa&adk=3838101118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 17ms
16ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=754276220&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.fifthdomain.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Fifth%20Domain%3A%20Cyber&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ads&ea=visible&el=114235265%2FFifthDomain%2Fhome%2Fleaderboard%40970x90&ev=0&_u=aGnAAEADQAAAAG~&jid=1257146154&gjid=1635790160&cid=446842817.1617890905&tid=UA-83055206-1&_gid=265893054.1617890908&_r=1&gtm=2wg3v0W4XB555&z=1029140591

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fifthdomain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a72a28af0f0361d7e6c99914ed0344bfc78cca10.js Show response
my.hellobar.com/ 21 KB
5 KB 268ms
234ms Script
text/javascript 2606:4700:10::6816:e17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/a72a28af0f0361d7e6c99914ed0344bfc78cca10.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4XB555
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e8f6bdff2c6ec356f53d3aab135571bbb5c03c868c4e97dda4b7e47830609f1

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 07 Apr 2021 23:21:19 GMT
server: cloudflare
x-amz-request-id: GEJR17ATYQ0N1YNC
etag: W/"36e3685ee285a1057b721a6e74a79c02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: 3lOmEewTAe53x/cQNI5UuDlSd2WZ6PgUGVqt8xXlLcoFu5e65/5r+uL03zVePVMScb6OmFfAHeA=
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 63cc11624f3197a8-FRA
cf-request-id: 0953693171000097a8eb8ed000000001
cf-bgj: minify

GET
H2 200 Untitled1_0013_Layer35.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 5 KB
5 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0013_Layer35.jpg?1615848915348

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5fafce8447e12c90c21260adaec79619685b1c35d37c5288bccd6d1c8ee02e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5294
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-83055206-1&cid=446842817.1617890905&jid=1257146154&gjid=1635790160&_gid=265893054.1617890908&_u=aGnAAEADQAAAAG~&z=1467017720

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Apr 2021 14:08:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.fifthdomain.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
48 B 51ms
39ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040101&jk=919650656752053&bg=!vr2lvfnNAAY56aLOOek7ACkAdvg8WmcD8HaMO-A_6XAt2TMvu-OYB5s9JaHnjGco48k4Q26zaj1s3wIAAAH5UgAAAHRoAQcKAKNu7Hl8FGjzXIpDDk-P6H5GrM-MxBR1CW0tVldxlvru5qlH4f5Jd6hjxGJGwxf0OwpyFUDWb6LxYwmp7XA9impvVZKrVTGGIQTweV7lY1lMZDvxx0LiBUPGNAJRPLVeFdDijRyRHhzicuXMI7A4YOWjVXBbSqISWV2QdwJ7WSSBGyR-kRGn2JVn5sLPgLtf9-F0MtYx5kXYfGigrOW0O9RD3CXomQHP4FgTQebGXhU1uaw_9Hc3vRYuRDeLTkU9yxnferdQY-zJx7jear4DiQHz7agEFD4T9ER9p9FQQKZgr_nR44vzlWqzk17TxwjyTUnmRfcnLmSQ5kgRrhfoZh6Kj3323zQv7gFjunIUaNuGvy1zSxkhAVB3vo_B9IbHJZkb_0ofQPqNuzxVIosrVTbGb2xdHwVIddLgwHwbY0F94KPqeART8iR-ujnfWQFD1NRuGPkV3WjuJqyfDItgm0ugnjUP_fEIRJm2CTqlMDXhdgjtDceWuyG-yGxekR9i6es3Wt-YBSq-RCxSYgtxfjIOg_aGUbvmuWz2v58xHzYGWxJ1QYgQsXugZNKaQ4zwj7DTW8yT-vz2VmB6_C_gc2AiN1CGAGkPU_kNlSseR1rNTOcF_4zSL4ynpM8ZXEddUdm5HhMiFZLkB2LTNt2jCK-G8VamR9Lb8kJakmZHlTxEC5AgyxStFNsC4TeXKypD3XqjPGwHwKJIFgXhNuGWoqZR_zBhYX6LOQsXV6eny2PTkDvEAjCMBLQkGzpNm0ySLXxAW5XbIsrJlrfw7f-R4oLIj-YpXdwQ58-yHUL7TYjWXuc3XO2rW7GjT0s7vLE2t-BU3kpGCQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 Untitled1_0014_Layer34.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 5 KB
5 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0014_Layer34.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2db3dfe8902697b7b9453d8cc5c8cb6644fba1773b8c0ca920100d99136fd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5221
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EDB 0
23 B 42ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZ2UgWQ5vYN_TKsmHx_AP2vKc-AcAAAAAOAHgBAI&bg=!ubqluv7NAAY56aLOOek7ACkAdvg8WrFvanwO_-ATkaWQXohhd_pwcV55oPF8vCHsd-LB5ek8x4myvAIAAAIAUgAAAENoAQeZAnLN5Q0z_f8how-jmGtITkRKxhzTODopWjnk6cdcEUeDun3-awYHagnyHwlAaE8YH8DXuM4sf7dQdnaeAq1xmk5svGyhbkm9Ygpq2aVWc8w7wgFz0BGFqMrQZMXMHK-rRQLc4M8L5Yf3PzIEgF2Ki_wFwhaaxKuHTCoBQDIVSnYjc48_YZflBoMsVXHEZOVK8EFyi3HKmVB4_64aRPDG_ACGlVYdlwGYl3S9_b6U_h9L0DDds0qa5I9yEh_DAY35XWrZQIBuwLuLoN5gpuwkuCtrFYp60NLDdVRaniZnEhQiTO9-ngs3R0Bt_HvufBSSfbmhI8zIeayqloYBnnD-foRWgXzfHZJ5KVQRsCloFHBeoGv566DiuYcg878A4BK_GYd_IfeRy4m_bExrnh68_dZ32VkJN2shylhWqKexL_bWGzOtPvBFVGsF4vAkrK1MfnXtNuBMB4EU5EzU_M0NKvcOBr7CnZ769g0IeE34m6dhZmxtRWMyM2ZIYZy5SC4yC65bsF8e0bi-9wnP5LfgKLjZdY4YOGCudSuntoq2GdiL0Xnp1UaWEmYl5vAHBllcsNOytPs000qYyYiyxn_fq3OUjoBLIq4W66ejR1u1RXEhToaZba8BCLL6UrNF3ZTG84tyImUQAprA-U_w7sMkfjMrYG9-62tmKfh6s7ZcMLDKBsWzfYQ_7caXWF8dVOHiiJ7s6Hp1s1AnVxnpbps8ofSXCa5sWAHTdSRWgPdcWuUUewMimoyyE-yM5ZF9AMnBkULB-rTu1knCB15ZWhuj38WprJ79593AmJIH7LfthHCXiSKOu4ffVOb1Lud7Ze9sl2xbhg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 Untitled1_0015_Layer33.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 5 KB
5 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0015_Layer33.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc425e455cf5b98379902f811c1c918f35d79702fd7e6194c357123f31286ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:27 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5095
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H3-Q050 200 Untitled1_0016_Layer32.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 5 KB
5 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0016_Layer32.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da782c8baa06e2832e33b3f299a3270c2e5229539e6ce7855a0f9607e6a5048c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4946
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H3-Q050 200 Untitled1_0017_Layer31.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 5 KB
5 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0017_Layer31.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

800689d6be5129f5d674a90e47e7bf6f919cfd7fe78c1f8f4d0f166212992524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:27 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5133
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H3-Q050 200 Untitled1_0018_Layer30.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 5 KB
5 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0018_Layer30.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39d513704eaf9e42ca8ca17fcb4ecae6456d0cdbd6d8785b73216e20767a79e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5149
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H3-Q050 200 Untitled1_0019_Layer29.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 5 KB
5 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0019_Layer29.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db3b70aa413f42f423499dabca829cf99ccd49ad1bdb238b8caa9f49389d2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5049
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C62A 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJ5c6Ww5vYM_sGqem3gPXy7SABgAAAAA4AeAEAg&bg=!goGlgcXNAAY56aLOOek7ACkAdvg8Wv9uoz825creaBqrE4DgpkFJxK7NUCvmuuNS7b2FTuQvamwn-wIAAAHpUgAAABFoAQcKAPq9H_pVyoX0IbOxQk-cLdOoJUJJEZkGRBGXBRymoZxom4nbcvPO50-3jZ6qBW-Qs7PEfMfTErWqybt7hJDgZKAT9aEAu2j58L5JkKbcU1u7wKU1j82BN5EtnyiKJCOfBYMO4V0PD4hePsy8N1tGdrOD4SBXDrH7r1UF7BbwkGofmho3r9Xq4fnmzjka1Ne0P3XZHjF8XUmW13ZKUDulY9301RG7LgxEu29amqDeGrIFIdEAv1Fxd12V3tdOlmyM3SvEO1QVM5k90irD6r5pJgrTjcVZoqqGPx8yHSNztKvK4GYoA81-OAmJ0qpt9j8dp_goZh2RXXxOHuB6mQJ_-dR5JQckHKI9-J9mzytfAVgLfKpfDWgIZ0Nd0upuQKm2wihw1WDgdhNBuGfKWo59b5CWI28xVs3UtFCu9Il4HhlaYJ7vG1j22InOZARPtQ5EJa0JGr_IBS--xIUbpfcz5AM0gOGvDkljHHPcuZgUFQtyACXp5lbliJwTcbyv2HxEOGna70ljMpC_QSFz8ggO_AAuOeP1cfvq0ypWdzySs-_cH4FzI2YkiXm7qiTFapmJpHf1Ur4TULwDjlS6yA7ZyUc-4ZhXKQ3x6Ucbn9rVBZjMVsde7p4DIpMEBDJxC6XXxt3dEE2EGouk79Ng3RmThqnOu5E0PSe8XQGReO0URRjZIxExjAbPkXDh8MXd00CDvtp2k3pEfI1BOC2CTY7J3rqiV0bGBP78Msvy93afYjBgEHgS0_Qmf7MsNpEmJkNORQU4Ou-9YB87Zfd-i5lKCVR286KXS4iiXqS6o6XAGMFjH2mH5rkPaNQO0dFoQwiwGluH50CLUvu7NvABe0VHhlYxsJiMLpy_9B0Pbp_xFMc3aIX_77DZqW-SJDlWT8pi8bjruI_TV2vc1j-BVPJ-sKM-itaMfytcFGrOJYohAPXX550kY5Je4BOKVvndg1h2Iqpc7Q11JpiQM54Ccs6-xvPhYIc8yFv0qH0QwaBHNMnPcEtRnNhX6kyGnIy53x5r4CRH4Yi_fOzl7ldDMDlsnCDonJ6Zml5QuDIPI6SlldmcoQ7jOncaG0bQv45E4pTvLUejN9KJa9vzk7-4kSpzFC1hp3LmIBuQUO5nZG_ZuayIHwbbjFZjwGOJh6Fc14E-K9G21os5pyer7xXWPWNibFGlO4vxAWdWXR6z2FId

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7DA8 281 B
554 B 68ms
20ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: d1voyiv1eh2vzr.cloudfront.net
URL: https://d1voyiv1eh2vzr.cloudfront.net/prebid/prebid.js?v=3.3.10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.fifthdomain.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.fifthdomain.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Apr 2021 14:08:28 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 79A1 995 B
875 B 77ms
28ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: d1voyiv1eh2vzr.cloudfront.net
URL: https://d1voyiv1eh2vzr.cloudfront.net/prebid/prebid.js?v=3.3.10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.fifthdomain.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.fifthdomain.com/

Response headers

Server: nginx/1.13.10
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Fri, 08 Apr 2022 14:08:28 GMT
Date: Thu, 08 Apr 2021 14:08:28 GMT
Connection: keep-alive

GET
H3-Q050 200 Untitled1_0020_Layer28.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 5 KB
5 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0020_Layer28.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

009e93df0797f059b7538ce71cb91077512dfee07a41f0a0f5c8f1b9419d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42911
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4885
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:17 GMT

GET
H3-Q050 200 Untitled1_0021_Layer27.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 5 KB
5 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0021_Layer27.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d1b4578c0db40f374af00c37d359c08d9632e1cd9e6b0c0eb0783866f793667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42910
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4713
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:18 GMT

GET
H3-Q050 200 Untitled1_0022_Layer26.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 4 KB
4 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0022_Layer26.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ba286a523a20b96d518707895d2588da74f3840f6712b7ba24d7dbdcab5e7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:27 GMT
server: sffe
age: 42910
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4493
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:18 GMT

GET
H3-Q050 200 Untitled1_0023_Layer25.jpg
s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/ Frame 5DB9 4 KB
4 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/images/Untitled1_0023_Layer25.jpg?1615848915348

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dd02a6261a31b6d33658bbec5bf7881c518152921e9c505a0b8056fc9e5fa61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/10679125/1616794527802/FSLY_RNC_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:13:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Mar 2021 21:35:28 GMT
server: sffe
age: 42910
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4512
x-xss-protection: 0
expires: Fri, 09 Apr 2021 02:13:18 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7DA8 31 KB
10 KB 19ms
19ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 14:08:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Mar 2021 23:26:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=40698
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9418
Expires: Fri, 09 Apr 2021 01:26:46 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 79A1
Redirect Chain

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

0
817 B

22ms
22ms

Script
text/html

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:29 GMT
X-Proxy-Origin: 89.249.64.220; 89.249.64.220; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.181:80
AN-X-Request-Uuid: 0e56cdb6-9506-408f-b3cd-cecb3616a110
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:28 GMT
X-Proxy-Origin: 89.249.64.220; 89.249.64.220; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.240:80
AN-X-Request-Uuid: 55d6cb6d-4f39-47d2-b8b6-ec73ce345b53
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 modules-v67.js Show response
my.hellobar.com/ 144 KB
38 KB 26ms
25ms Script
text/javascript 2606:4700:10::6816:e17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules-v67.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/a72a28af0f0361d7e6c99914ed0344bfc78cca10.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:e17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fe35d1cb453616e09e72d309d4c8bb9ab2e2f3861c516402d8901de1c54bffc

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 511171
x-amz-request-id: P1N8MZH4BBRFPC6E
x-amz-id-2: OUKbemkshEnvKXLxlsClsREc7bFQNTGWXxv4/oe9qFmtGLjLA4Sp/ZqEg3hbvJkjAw0/x65ytL4=
last-modified: Fri, 02 Apr 2021 15:59:10 GMT
server: cloudflare
etag: W/"b05f53d2d9d066301341c485918acb5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31557600, must-revalidate, proxy-revalidate, s-maxage=31557600
cf-request-id: 0953693259000097a824216000000001
cf-ray: 63cc1163c80b97a8-FRA
cf-bgj: minify

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FF1F 42 B
479 B 70ms
55ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssieNM7MxnG7Bh1uPWKocxVpRQwg1_TUA-RRjUoMdxQ0cvLUCM6-7X9sFJrJhB2-8omiXzXU4WoiRQvKt2-1h-MEwRiG3DXMDXdUfDq5-4xaGROTONUQiyDdEXyCg&sai=AMfl-YQBJgTlJB1HcvgxbZhOT6snvkAl2u0BSD0Ki_tSCjPExaKkC4zyQHOXj9z9FdAnbKGC4epGYS0qfZQ9F_UVHmsDGaOFrtzKRidN8Ueo9cLxPJZHlQZXmeFyllVNI2Tg&sig=Cg0ArKJSzHYJ0xO7SKZ5EAE&cid=CAASPeRoWMsqeaKycF7g7gr0DdfpnYJjFEbWmHrr70zUMYhkLqIbuaf2VwymxXtFmvFdCrK3gHJ32t6-suOpXB4&id=osdim&mcvt=1001&p=326,1076,576,1376&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210407&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3703431340&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617890906912&dlt=88&rpt=853&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 7DA8 284 B
536 B 124ms
50ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/jpg

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=754276220&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.fifthdomain.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Fifth%20Domain%3A%20Cyber&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ads&ea=visible&el=114235265%2FFifthDomain%2Fhome%2Frectangle%40300x250-1&ev=0&_u=aGnAAEADQAAAAG~&jid=&gjid=&cid=446842817.1617890905&tid=UA-83055206-1&_gid=265893054.1617890908&gtm=2wg3v0W4XB555&z=247086685

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43526
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 powaBoot.js Show response
dv90bhm02uda6.cloudfront.net/prod/ 37 KB
13 KB 45ms
18ms Script
application/javascript 2600:9000:2182:6e00:15:a460:2f80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dv90bhm02uda6.cloudfront.net/prod/powaBoot.js
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/pb/gr/c/default/r0TtU0djSfaS5s/load_immediately/5a71f9f4c6.js?v=94
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:6e00:15:a460:2f80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ceb908b50f9202e5fd5f6950d8ffeb6da3814a2bc241457d70f97b487b74e00

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:05:56 GMT
content-encoding: gzip
last-modified: Wed, 07 Apr 2021 17:49:46 GMT
server: AmazonS3
age: 154
etag: W/"28fc7ca186deefc23477d4f3d7ef683b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: kJetRJQsFeTa0Qzh4CHBMVapCKQiXzjTUvx8bp8CduIa_UZe-8WDCw==

GET
H2 200 mco.js Show response
dv90bhm02uda6.cloudfront.net/prod/org/ 73 KB
21 KB 16ms
16ms Script
application/javascript 2600:9000:2182:6e00:15:a460:2f80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dv90bhm02uda6.cloudfront.net/prod/org/mco.js?org=mco
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/prod/powaBoot.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:6e00:15:a460:2f80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40fdf10cae1bfceea71ecc8a3ed9faf60fc6a61b826e019fc7f51e3e25088c96

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:06:08 GMT
content-encoding: gzip
last-modified: Wed, 07 Apr 2021 17:49:47 GMT
server: AmazonS3
age: 142
etag: W/"68a0f05851f1fb446832872d7f83c758"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: aLZqkBGbHDR2C2V-MTodsP88vbEF5gJ1BgxxmtNnJELZGNhBapWB3g==

GET
H2 200 powaDrive.js Show response
dv90bhm02uda6.cloudfront.net/prod/ 271 KB
69 KB 17ms
17ms Script
application/javascript 2600:9000:2182:6e00:15:a460:2f80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dv90bhm02uda6.cloudfront.net/prod/powaDrive.js?org=mco
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/prod/powaBoot.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:6e00:15:a460:2f80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ead4744e920d589fb562c45ace8476fa885d4976d6a26d0d6b7bef7918a3e18e

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:05:57 GMT
content-encoding: gzip
last-modified: Wed, 07 Apr 2021 17:49:46 GMT
server: AmazonS3
age: 153
etag: W/"48390420880321467d1432769ffaa9df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: kOk_Q0huL-902-8FmfMhqTj_H8Wh4MXsdhzdUiHydSdpBnguw6z2mg==

GET
H2 200 findByUuid Show response
video-api-cdn.mco.arcpublishing.com/api/v1/ansvideos/ 9 KB
10 KB 473ms
416ms Script
application/javascript 13.225.87.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video-api-cdn.mco.arcpublishing.com/api/v1/ansvideos/findByUuid?uuid=65d74254-0407-4e2c-8f45-011a7bab51a1&cb=powaCallback65d7425404074e2c8f45011a7bab51a1
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/prod/org/mco.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3375183262b676534fa4de959d390110924a78d2bfbeffd8038460018419f9ef

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:29 GMT
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
last-modified: Mon, 08 Feb 2021 15:09:36 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
x-org-rate-limit: 1200
content-length: 9658
x-org-rate-limit-interval: 5 minutes
x-org-rate-limit-remaining: 1199
x-amz-cf-id: BNH46uaZudJPKGTnUw3ArUG9xn1KfF-z3ILYJq69a1g0K90rprHNVA==

GET
H2 206 tiny.mp4
dv90bhm02uda6.cloudfront.net/asset/ 1 KB
2 KB 433ms
432ms Media
video/mp4 2600:9000:2182:6e00:15:a460:2f80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dv90bhm02uda6.cloudfront.net/asset/tiny.mp4?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:6e00:15:a460:2f80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: https://www.fifthdomain.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 08 Apr 2021 14:08:31 GMT
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jul 2018 15:29:14 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "ee4e90be549c5614ac6282a5b80a506b"
x-cache: RefreshHit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-1492/1493
cache-control: max-age=604800
accept-ranges: bytes
Content-Length: 1493
x-amz-cf-id: y59MixqKZOPuc8L2hQ9gsETUfp0G6LPrxlRrP7o0OmSq81uYwfaW2A==

POST
H/1.1 200
OK event.png
tps20226.doubleverify.com/ Frame 782D 67 B
491 B 66ms
22ms Other
image/png 213.254.244.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20226.doubleverify.com/event.png?impid=c4c92a48d4e940fd8ab79d99e1810697&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=70&eoid=5&msrjs=1165&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1617890910071124
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:29 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 4/7/2021 2:08:30 PM

GET
H2 200 t_307937c7264b49abafdcc7f23f20f102_name_Screen_Shot_2021_02_05_at_1_53_31_PM.png
www.armytimes.com/resizer/4unXf6ZIQTePmUpkLeZhuKextAo=/624x349/filters:quality(80)/arc-goldfish-mco-thumbnails.s3.amazonaws.com/02-05-2021/ 54 KB
54 KB 338ms
338ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.armytimes.com/resizer/4unXf6ZIQTePmUpkLeZhuKextAo=/624x349/filters:quality(80)/arc-goldfish-mco-thumbnails.s3.amazonaws.com/02-05-2021/t_307937c7264b49abafdcc7f23f20f102_name_Screen_Shot_2021_02_05_at_1_53_31_PM.png
Requested by: Host: www.fifthdomain.com
URL: https://www.fifthdomain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Server /
Resource Hash: 3cff159dded47d5ccbb5055ab039aa0d9e0875cbae4271020038aa9cf8f66301

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:30 GMT
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "c49849ae8c7a01e15925897e1a04b894b8fd2023"
content-type: image/jpeg
cache-control: private, max-age=26438399
server-timing: cdn-cache; desc=MISS, edge; dur=-1167, origin; dur=1494
content-length: 55185
expires: Tue, 08 Feb 2022 14:08:29 GMT

GET
H2 200 hls.min.js Show response
dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/ 233 KB
71 KB 23ms
22ms Script
application/javascript 2600:9000:2182:6e00:15:a460:2f80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/prod/powaDrive.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:6e00:15:a460:2f80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d73268c706a2ca22a13a545d39aba12557112cdc90fc14db69c4b28d487e552e

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:30 GMT
content-encoding: gzip
last-modified: Fri, 24 Jul 2020 14:02:42 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: W/"8160976fb63964ec8b320b36b2f355fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000,immutable
x-amz-cf-id: 09yQaytTKaqFNsFfIQQccEkom5aiF7uhXTsnTjEh40R0XCUucCNOKA==
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)

GET
H2 200 601d961fc9e77c000805465d_t_1612551714339_master.m3u8 Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 544 B
1 KB 490ms
446ms XHR
application/x-mpegurl 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_t_1612551714339_master.m3u8
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 090ed4fa4b51bdd7a9321586d966a5be2f96069ff2cf7020431b6c44cd7b7c47

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:31 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: RefreshHit from cloudfront
content-length: 544
last-modified: Fri, 05 Feb 2021 19:05:28 GMT
server: AmazonS3
etag: "9e2f3647db41f47c6f5e157ec85ce6c4"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: CuauOI2ERGYMyRzaYZL_OypCBi9bNoDpMI7w7yLZtNFD7waIRjboqQ==

GET
H2 200 cloudfrontVideoTracker.png
d1d3jupgwm7m5r.cloudfront.net/prod/ 95 B
417 B 44ms
12ms Image
image/png 2600:9000:21f3:9600:1b:7b40:7bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1d3jupgwm7m5r.cloudfront.net/prod/cloudfrontVideoTracker.png?org=mco&event=start&uuid=65d74254-0407-4e2c-8f45-011a7bab51a1&timestamp=1617890910379
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9600:1b:7b40:7bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 19:21:29 GMT
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
last-modified: Mon, 06 Aug 2018 14:48:43 GMT
server: AmazonS3
age: 67621
etag: "60cf42b4d05caf10cf8bb15c0817a7b4"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 95
x-amz-cf-id: I8TaZ857V92vtnukbegb5fF9tlqXQmuJWkvzG-qjcGQKiLPoJk5PCA==

GET
H2 200 601d961fc9e77c000805465d_1466506170518-xk30nm_t_1612551714234_640_360_300.m3u8 Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 8 KB
8 KB 445ms
444ms XHR
application/x-mpegurl 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466506170518-xk30nm_t_1612551714234_640_360_300.m3u8
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d0c03f4a63ff88a3f237369a9fc346d246b74e4cd5cf44d137c440b7b598b5a

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:32 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: RefreshHit from cloudfront
content-length: 7811
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "d5b5e9e703c32d77c472ac2aa2980b24"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: okHZ6p2oZiucYK2LzMa1EAHt5sxfxhkKEnV_iMR8ptbAKhwwLPlUnw==

POST
H/1.1 200
OK event.png
tps20226.doubleverify.com/ Frame 782D 67 B
491 B 21ms
21ms Other
image/png 213.254.244.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20226.doubleverify.com/event.png?impid=c4c92a48d4e940fd8ab79d99e1810697&gdpr=&gdpr_consent=&msrcanlm=904&msrcannum=3&eoid=7&ismms=75&isumms=74&isvelg=1&nvr=6&isbxdms=2274&b0=100&b11=2279&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2379&sftb=2379&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1075&isuiabvms=1075&ispmxpms=1075&engalms=72&dvp_dpr=1&cbust=1617890911070605
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1165.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 14:08:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 4/7/2021 2:08:31 PM

GET
H2 200 601d961fc9e77c000805465d_1466506170518-xk30nm_t_1612551714234_640_360_30000000.ts Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 364 KB
365 KB 459ms
459ms XHR
video/mp2t 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466506170518-xk30nm_t_1612551714234_640_360_30000000.ts
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a338d9c8181e86242905f382788fe53d87b5bbaee3ad04e388dbba5757431ea

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:32 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 372804
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "3d2e96ba07469f98b27c51a41b21c805"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/MP2T
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: CDKfuOQfz4BX76aMHoStvJE4YbTHFLFjWI6l60qgUSw6YsUl7UhCgA==

GET
BLOB 200
OK 13efbaee-6b50-4bb5-bfce-e6029e9b0850
https://www.fifthdomain.com/ 60 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fifthdomain.com/13efbaee-6b50-4bb5-bfce-e6029e9b0850
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 999dc8a7259baa73e23bb0cecc33f50e9b2c7508bd9f2235176836f9f3b936eb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 61751
Content-Type: text/javascript

GET
H2 200 601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_600.m3u8 Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 8 KB
8 KB 445ms
444ms XHR
application/x-mpegurl 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_600.m3u8
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cb89356811727630737c88405d32189ab68caaeabb94730b3d719af1f879425

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:33 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: RefreshHit from cloudfront
content-length: 7811
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "06a5a9c3e138e6e2f5f9178229a96622"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: 8dlDT9O7eF5xlzyoWGNmiyRM6Yxn_mCznrBgG_BY7GkRAh0BKf0EHw==

GET
H2 200 601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000001.ts Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 424 KB
426 KB 442ms
442ms XHR
video/mp2t 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000001.ts
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08daa7400755b2714921412df53670cf182634e591b39d981ab2efc4ef7b7611

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:33 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 434280
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "077b2780e98dc0bd69ab23927ac03425"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/MP2T
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: SmG7iSbr9Kx2VRtbk8_60vXY8M1ljN71AkjMrCziWEtl6BJ-vW9y2w==

GET
H2 200 601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000002.ts Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 785 KB
787 KB 487ms
487ms XHR
video/mp2t 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000002.ts
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0e3d1321df948162e102a2d4d89ad787d9448dedb02996f7b51544d2ccd3f21

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:34 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 804076
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "4a7e780699dd582fc7cda1aac63670c0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/MP2T
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: nHiIlJs9ObDkS6LfAJZFlpz_aOePJEFX2ySO54YrqoDoKRoZpJkmIA==

GET
H2 200 601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000003.ts Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 541 KB
542 KB 581ms
581ms XHR
video/mp2t 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000003.ts
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2feec21764fec281716f9437847f9eb9d9585b548f880c61af11b889afa630f

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:35 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 553472
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "a1d6ae8b0613acd31cab276d1d1666da"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/MP2T
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: QlfnPsjV07CYqiGxW66tumdM-c5sPE3jqRN3ngsVwrim_kfODe9rrg==

GET
H2 200 601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000004.ts Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 462 KB
463 KB 505ms
505ms XHR
video/mp2t 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000004.ts
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60677f1ab10c33779afbc2b0d09203467ad34203ba3feab184e14050f003bebf

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:36 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 473008
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "887fb02b2a54b9fe05052b4bd2eabcb5"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/MP2T
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: xVwYVGinwBUl5_Zm0zBJ9JLTi8rwgoGmbL0CfMDZsZxsnRg7LVix_Q==

GET
H2 200 601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000005.ts Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 557 KB
559 KB 518ms
518ms XHR
video/mp2t 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000005.ts
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 096d9d6229046c44df6a77db85b9ed87341ee55d28edeb5f606140a0fe951661

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:37 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 570768
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "de0ccbc51ce518038a82e0c9f311ce30"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/MP2T
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: jq8U4eOqrrPf-aqz_cJ1gAPtHzVp13FKkWuyRjXErZtOmcNXBGGVzA==

GET
H2 200 601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000006.ts Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 680 KB
682 KB 590ms
589ms XHR
video/mp2t 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000006.ts
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 011d0f6f913e273fcb7495b16f2ac3de8b25ff81783fc1c90737a64b6def2c27

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:38 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 696728
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "a2cd292da3b9cf8552ff72db1c499793"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/MP2T
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: wGo_alGdrB-doWXr8_ADWQVt2MM1iQz1Qi8tm6fXCjRtrMlpRWrD5A==

GET
H2 200 601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000007.ts Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 743 KB
745 KB 504ms
503ms XHR
video/mp2t 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000007.ts
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8edf9cd544cf7f900671170da6965151e227058cf521c12b2d5917158834bcea

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:39 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 761024
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "5f0e9c20ed911b546778c6fbbb6c1dd0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/MP2T
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: OxOYjT1fLkaHLQwkiCVhvm4lKOCW32DrmlLGBRoA0sVa-6InDahaZQ==

GET
H2 200 dc_oe=ChMIj4bLpunu7wIVJ5N3Ch3XJQ1gEAAYACCU0-FGQhMIneTgpenu7wIVycMRCB1aOQd_;met=1;&timestamp=1617890918106;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame FF1F 42 B
498 B 69ms
46ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj4bLpunu7wIVJ5N3Ch3XJQ1gEAAYACCU0-FGQhMIneTgpenu7wIVycMRCB1aOQd_;met=1;&timestamp=1617890918106;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 14:08:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000008.ts Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 782 KB
784 KB 486ms
486ms XHR
video/mp2t 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000008.ts
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d64b457704e5fd8b4a30f58f7e2cd73d79a8b36df650c193b011c123dfbfba7e

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:39 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 801068
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "00fe085b3da84a8e1ffc85387916dbba"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/MP2T
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: wmKdd9mCUATNjYQ0piOzCPDkyP8t-wrkh8ZTBgZcsATVDXGRFLTyXA==

GET
H2 200 601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000009.ts Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 527 KB
528 KB 549ms
546ms XHR
video/mp2t 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000009.ts
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01bdd4e427768424924a6e4bf7ed7b63a2645bd03d0026941c26e0552a495f84

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:40 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 539372
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "866521ed32f960217408349313189374"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/MP2T
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: MFApX2dpn8qDfm0lrgIUk8GpMR9vJP_6JMKYfj_2SKW-FjINhH64Tw==

GET
H2 200 601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000010.ts Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 485 KB
487 KB 502ms
501ms XHR
video/mp2t 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000010.ts
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 550df7a3b1385ccb500bafa78b5133122b0fa82d3403f9fc41e839a105d66094

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:41 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 497072
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "d090ae40b9e2d41cf1ac931ff613620c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/MP2T
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: -IVlZirJPqnlm0SpAZ7wtCwbiRy1aEuWiA0kliPp-lopk5IvErKbBA==

GET
H2 200 601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000011.ts Show response
dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/ 553 KB
554 KB 545ms
545ms XHR
video/mp2t 2600:9000:2093:ea00:f:b302:fdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq0mmww6n9gqf.cloudfront.net/mco/20210205/601d961a46e0fb0001f73822/601d961fc9e77c000805465d_1466505706686-zdmtuq_t_1612551714234_640_360_60000011.ts
Requested by: Host: dv90bhm02uda6.cloudfront.net
URL: https://dv90bhm02uda6.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=mco
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2093:ea00:f:b302:fdc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 050c0e6b16736a256e9ae222a6f801c99547973ba0cea995d7417221ab388067

Request headers

Referer: https://www.fifthdomain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 14:08:42 GMT
via: 1.1 e59707d44008edece41c455fd2ab9045.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 565880
last-modified: Fri, 05 Feb 2021 19:02:54 GMT
server: AmazonS3
etag: "6318e64eb61ef7cf1c59f92d06c8dedf"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: video/MP2T
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-amz-cf-id: k6oLVuYDNv0pjPfzuh_u_OqN3LsQDGaPHsCMfctAB-b4iiUYptmVQQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/fonts/icomoon.woff?-35bf

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fifthdomain.com/	1970-01-20 10:56:02	Name: _ga Value: GA1.1.446842817.1617890905
.fifthdomain.com/	1970-01-20 02:54:14	Name: _parsely_visitor Value: {%22id%22:%22pid=54fef6871947b2ad1fc3b55dd17a1833%22%2C%22session_count%22:1%2C%22last_session_ts%22:1617890905029}
.fifthdomain.com/	1970-01-19 17:24:52	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.fifthdomain.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1617890905029%2C%22slts%22:0}
.fifthdomain.com/	1970-01-19 17:24:50	Name: _gat_UA-64771074-2 Value: 1
www.fifthdomain.com/	1970-01-19 17:26:17	Name: _gid Value: GA1.1.295898925.1617890905
.fifthdomain.com/	1970-01-19 17:34:55	Name: RT Value: "z=1&dm=fifthdomain.com&si=sx7ax6hk7mg&ss=kn8ygzek&sl=0&tt=0"
.fifthdomain.com/	1970-01-20 10:56:02	Name: _ga Value: GA1.2.446842817.1617890905
.fifthdomain.com/	1970-01-19 17:26:17	Name: _gid Value: GA1.2.295898925.1617890905
.fifthdomain.com/	1970-01-19 17:24:50	Name: _dc_gtm_UA-83055206-1 Value: 1

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://d1voyiv1eh2vzr.cloudfront.net/prebid/prebid.js?v=3.3.10(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	(Line 49) Message: LOAD ------------------------------------->
console-api	log	URL: https://d1voyiv1eh2vzr.cloudfront.net/utils/dfp_helper.js(Line 329) Message: starting ad initialization "%s" interactive 2021-04-08T14:08:25.270Z
console-api	log	URL: https://d1voyiv1eh2vzr.cloudfront.net/utils/dfp_helper.js(Line 142) Message: loading skin,970x90,300x250-1,300x250-2-house-ad,300x250-3,300x600 2021-04-08T14:08:25.272Z
console-api	log	URL: https://d1voyiv1eh2vzr.cloudfront.net/utils/dfp_helper.js(Line 120) Message: EVENT [object Object] [object Object] 2021-04-08T14:08:26.865Z
console-api	log	URL: https://d1voyiv1eh2vzr.cloudfront.net/utils/dfp_helper.js(Line 120) Message: EVENT [object Object] [object Object] 2021-04-08T14:08:26.909Z
console-api	log	URL: https://d1voyiv1eh2vzr.cloudfront.net/utils/dfp_helper.js(Line 120) Message: EVENT [object Object] [object Object] 2021-04-08T14:08:26.911Z
console-api	log	URL: https://d1voyiv1eh2vzr.cloudfront.net/utils/dfp_helper.js(Line 120) Message: EVENT [object Object] [object Object] 2021-04-08T14:08:26.983Z
console-api	log	URL: https://d1voyiv1eh2vzr.cloudfront.net/utils/dfp_helper.js(Line 120) Message: EVENT [object Object] [object Object] 2021-04-08T14:08:26.984Z
console-api	log	URL: https://d1voyiv1eh2vzr.cloudfront.net/utils/dfp_helper.js(Line 120) Message: EVENT [object Object] [object Object] 2021-04-08T14:08:26.988Z
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://www.fifthdomain.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://www.fifthdomain.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://www.fifthdomain.com/
console-api	log	URL: https://d1voyiv1eh2vzr.cloudfront.net/utils/dfp_helper.js(Line 120) Message: EVENT [object Object] [object Object] 2021-04-08T14:08:28.488Z
console-api	log	URL: https://d1voyiv1eh2vzr.cloudfront.net/utils/dfp_helper.js(Line 120) Message: EVENT [object Object] [object Object] 2021-04-08T14:08:28.855Z

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

686eb719.akstat.io
82a7167158659fe7326d3f81a82e399a.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
ak.sail-horizon.com
c.go-mpulse.net
capablecup.com
cdn.ampproject.org
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.parsely.com
clarium.global.ssl.fastly.net
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
csp.azureedge.net
d1d3jupgwm7m5r.cloudfront.net
d1voyiv1eh2vzr.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
dq0mmww6n9gqf.cloudfront.net
dsum-sec.casalemedia.com
dv90bhm02uda6.cloudfront.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fifthdomain.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
my.hellobar.com
p.cityspark.com
p1.parsely.com
pagead2.googlesyndication.com
pixel.quantserve.com
portal.cityspark.com
protected-by.clarium.io
s.go-mpulse.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20226.doubleverify.com
us-u.openx.net
video-api-cdn.mco.arcpublishing.com
www.armytimes.com
www.facebook.com
www.fifthdomain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
csp.azureedge.net
104.111.230.142
13.225.87.22
13.226.156.101
142.250.185.66
142.250.186.162
142.250.74.198
151.101.1.194
172.217.16.130
18.192.133.97
185.33.221.14
2.16.186.176
2.18.232.130
2.18.234.21
213.19.162.21
213.254.244.19
213.254.244.24
216.58.212.162
2600:9000:2016:a600:8:1b61:ddc0:21
2600:9000:2093:ea00:f:b302:fdc0:21
2600:9000:2182:6e00:15:a460:2f80:21
2600:9000:21f3:9600:1b:7b40:7bc0:21
2606:4700:10::6816:e17
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2001
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c1b::9c
2a02:26f0:10c:488::4469
2a02:26f0:1700:d::1737:6e8f
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00::210:ba1a
2a02:26f0:6c00::210:bb11
2a02:26f0:7100:1b8::11a6
2a03:2880:f036:1d:face:b00c:0:3
2a03:2880:f136:83:face:b00c:0:25de
2a04:4e42:1b::621
35.201.103.212
35.244.159.8
40.112.243.12
52.160.40.218
52.222.179.41
54.144.144.142
54.172.75.131
54.230.180.67
69.173.144.138
009e93df0797f059b7538ce71cb91077512dfee07a41f0a0f5c8f1b9419d6929
011d0f6f913e273fcb7495b16f2ac3de8b25ff81783fc1c90737a64b6def2c27
01b70ac7ac883903a1f1af229d5f33f0384fc979c0783de2a9013578d5a11e4a
01bdd4e427768424924a6e4bf7ed7b63a2645bd03d0026941c26e0552a495f84
031df97a8345d64c99d932f9a5f68fe225052c834fe4d436fd0f8588d015d594
04041fffb12e3e71cfd538c920ae9041e7608e440495c894fc27eb26189d938b
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04937e25b28260f6aa96329aa6cc39e4c3c86cba9214d238f36b066ef5e807ab
050c0e6b16736a256e9ae222a6f801c99547973ba0cea995d7417221ab388067
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0613c744e0d2779f9f692ac6c571421847cb28117fba1bd78519855ec6821afe
0719d944be3ee0e268d1850d382272b5288d842d7f0368bebc4af6a13cd41fa0
08476e3bfe9a4535fec4ad2be6846eaf0caadb3474c41c180c2394f7bc429bc1
08daa7400755b2714921412df53670cf182634e591b39d981ab2efc4ef7b7611
090ed4fa4b51bdd7a9321586d966a5be2f96069ff2cf7020431b6c44cd7b7c47
096d9d6229046c44df6a77db85b9ed87341ee55d28edeb5f606140a0fe951661
0975c9ff6b138a1fae7338c4dd62993868e01c40af0f9faf66dec42c43740bc6
0a2575a994b2fe26c09d98d446aa58310a669d3cf1fd71866154f9a0184a5b8a
0afb0f39b82b1d2075583c1114b5bdd2c62a398492cb52cae04e3166a86b7154
0b8184cdea75a29d7d353e702074c65be7507a2a0e5fd91f909fbf9e588cce85
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1444e03f38e58fc1861d03ca2fac00f6c9d864953f9319486203643299b814e2
1463f89cc1db962879c76a135da97f56c536d90a231d7e89f137ffd5da05e8e5
16cefc66e4b66398b053621360757a2dec44703fb4aa18d9a867cb91558fe73a
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1a2c1f35333b7d69e3fc1a5f36a811548354f4acbed7585c830f66fb3b37479e
1b5c387112856e5a1543fba69ba4ff98ddc561fbd03d4ebf92adadd04762dd15
1ceb908b50f9202e5fd5f6950d8ffeb6da3814a2bc241457d70f97b487b74e00
1eaedcb37e5cc6daa0b4a2e7d1e39ed25c26dbc6efeb689dd119598ece85d856
1ffe069ec3d46a4edbc4c237e36d9efb10bc3b6a558d543576d5243f7ffea9f9
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
227e9a173f8c78a7148af7f2d66bcd2e93bab54d07b122a18f26368705b30ae4
22d3b0e15735f434d8bfb1715cfe90c884e413bd7f39af91d8b68d05d8afa9a2
22fe9bedfa6db2dccb780bb092b172a86175e2ed3bf92d235f64066d47162049
2363e252ee24955ea6558767ffd7f9fb7adc263e782a7e0e77633abbe263581d
23fd6a695ed67d14664a5fe9e04bf594e8c142604008966ced1a9ac65300dfb1
28143c95b989b8fee05202abe07c1d0a8f1f7d8e70f1d500d9286459ea062870
28a513b49b5f50f01a809cdde2c8a94e16784b33805c372760fd2aa7894567ac
29f21aea7fc613d2618b70a483e0b4bf50ba3f4ce4109fa429ce580ec57ef991
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb6c144e7f9c6d9cd03f83dc7e2c8b217b7672269fe158bebf0f7c7e2cedc9d
2d0c03f4a63ff88a3f237369a9fc346d246b74e4cd5cf44d137c440b7b598b5a
2e10ae42c5bcedb77583cc52f40c2c2f5020c3135e961cf30b156be91ddc95cd
2f31a5211880b7352f5822f1c9d6c4c436913736dc9fbe0a815510c004d5cce3
323a404da27563a474e80ef101218c27d83d425c4a3390b18e9b4cda31cc926e
336b54c24b2cd76c8434f81b3953138c4dccb207a4bdf9b0801d6e4364482d31
3375183262b676534fa4de959d390110924a78d2bfbeffd8038460018419f9ef
33b8266e55aac519cbd73f53d4ce1f7b46ca07ef65648734e748c8bc166152a5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
374efd1aa45ff22e33546a6021b7c504a7a165b8a6c2ab0b8b33c837602376a7
39d513704eaf9e42ca8ca17fcb4ecae6456d0cdbd6d8785b73216e20767a79e6
3c07614e1f63f0e2a3ffa09b00d4f88c90c16becbbfe83360faa0a41dee8abc6
3c316ead557dc2d5c8a86336ff59c4463ebe43070d07daedb7c0cf858d4016be
3c8c241db188026a214e5e50e83c7542c13b43628f07bcfdddac28c2dd4d656e
3cff159dded47d5ccbb5055ab039aa0d9e0875cbae4271020038aa9cf8f66301
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40d77e79d3c8e0dc1491cbbe031791d2fae4bbffea3a2cff6056e5ec9eb95227
40fdf10cae1bfceea71ecc8a3ed9faf60fc6a61b826e019fc7f51e3e25088c96
45b263b4ba44cbc163b0a0c8e8f4c593f11f4b57aaa78a49acfc8a6e17697fa8
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49c91f41b553f7ae822ffd2fd6057211171b57cb5a214fc072e26715ff0d1d1c
4a338d9c8181e86242905f382788fe53d87b5bbaee3ad04e388dbba5757431ea
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50bf87dcf89e67ab9afe28b6c7f363610e46e8dc563db11291df3a73415c74b0
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
550df7a3b1385ccb500bafa78b5133122b0fa82d3403f9fc41e839a105d66094
554bc1440e7f58e518aae4facf8b6d5f34af6695c3a8d03c12003d1eb973989b
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
59b8dbaa96769486a1e0e6d71c20a1717f3bc92e14acd24d153b9cffa5ac0937
5c2db3dfe8902697b7b9453d8cc5c8cb6644fba1773b8c0ca920100d99136fd5
5fe35d1cb453616e09e72d309d4c8bb9ab2e2f3861c516402d8901de1c54bffc
60677f1ab10c33779afbc2b0d09203467ad34203ba3feab184e14050f003bebf
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
619db9e388cc319e86a8fac31bf89e4b934e85624f65bd43e54acaf620bb16f9
61d15f3f48dc88a6a9bd3fd7454f017f217fcabe73b4aea19335c04eac4f8a74
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63d9e1fb392138badd064ac8014c98a52d5009ff79ba86acce4103289e63687b
64060800887732685fab0e8fa14cc12fd8ea09aade34bb8f7f361af17c7a1e54
640cafaab6c7310ba67ecbaee15337692a2e255612d7d778f6b2bc6a929c2db4
661d288c3a8a3e64f2d7aba5765e83fa4de4e79d807fd344397113d3dc1001a7
66d0f17e8e4eb78590da06bf24e1f3da4f6a64f5759c5d36e6eb24ee87d78fed
6769f1b5d9db99bf55b86300de70774259c49a332a6cbe29a1adf87a81f3335b
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68a4a1b84344550042195a8dcada7e7879122fd9e77dfa06a3b3e8d3fe5f77c8
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2017b988362e8c21fc540af1706db31d3c2b46454660eaaaccd81b140e5694
6cd16995b481c31b07518cdea1d4ef7354944dd90413da0b50748a3d271f6115
6d9b5f969354c3ad1578d8cc97cc9dd646b210e221a6e9c18da81a281d57b502
6db3b70aa413f42f423499dabca829cf99ccd49ad1bdb238b8caa9f49389d2e9
6dd02a6261a31b6d33658bbec5bf7881c518152921e9c505a0b8056fc9e5fa61
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6e8f6bdff2c6ec356f53d3aab135571bbb5c03c868c4e97dda4b7e47830609f1
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
745d298c124bd38392bcef5d3d707004d15989870c3889a50cea881568b585eb
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
76ccafa82b5368284e89c7d9a083e9dc2c84c1f64559c3cce67b1eda5a134c3c
772d0bb40223f70dc0c1caa7a571f3fa516d7863fd8721e4ebab33de77577f00
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ba286a523a20b96d518707895d2588da74f3840f6712b7ba24d7dbdcab5e7d5
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
7dbc83a19de5e53675d94ac530e42b76a05af58bb9620aa6b4dcc57f76059494
7dc7139804a226a261c44bf5d1dc06f4efc4c1cc166443f95266da83b2125954
7e739cb08237c433c5fc87622578034ce4d4b9233f7cef03d0c9183d3295e9ca
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
800689d6be5129f5d674a90e47e7bf6f919cfd7fe78c1f8f4d0f166212992524
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecad02f734b93d8e4bffc1126c9716e391b5c81d0e40dfc6345fb694bc64aa
84d5fb424739d36af2200d9a1556a50a38b573a9245e0729285c230927040fa6
865d58958026e9e613d8bbcb55d168ff89854eac1c1d88d091688a51ce63d995
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8cb89356811727630737c88405d32189ab68caaeabb94730b3d719af1f879425
8e839ec99bf300782abd11506b139f2a66fcf9074888dd398b9125018d30f864
8edf9cd544cf7f900671170da6965151e227058cf521c12b2d5917158834bcea
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
9280a7d8c17651f552981e4bb3c975d765e6d0992e24f6c00f4b33f09faaaa62
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
999dc8a7259baa73e23bb0cecc33f50e9b2c7508bd9f2235176836f9f3b936eb
9a676d0a55246e2fc0b85dcc9cd79bfc3bf298ca3f998e4064a7df38d30aa855
9d1b4578c0db40f374af00c37d359c08d9632e1cd9e6b0c0eb0783866f793667
9fc197226f4a180914c4cba28ba399aaae0409218f0be477aa4d19c182c29d88
9fcb26c87712320932ea7fb2434ba2737af71b6e96dd238dbcb312e454992837
a05330886d937516987d1c1d609d6b105ea768bff237e6bb2dc86220b3970ab7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1d105ae50cf12dfb49bcaed73c7ea73f6ab28fa94546654d5d79d8a3f39321e
a2184a51a8e785a20e79a4341d62338fcfe092a06b695a338c40503e969e7fd0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56bde91c3e09d7388ec0ad58e30a4c720ba0503dc3f9f52aeffd8974050db42
a6457ba9ed1145b70ecfa8fca1450c9fd4c26f93a3b5cbbe85fb975414392902
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8141add2546cee649df63bfd96cd8a0cb9d0bd7dcac2bd7a888cf3db92cad5a
a89fc8b93ffad843dd466830b83527543c50d90dad2a2a10bd53dd34dc3711e4
afafdd3efe843886f234783a517d43eccdf9f32cb1a47a7d3abffd70e7679de9
b0e3d1321df948162e102a2d4d89ad787d9448dedb02996f7b51544d2ccd3f21
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16a612f15c5bf92f34a8d8dec3e29ebbce929aa865aad69350fcd61d9903a11
b16d732ed99d3b744e7b339649cc69980abf012b866a243e698120d8e7ceb646
b1ce9a1c99be6ac4c4bcb0ca8e5612e87388b4262d2a00b5da84d72df50da5d5
b29cf157201a5fa56c82cde303c6f7e86b49f56c4e01286e2e749f0b5651a0c1
b4b8b3bd5ab2b1a8f609da5dbeb91d05cb279c90e61b19533cdbeeccb058f885
b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037
b9c890370dcc6e0ecab6d3e1de05e797ec893c8fb4d3f5e0715cd862d2ab7142
bf97d54048ff565046af3d9dbb31300a9b12c8a3b8e3ac73a49abef835c7d225
bfc9e9ed504c02711c1c49bae719271313289d088c55cbb89aec11df26aef699
c017a1ec16130c70a43457d8c0bfb8c099f63c2084683c90963e8e16c2f26cde
c0d6c86638502af9d06d0eb5b782fcbee6c6a8dfccf5538c303dc40180f961ee
c383a4219542a2d51d884d06a76334097e9235b9d2c19d41f259a39fe11a051c
c5fafce8447e12c90c21260adaec79619685b1c35d37c5288bccd6d1c8ee02e4
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c650e4060b014920f3496b56f6fc1ba0ea77ea1bfd25e4d172e5d265879d552a
c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa3a42dfca23257a9a01744c0a24ef80d2372a1e9fed385665478423c4f4ac7
cc6fe81b4bff1f0210b6fc3ea5e3973666f75c6d0663acdd388eaa732851313f
ccd6d32e24ec18ac811591d6cf517a2199da6c29afe460cc3b251cf76eef7f10
cec34d3e7840270cb13131064d669a95e8862575f045bf0c072f1845b207ad05
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0067d0441ac5d66d8e942a1131dd2d3dc511b33944867d2825f8fa038b19047
d0870c570b17dac85ab0e4dffb6d92c33718a8781ed818f0dd56b670857e7deb
d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d
d1b36e94578435c57e05e2126799f2d9d381a549b264283be24bd1d8c9645709
d32aa111686f84b22ac196a4d3e95c426105c5ba54b38d8d732edac79b40d2a9
d64b457704e5fd8b4a30f58f7e2cd73d79a8b36df650c193b011c123dfbfba7e
d73268c706a2ca22a13a545d39aba12557112cdc90fc14db69c4b28d487e552e
d808c9e186064c6d5a802bb5313e2604ca06c841a48fbf85b13e18aeadb292d5
d977f841b9d5365c68ad5a01bb0fc5e9f39986770b5fb7a9219a6103bb2b1660
da15ff6ce93738bfd89cd30fe185fdc10b7da66f85a58352a7c2df37c944f590
da782c8baa06e2832e33b3f299a3270c2e5229539e6ce7855a0f9607e6a5048c
da811b5da2af25fbf536a2e5b73112e549237529a0da21e50bc05f9bf4c2cf7f
dc425e455cf5b98379902f811c1c918f35d79702fd7e6194c357123f31286ead
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb51286b8f4f379b780ba048e46b792d0cb38e0def5ffda5346da34b53873fc
ded666915f4a7eb4dcbf4cf62d1adf051481327547d299a3b0610ce85e91382e
e034735fbf5d3075f8130860691c61cc1ae53f9a702220bad95f149fa428d15d
e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645
e0bd112f460792bb129a4a06d4613c7a6358ae4004cb1b0c68e8b15b87e6640c
e0eddae0a944a84b24c57b5f23633669029eb57472d8a43987874b10a2f2dbf9
e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334
e2feec21764fec281716f9437847f9eb9d9585b548f880c61af11b889afa630f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d9677aacfb2e418e882b5a96b9bd135e58b9a61dc5d26087dd635c82e9545c
eacac66c85d3b4af5518fcd0d3f943f692bedad76520f826d7abeaee198bbfb2
ead4744e920d589fb562c45ace8476fa885d4976d6a26d0d6b7bef7918a3e18e
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f24daa7872107f18c9082f7458884526fa50cd12db1f4a6185457875aa027414
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f76ea897cdb005cc497fe7f82f653a608b0f2ba7a74b3f1d1fabc5b952143176
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7e540d639d9fb743e1c73aeba2ab6526941ee81766e6d83a2a04c3e26ca3dae
fece2398160545850d81132b60b35e2863a116a7e09c8d53e562b2bf9a6433f3
feda8744d27a41b56d4a3fc7575797afd46c4b4dd6efea4423df2d5abf426bbb

www.fifthdomain.com Open in urlscan Pro 2.16.186.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

251 Requests

99 %HTTPS

55 %IPv6

35 Domains

59 Subdomains

58 IPs

5 Countries

10494 kBTransfer

16318 kBSize

9 Cookies

42 Outgoing links

Page URL History

Redirected requests

251 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 33 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fifthdomain.com Open in urlscan Pro
2.16.186.176 Public Scan

Screenshot
Live screenshot

Full Image

251
Requests

99 %
HTTPS

55 %
IPv6

35
Domains

59
Subdomains

58
IPs

5
Countries

10494 kB
Transfer

16318 kB
Size

9
Cookies

251 HTTP transactions
33 data transactions