hubdrive.lat Open in urlscan Pro
104.21.43.169 Public Scan

server-52-85-61-22.ewr53.r.cloudfront.net

Software

sffe /

Resource Hash

0cdd5d23a9276e39fff4b6142b1de0ad88241d5e9cdddb621d9de20e7c2d6e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 307
content-type: text/html; charset=UTF-8
date: Sun, 11 Feb 2024 21:20:00 GMT
location: https://hubdrive.lat/file/364836294
server: sffe
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-silent-redirect: true
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 268
content-type: text/html; charset=UTF-8
date: Sun, 11 Feb 2024 21:20:00 GMT
location: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/364836294
server: sffe
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Primary Request 364836294 Show response
hubdrive.lat/file/ 22 KB
5 KB 169ms
168ms Document
text/html 104.21.43.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/file/364836294
Requested by: Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/364836294
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.43.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f513094230e4bbba09b99e842bf61de159fff0717458347178ceb91e058a0ef6

Request headers

Referer: https://hubdrive-lat.cdn.ampproject.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 853fa2215dc04588-ATL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 11 Feb 2024 21:20:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMe6A%2BQFIjE9Es%2Bf0XZXHeKdG%2BNs%2BH8RFGMwvJ5zS5Yr6jPxJaxU%2FmP4E9jFb1EKRKVxOcIOZ2G1sHH%2Fy4wIJzrU%2BbZ%2FCjUYStqnivelcTZMfRg9%2BVJTSP1xQL4uy1I%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 clipboard.min.js Show response
cdn.jsdelivr.net/clipboard.js/1.5.12/ 10 KB
4 KB 81ms
20ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clipboard.js/1.5.12/clipboard.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 11 Feb 2024 21:20:00 GMT
age: 2905335
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3500
x-served-by: cache-fra-eddf8230119-FRA, cache-pdk-kfty2130066-PDK
etag: W/"2780-g62mlKGgQ7iOUNNGqfIWRxX9voo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 widget.min.js Show response
arc.io/ 7 KB
3 KB 3175ms
65ms Script
application/javascript 52.85.61.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arc.io/widget.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

487bc1cf7b1631ce796c055c044f8b4e06a7caaaae72a0804c23e5f2f1791a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 20:23:18 GMT
content-encoding: br
via: 1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Sat, 03 Feb 2024 21:43:30 GMT
x-amz-cf-pop: EWR53-P1
age: 3405
etag: "65beb382-b84"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=864000
content-length: 2948
x-amz-cf-id: lG0--usBogvrp9veQWC_feP24nNHeylteC8te0FzqqMNyOZ2ttqoGA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 408ms
57ms Script
text/javascript 142.250.80.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f10.1e100.net

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 09:16:50 GMT

GET
H2 200 hubdrive4.min.js Show response
cdn.jsdelivr.net/gh/BadAss-King/hubdrive/ 8 KB
2 KB 24ms
21ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/BadAss-King/hubdrive/hubdrive4.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

35876455baa5aee4bfb708042ab2a3c663020c92d4df5b2c1439fd540123fd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 11 Feb 2024 21:20:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 31416
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1615
x-served-by: cache-fra-etou8220114-FRA, cache-pdk-kfty2130066-PDK
x-jsd-version-type: branch
etag: W/"20c0-dGBYjUf3YnPvk0t+6zLJ2Lcq5Uc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 746f656c7a.js Show response
use.fontawesome.com/ 9 KB
4 KB 3122ms
48ms Script
text/javascript 172.64.206.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/746f656c7a.js
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.206.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757b9768e0c48924a1cdf690463a65d4f48b864f131da4a6e67cafc15bd66430

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 00:54:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3730
etag: W/"5064cc74c4928fbbc06ece65efb72afd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w42bOaUaozQelGg5Kg5GX9s9usN4VUc16QDHPr38BK4kkpfH%2BlhhxrbgCu9xVc1d0KeFIf0uxu4rnu7WyPmobqkZpOGchAfHXHAEhHJq4%2FWVn%2FQ4Ga%2FfnCCV30NHvT00%2FHqQ7y0y"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 853fa235cda14531-ATL
alt-svc: h3=":443"; ma=86400

GET
H2

200

sweetalert.min.js Show response
unpkg.com/sweetalert@2.1.2/dist/
Redirect Chain

https://unpkg.com/sweetalert/dist/sweetalert.min.js
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

40 KB
12 KB

36ms
34ms

Script
application/javascript

104.16.124.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Server

104.16.124.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:01 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2618072
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HKYZVY2CVWW3WFTQCGEXM4PE-iad
server: cloudflare
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 853fa22a3898adc5-ATL

Redirect headers

date: Sun, 11 Feb 2024 21:20:01 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HPD0GRHRNPJ4R5G0YBAMYTPY-iad
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 144
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /sweetalert@2.1.2/dist/sweetalert.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 853fa229f838adc5-ATL

GET
H3 200 all.min.css
hubdrive.lat/assets/vendor/fontawesome-free/css/ 55 KB
12 KB 53ms
51ms Stylesheet
text/css 104.21.43.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/vendor/fontawesome-free/css/all.min.css
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.43.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Nov 2020 21:20:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 164208
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wo9WXEs6uaiqk07OWpbz6waVnu2mnYy14rOa53bVvhocUgIodd0l51dlq%2BUDMfolli98oY5%2BliZ2xaUPtFO7Z9Ulu0gVCQsX3px%2F4bRA2NcIi6RB2DD7ljkTfOzq%2Bbw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 853fa222794c53c8-ATL
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 Feb 2024 23:43:12 GMT

GET
H3 200 sb-admin-2.css
hubdrive.lat/assets/css/ 210 KB
30 KB 54ms
52ms Stylesheet
text/css 104.21.43.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/css/sb-admin-2.css
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.43.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03d5ffcc6177da76ee1578b71967331daf019b28e914d75dcc256de90fe9b016

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 18:01:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 337300
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GQ9vslko%2Bras68iNCmzQ5KiLZeKqv%2Ftr5STrGhbIE6XJHJOxu9OO1E2t%2B7SGuaFZkzX0lt%2BHnBjxbXyIqBXOdPFoc9pnGqO0vefKprwmtGMZ%2FwdnQkRoOW0XEfc6Vo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 853fa222794e53c8-ATL
alt-svc: h3=":443"; ma=86400
expires: Wed, 14 Feb 2024 23:38:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 3190ms
77ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

15e43a1366b7c320c12ace3497892fd0eff14b08d3db0d833874c7a65712fa18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Feb 2024 21:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 11 Feb 2024 20:16:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Feb 2024 21:20:03 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
29 KB 1428ms
70ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

138-199-40-58.bunnyinfra.net

Software

cafe /

Resource Hash

aa3a1989221e5f88e2ce15c000fee0e48e36d085dd7c0e044319e09140af4966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29322
x-xss-protection: 0
server: cafe
etag: 963 / 19764 / m202402060101 / config-hash: 3544666277437429358
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 21:20:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 274ms
62ms Script
application/javascript 142.251.40.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8QTNRD0R4M

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.168 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fd3b3d94b5ff697d73f2e29ec50b1cd5200b823781b8cda95435b8d848aca83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94921
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 11 Feb 2024 21:20:03 GMT

GET
H3 200 HubDrive-NewLogo.png
hubdrive.lat/assets/img/ 12 KB
13 KB 30ms
29ms Image
image/png 104.21.43.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hubdrive.lat/assets/img/HubDrive-NewLogo.png
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.43.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1664d91ecac81370ecbbe5f5ae6297a1a5e6c80e8cc5b51ff934ee2bf47f51f3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 245259
alt-svc: h3=":443"; ma=86400
content-length: 12781
last-modified: Sun, 21 Nov 2021 17:36:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2F%2F%2FAt5Mt%2FNaIP0TaQQ3dhp1HBudz%2BsPabnSBtz7ebHVz4vfHZqj98ja9dTVYzy%2Bd5zXsKsJtPLwXOhbmRxpJLSCiV821SYpSUZJusqt4mPDHUYA4yXSypJ9GPMebwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 853fa222794f53c8-ATL
expires: Fri, 16 Feb 2024 01:12:21 GMT

GET
H/1.1 200
OK asyncjs.php Show response
greenfox.ink/d/ 4 KB
5 KB 1417ms
145ms Script
text/javascript 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://greenfox.ink/d/asyncjs.php
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sun, 11 Feb 2024 21:20:04 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
ETag: 1d63e790351363d29b61f9cf59b98fad
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=3600
Connection: keep-alive
Expire: Sun, 11 Feb 2024 22:20:04 GMT

GET
H2 200 1 Show response
thubanoa.com/ 42 KB
16 KB 1466ms
223ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/1?z=7013738
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 15aac4f7c4e7d3711a86ad20f67c25b40c9b328f5e693bb1f20ead3665a618bc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-trace-id: c0dfb61aaf1b1cd625b94ff3f275830f
pragma: no-cache
date: Sun, 11 Feb 2024 21:20:04 GMT
content-encoding: gzip
x-sc: 1xrJw9ZEQ6V5nmLT2Vky7Y9KOnwvrqkvndWO0YfvzXhazJyqznHDuv5h7APzjYvspbVu4PCwbPipvZrd
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 bootstrap.bundle.min.js Show response
hubdrive.lat/assets/vendor/bootstrap/js/ 77 KB
23 KB 72ms
71ms Script
application/javascript 104.21.43.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.43.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b39d09ccb303b024e73b2cb2888b32e1a5dd3f9e69baf6a4e0b0a3d1bafaf01b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 22:41:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 236630
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B91x9%2BzvLWxcKQ%2BaIG2MUH5tqna%2BxpSI%2BWsvMVZaAvjfkxLl6d4rWj%2BvC0mgu%2BndEOTC9Swr3X92TGNf5Ajcd4CvxVadd4wQTZL1yOZMdMkje9Ob4g%2B9hyEhnb9bbfg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 853fa222795153c8-ATL
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 Feb 2024 03:36:10 GMT

GET
H3 200 jquery.easing.min.js Show response
hubdrive.lat/assets/vendor/jquery-easing/ 2 KB
1 KB 43ms
30ms Script
application/javascript 104.21.43.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/vendor/jquery-easing/jquery.easing.min.js
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.43.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d865c4606f6f8fdc900cd531f630064d76dff960ccf06cb46cd3f7a04d713bb3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 22:39:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 134806
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ap%2FMqYQ9GnkbhCIubZSB93bmfgGLflrW9qtL9CEgozAtyYX11Vv56Ycb08mnWsRF4jjVPpDI41vbnqCMqB4T7yOvaVlHgYmJCN41VSt7sWBNK0THb02yL0IA%2FQEBUNI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 853fa222f9f853c8-ATL
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Feb 2024 07:53:14 GMT

GET
H3 200 sb-admin-2.min.js Show response
hubdrive.lat/assets/js/ 1 KB
1 KB 31ms
30ms Script
application/javascript 104.21.43.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/js/sb-admin-2.min.js
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.43.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f913733fa2872d794c45a1e2191f2e9c75976a7715faf1ef70cf3e364df9458

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 22:24:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 109720
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goYKADOAV7UVWvxHPOF7rbtICgGLD6LtLWlADlA6vN4H%2BM1zDGHoGOuHr5CIVEBe8EbSh4C05t1Y2hikcASnN49uCxe9%2B6kNuyitOQRdhdNrsQ1Cdqf9XFOEabFtXoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 853fa2230a0453c8-ATL
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Feb 2024 14:51:19 GMT

GET
H2 200 746f656c7a.css
use.fontawesome.com/ 1 KB
679 B 123ms
122ms Stylesheet
text/css 172.64.206.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/746f656c7a.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/746f656c7a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.206.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e3737c1cbde4b54f6c8b42fcb3448200d1321b3b514684fcff6411f7e93c63d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Sep 2023 00:54:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7f642d48d16b59af74ffbd2c54362a45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQCyTn14rjAB%2BbK6bMzW0wX8gJWE9ad7KMfDtDqX4moQICCFXlfL5vGZ1fHqboYTW2NLt2bQ3%2FIcHZgMMtkzLYD62aAGa6LHSWOwVcj3UOrGmoJ4f7LgQ5ukkKim%2FP6oCSmwLnu6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 853fa235fdf74531-ATL
alt-svc: h3=":443"; ma=86400

GET
H2 200 core.js Show response
static.arc.io/widget/js/ 310 KB
104 KB 267ms
36ms Script
text/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/core.js?290eb2f
Requested by: Host: arc.io
URL: https://arc.io/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: d83b7c0e9b8f2e74b3cbe129a54793a25ea5410d9f7730f049df3e1f387be59f

Request headers

Referer
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:03 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: EBG1TQK7PF9DQWC1
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 21:53:34
cdn-pullzone: 786569
x-amz-id-2: zrcWOzFRs4gRm4tdDJ7gBYXWVbxGN7xqpH4mi1goyxbuAfVlCTgzXevemUIs3bB0OIRKCH3jGAY=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"d06b3a90fe0701b7af5d5c4c3a919aab"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 00b8ce72e1b5583cd868e5d48b295eda
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 broker.html Show response
core.arc.io/ Frame 2288 2 KB
1 KB 126ms
40ms Document
text/html 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://core.arc.io/broker.html?290eb2f

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

fba7b9242113390e99277bd207daba9b5b1bf029ae5a5867472cf0d8c589b05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=2592000
cdn-cache: HIT
cdn-cachedat: 02/03/2024 21:47:25
cdn-edgestorageid: 885
cdn-proxyver: 1.04
cdn-pullzone: 786568
cdn-requestcountrycode: US
cdn-requestid: 7f8d8f6da4027e93c0249647ffa1fa0a
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
content-encoding: br
content-type: text/html
date: Sun, 11 Feb 2024 21:20:03 GMT
etag: W/"64331d06-612"
expires: Mon, 04 Mar 2024 21:47:25 GMT
last-modified: Sun, 09 Apr 2023 20:16:06 GMT
server: BunnyCDN-NY1-885
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H3 200 fa-solid-900.woff2
hubdrive.lat/assets/vendor/fontawesome-free/webfonts/ 74 KB
74 KB 30ms
29ms Font
font/woff2 104.21.43.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.lat/assets/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/assets/vendor/fontawesome-free/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.43.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Referer: https://hubdrive.lat/assets/vendor/fontawesome-free/css/all.min.css
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45398
alt-svc: h3=":443"; ma=86400
content-length: 75408
last-modified: Sat, 14 Nov 2020 21:20:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVfq8MQL9X0EE%2FSwBLAW0sS7iuKpbvNxZS1q9iVZillCVm42U%2FhGNkWmi16lSXtCoj1Nu%2B9U1mZOlsAZ3JRJXslfQX1me6Erse8ji7YjZv%2BhKq4r1zArTcJ1zXMdG9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 853fa2368de653c8-ATL
expires: Sun, 18 Feb 2024 08:43:25 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 381ms
39ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:08:24 GMT
x-content-type-options: nosniff
age: 249099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 00:08:24 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 30ms
29ms Stylesheet
text/css 172.64.206.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/746f656c7a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.206.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 211694
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6%2Bxsh15APowoX786pmeyiemZ8zZViemTFy%2FlnTI5fft%2B%2FWI0sgNGqL%2FYgGkuQ1LzG5x9E89xEU6nVcFuDdKuV8%2FjwicELre0vVkwz%2F1gEbyLD1HKF6xCK2e0Hkw%2B4d8gfLISfq2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 853fa236cf2a4531-ATL
alt-svc: h3=":443"; ma=86400

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 1092ms
43ms Font
application/font-woff2 172.64.206.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/746f656c7a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.206.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/746f656c7a.css
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2612785
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oN3hgjhwdcO6zF8b5pDo%2BbvceDE64leBujx0UduPprhoODQfdOAILtCyxJ64636aSD53M%2FoS7c2FGxEznlS%2FCstm1mEGSB%2Fgfl96n8rBUuNXraPHd0Z0oG38C4W7N2ZG7krOHpfg"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 853fa23dbfac78d1-ATL

GET
H2 200 vendors~widget-ui.js Show response
static.arc.io/widget/js/ 94 KB
34 KB 365ms
39ms Script
text/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 7a4a51ab0b9301083e145526762d065e622a0ec8cfb5a866cd6b20c87087ff08

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:04 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: ZG9ZNN1M4JDV68Y2
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/16/2023 03:06:27
cdn-pullzone: 786569
x-amz-id-2: 51vFKVEVAx4q9Ji66ldN/axREpzQF+/WIfyIb3+bWV6ijbZdshUxkeCzNwyeA/kesQg+7QpGyrg=
last-modified: Sun, 09 Apr 2023 20:18:37 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"de8ab4879bd77ebe629c721339d42f65"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: e61ecc7487996387c76e94b3ba1eff66
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget.css
static.arc.io/widget/css/ 85 KB
9 KB 406ms
81ms Stylesheet
text/css 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?290eb2f
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: ca943937aa6c69286d489d0720b1c8734d67446f5495374ff618f40788b65c75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:04 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: EBGAETYB7Q67X0H2
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 21:53:34
cdn-pullzone: 786569
x-amz-id-2: 6gB9LZm41K1fFG9A5WKJPDYL/pzIoptpSKuZzx1FKYqj3jBtUhzQLO2lsVMwkEU2whrXJXOLNbs=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"51616a4421ceea014ea555698310a2a5"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 10672d0417181886c0d6ec1b2d1c3147
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget-ui.js Show response
static.arc.io/widget/js/ 41 KB
15 KB 405ms
81ms Script
text/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: bb0f8d0ddd86c8950343123306347b29b3dfb334281d37a69069bd2dbe73f42a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:04 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 84H876JYRMFKKZQ2
x-amz-server-side-encryption: AES256
cdn-cachedat: 01/03/2024 19:10:39
cdn-pullzone: 786569
x-amz-id-2: 0AHUdNPKrDXaA6EWZpKDgEjMlCE7GDLGqmcXYF/YrzB4pc5JRSGI68BgaYPwKnneLk8tvca9q5E=
last-modified: Wed, 03 Jan 2024 18:03:35 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"932fe4d4a9d62f8d6cdc378aac6e8030"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: f0835aa1882a9481eba01bc22e31be5a
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 broker.9e6bf337.js Show response
static.arc.io/broker/js/ Frame 2288 24 KB
10 KB 38ms
37ms Script
text/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/broker.9e6bf337.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 15dd17bc017fd6b5c5874bf0c0f127131b09f9f8a4a5f596aa846269f4bad7c9

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:03 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 3K6572S44X6CX67D
x-amz-server-side-encryption: AES256
cdn-cachedat: 10/31/2023 18:52:54
cdn-pullzone: 786569
x-amz-id-2: dLKO5VPPnnqi3+XOdB0veMLbIAILvwOSoJ4GzNmKLxxFlfFmNmznVGpXpeTYxGJkV/aTLr1sB38=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"0f4be176d7381439a060ff326b994fd2"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: fbd1ef9eebce96852905cca433aea0d4
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 chunk-vendors.5e1d8045.js Show response
static.arc.io/broker/js/ Frame 2288 49 KB
20 KB 39ms
38ms Script
text/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: c4553db9c6f8ac8363f52730234c6e6978828fd5638df4d0dbcfd8bec71a08ca

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:03 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: ZG9P1PKSRW3QFSWK
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/16/2023 03:06:27
cdn-pullzone: 786569
x-amz-id-2: LYa9kuBlR7mquYzniatNWFOUxcxLOu77FMytJanpFa+SsHFH1T7gC4jESQDgka8j8uSIGUUt/2s=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"c78a505ea0c6b4622562567efbbeb847"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 98c663a93f42a9a5adbe07885e5120c3
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 2288 0
5 KB 356ms
67ms Other
text/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:04 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: FC8B19E98STPFYG3
x-amz-server-side-encryption: AES256
cdn-cachedat: 10/13/2023 07:46:38
cdn-pullzone: 786569
x-amz-id-2: OZ28pOUxEGU3SE8hMb1/WQPcAo34l2WWKG+dLpP7P+2+5j3nllzqM6Ne2PHpD56W+EisZ7IVEZM=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"1343454a1c763177d59f06c307b3a5a2"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 974463147c6a0d7ef283c485d7c31caa
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 2288 0
16 KB 370ms
81ms Other
text/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?290eb2f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:04 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 10N2K8AEDFCCNQB1
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/17/2023 14:18:54
cdn-pullzone: 786569
x-amz-id-2: PlrFXVGI1jexr7TAWJtFW8Q+uD/sxSkhW66YJtSri1HznKFHC4ASGTpH0Bl0Pcpvrjou9vFhHIU=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"d03c11be3537746519138d1fe06bd033"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 411a51107cc013a97526c2903583a104
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
www.google-analytics.com/g/ 0
252 B 143ms
55ms Ping
text/plain 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8QTNRD0R4M&gtm=45je4270v9175770313za200&_p=1707686403575&gcd=13l3l3l3l1&npa=0&dma=0&cid=1557002286.1707686404&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707686403&sct=1&seg=0&dl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&dr=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&dt=HubDrive%20%7C%20Jennifers.Body.2009.480p.BRRip.Hindi-Dub.Dual-Audio.x264.mkv&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3822
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8QTNRD0R4M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s72-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lazy-modules.a169b1ec.js Show response
static.arc.io/broker/js/ Frame 2288 45 KB
16 KB 244ms
69ms Script
text/javascript 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.9e6bf337.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 2d69a91e3b105d9ced4a5c0244a9dc3905f8eb061e72cb5518db5ef6d0d0635d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:04 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: 10N2K8AEDFCCNQB1
x-amz-server-side-encryption: AES256
cdn-cachedat: 04/17/2023 14:18:54
cdn-pullzone: 786569
x-amz-id-2: PlrFXVGI1jexr7TAWJtFW8Q+uD/sxSkhW66YJtSri1HznKFHC4ASGTpH0Bl0Pcpvrjou9vFhHIU=
last-modified: Sun, 09 Apr 2023 20:16:26 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"d03c11be3537746519138d1fe06bd033"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: cbf723b506845441747b7cc19df21af6
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/ 436 KB
137 KB 40ms
39ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 20:54:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1524
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139610
x-xss-protection: 0
server: cafe
etag: 16226629560626727405
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 10 Feb 2025 20:54:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 465 B
268 B 158ms
72ms XHR
application/json 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hubdrive.lat

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd317a20d438b4caad987f36b1f9e212af87c6e383aa84027d95ae943c083536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 243
x-xss-protection: 0
expires: Sun, 11 Feb 2024 21:20:05 GMT

GET
H2 200 2dfc5cc60fdf6636778a3fa44bb932c7 Show response
thubanoa.com/27/ 403 KB
128 KB 129ms
129ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7

Requested by

Host: thubanoa.com
URL: https://thubanoa.com/1?z=7013738

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

400851f4cac11f9e1867253c679fa40d686f328c0f61fa2957178ac544625f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-trace-id: 1df53ef03183b4a8d72b8d66c79de367
date: Sun, 11 Feb 2024 21:20:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Thu, 25 Jan 2024 06:27:22 GMT
server: nginx
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Thu, 24 Feb 2084 06:27:22 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 89 KB
26 KB 100ms
54ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1344f2cf7e2562ce1c954075dda071857f4ff0c6bb6d2022384883f24d3bd1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 09:41:43 GMT
server: cloudflare
x-amz-request-id: 2TET7BRARSYMEQN9
age: 308
etag: W/"294eab17112a5071cb7b92bc188fc8b9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 853fa2415920b0b7-ATL
x-amz-id-2: zptNy4bz8xwfSN81W5HeuFH3JeS6Oh0DbvZfrJDlLWnPuqHOBGTwGXUFnjeI24LMIqudLQWm6Es=

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
819 B 21ms
20ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 11 Feb 2024 21:20:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5914
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-pdk-kfty2130040-PDK
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 1131ms
39ms Script
text/javascript 18.164.110.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.110.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-110-14.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sun, 11 Feb 2024 10:24:12 GMT
Via: 1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 39355
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: mZxKm8Igj4zu98O6U9Y_sknxIb-G2T7DgYs-dyCImuZEG3tRRY5S7w==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 371ms
42ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

309c794d20c6824c9c401713bc7ba07938e85509e557ddbc944f6fa17e7b7469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 07 Feb 2024 07:37:39 GMT
server: nginx
etag: W/"65c33343-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 12 Feb 2024 21:20:05 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
798 B 1474ms
1473ms Fetch
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1663623657107523&correlator=3217654893076323&eid=31080856%2C31079233%2C31079239&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.lat_anchor%2Cmix2ads_hubdrive.lat_interstitial%2Cmix2ads_hubdrive.co_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1x1%2C1x1%2C728x90%7C320x100&ifi=1&sfv=1-0-40&ists=6&fas=1%2C8%2C0&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1707686405242&adxs=-9%2C-9%2C488&adys=-9%2C-9%2C94&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=0x-1%7C0x-1%7C1080x0&msz=0x-1%7C0x-1%7C1080x0&fws=2%2C2%2C4&ohw=0%2C0%2C1496&ga_vid=1557002286.1707686404&ga_sid=1707686405&ga_hid=1549624325&ga_fc=true&dlt=1707686400377&idt=4775&adks=2691604385%2C4130931250%2C4245700628&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f949b6863c37f151460a5011fff19f42ee1789d201b5ea1a11639a97c9b48961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 768
x-xss-protection: 0
google-lineitem-id: -2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
14 KB 697ms
697ms Fetch
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1663623657107523&correlator=3217654893076323&eid=31080856%2C31079233%2C31079239&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_5&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=4&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1707686405254&adxs=702&adys=157&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1076x0&msz=1076x0&fws=4&ohw=1496&ga_vid=1557002286.1707686404&ga_sid=1707686405&ga_hid=1549624325&ga_fc=true&dlt=1707686400377&idt=4775&adks=4268415557&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2eac96cd45142c9755dfeff65b91ede202f332658ebb77fe228f307790963fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:05 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14572
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 665 B
323 B 644ms
643ms Fetch
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1663623657107523&correlator=3217654893076323&eid=31080856%2C31079233%2C31079239&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=5&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1707686405258&adxs=702&adys=177&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1557002286.1707686404&ga_sid=1707686405&ga_hid=1549624325&ga_fc=true&dlt=1707686400377&idt=4775&adks=1411793224&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1159b82912bd8241262694817913bfb2f4d9d0ef771dc8035b0d1a9d9bcb5e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 293
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 109 KB
44 KB 1852ms
1851ms Fetch
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1663623657107523&correlator=3217654893076323&eid=31080856%2C31079233%2C31079239&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=6&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1707686405262&adxs=702&adys=372&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1557002286.1707686404&ga_sid=1707686405&ga_hid=1549624325&ga_fc=true&dlt=1707686400377&idt=4775&adks=3263134374&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b71d92dbd8ae8e8ffb2f647755f58d9232c0fbbf8af5237b75e3c0a636a9c88c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45260
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
15 KB 1517ms
1516ms Fetch
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1663623657107523&correlator=3217654893076323&eid=31080856%2C31079233%2C31079239&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=7&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1707686405265&adxs=702&adys=372&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1557002286.1707686404&ga_sid=1707686405&ga_hid=1549624325&ga_fc=true&dlt=1707686400377&idt=4775&adks=4224613116&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2d030e0ef230864442d199e2baaa3d3e203c3e54f3d975ca97dd963c3582b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15091
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
17 KB 1095ms
1094ms Fetch
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1663623657107523&correlator=3217654893076323&eid=31080856%2C31079233%2C31079239&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=8&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1707686405269&adxs=702&adys=410&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1557002286.1707686404&ga_sid=1707686405&ga_hid=1549624325&ga_fc=true&dlt=1707686400377&idt=4775&adks=2438643228&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

112b59b77a8e0ca07c1ddb89f87de5fd47203ae0af4b4c223416399c8e0b2416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17780
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 665 B
321 B 1823ms
1822ms Fetch
text/plain 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1663623657107523&correlator=3217654893076323&eid=31080856%2C31079233%2C31079239&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fifs&iu_parts=22925651469%2Cmix2ads_hubdrive.co_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=9&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.lat&abxe=1&dt=1707686405272&adxs=702&adys=522&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=hubdrive.co&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&ref=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&vis=1&psz=1036x0&msz=1036x0&fws=4&ohw=1496&ga_vid=1557002286.1707686404&ga_sid=1707686405&ga_hid=1549624325&ga_fc=true&dlt=1707686400377&idt=4775&adks=1424888676&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cc171c7fa62d9062e47818eadc77199e561459e88a88e72b6a196169b4378c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.lat
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5C96 6 KB
3 KB 207ms
60ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 21:20:05 GMT
expires: Mon, 10 Feb 2025 21:20:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/ 44 KB
14 KB 39ms
39ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ns3203256.ip-141-95-33.eu

Software

cafe /

Resource Hash

442934953e2ad201695846b1a8d478157de916cbab456ddad256c4f7d1f6fc40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 12:22:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32227
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14223
x-xss-protection: 0
server: cafe
etag: 2871022929451947748
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 10 Feb 2025 12:22:58 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
542 B 358ms
112ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ac984d25dde278be600e07e3f2ca95a7ac913af64acf757d724e45a2239e9775

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
228 B 645ms
128ms XHR
text/plain 141.95.33.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.120 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hubdrive.lat
date: Sun, 11 Feb 2024 21:20:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8A96 14 KB
6 KB 105ms
36ms Document
text/html 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hubdrive.lat

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8deb4dcd9ce02afc82cd8ee1938a02d0c40bd438fa8da4f22a255676fbe543e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 21:20:05 GMT
server: Kestrel
server-processing-duration-in-ticks: 660104
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 8A96 428 B
950 B 40ms
40ms Fetch
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hubdrive.lat&sn=ChromeSyncframe&so=0&topUrl=hubdrive.lat&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hubdrive.lat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e0b38250fbf79c0b6d972a780018cef2e12cc300b4a44f302379accfd8e0f076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hubdrive.lat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:05 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3859916
expires: 0

OPTIONS
H2 204 9
thubanoa.com/ Frame 0
0 407ms
135ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/9?z=7013738&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&oaid=b538c18ec82e4486996ca5900ce0a986
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hubdrive.lat
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://hubdrive.lat
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sun, 11 Feb 2024 21:20:06 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

POST
H2 200 9 Show response
thubanoa.com/ 6 KB
3 KB 117ms
116ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/9?z=7013738&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&oaid=b538c18ec82e4486996ca5900ce0a986
Requested by: Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6825ff1343a6b1424494c8bea0801ee336f510f32d646928cf43feae6c7bcd4c

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 6122edc2c4b756a02cdba81c443e788b
pragma: no-cache
date: Sun, 11 Feb 2024 21:20:06 GMT
content-encoding: gzip
x-sc: VyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012401291952000/ Frame 21CA 196 KB
56 KB 56ms
38ms Script
text/javascript 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3eca9711527fe0ef176061b86ddb6380ac65012af5295dc8594e1fd40b43dc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 00:30:00 GMT
age: 247806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56077
x-xss-protection: 0
server: sffe
etag: "1ed25d76f90879fd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Feb 2025 00:30:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame 21CA 15 KB
5 KB 88ms
70ms Script
text/javascript 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952f4a545636082660a36e042a5fc4f08833978338cb85b731a8c8cdb6a1f9c3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 00:15:49 GMT
age: 248657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5233
x-xss-protection: 0
server: sffe
etag: "68ac9d88d2f391b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Feb 2025 00:15:49 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame 21CA 95 KB
28 KB 94ms
77ms Script
text/javascript 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a577e7fb9faad8a5fdc642832ba0bcf65ae0f6205d7f9ae124b08ecfc8e7e579

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 00:19:18 GMT
age: 248448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "2d02fb878b5fde43"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Feb 2025 00:19:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame 21CA 5 KB
2 KB 88ms
72ms Script
text/javascript 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b5110727771b2c728a77387937413360b7c81afe6b78c2d379f9382d5762f9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 00:03:09 GMT
age: 249417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1914
x-xss-protection: 0
server: sffe
etag: "705bfb43384be481"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Feb 2025 00:03:09 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame 21CA 40 KB
13 KB 89ms
73ms Script
text/javascript 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

sffe /

Resource Hash

04a5eb2c4ba6aebc816c3005f46a65cc24cc3f3c4945cd7ab0b9d47975c7afb7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 00:13:34 GMT
age: 248792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "7c9e2849f5b8f3a3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Feb 2025 00:13:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 21CA 16 KB
2 KB 54ms
53ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3309a12da2ed18db77a65bfd52b4fb97a0dfd77e4f22889bd708a010ffd2f9c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Feb 2024 21:20:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 11 Feb 2024 20:26:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Feb 2024 21:20:06 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 21CA 2 KB
3 KB 47ms
39ms Image
image/png 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 22:25:08 GMT
x-content-type-options: nosniff
server: cafe
age: 82498
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Sun, 11 Feb 2024 22:25:08 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 21CA 295 B
519 B 39ms
38ms Image
image/png 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 20:40:55 GMT
x-content-type-options: nosniff
server: cafe
age: 2351
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 12 Feb 2024 20:40:55 GMT

GET
DATA 200
OK truncated
/ Frame 21CA 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 21CA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c917bdd74ca809376e8308258a1e5f5ebfc9037973fc021231f10a1a81357acd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 21CA 47 KB
47 KB 39ms
38ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:21:07 GMT
x-content-type-options: nosniff
age: 248339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 00:21:07 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 21CA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

156ms
63ms

Image
text/html

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294
Protocol: H2
Server: 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s32-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Redirect headers

date: Sun, 11 Feb 2024 21:20:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 21CA 0
0 107ms
107ms Image
text/html 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cz1FeBTrJZYK3FI3YjvQPkvqfqA6xyaHwdNCBm7XsDPiotpWLAxABILbz5psBYMmGgIDgo7QQoAH3y7jCAsgBAakCiFZXLt_cST7gAgCoAwHIAwqqBLQCT9CzeCNxgrnZWskd8Ds_sjmXLDsJCDAlzmsdEAAOGtD7xsl6CS9vcckxkFOVQblLZ6BaGX6scXK-ncISeqG7YP_LqlpAhvC3tMxVNmcpaCUQA_TotzcG0HcmTlJmsqC1f74z9PB7c45RcjTiwwdmPnn6xvpE5QC80078ISPaQPCdQFjY-vwH1BheDqvBuSYn5S4vg4IGwWoCNXlpsFhvGhpnjBhQpiBwIrBKtUkYqHlU6mnzSeM0NRNWxi4B7-Z4nr6sOJZOeiH7qQPRIdr90yhM1oleygoxLdnq2gkVY3KbxL3HY5K17ybQGy5md33ej7xbpU-cqrPV76lIZ4y7TPZff51RIzVYFPWdKA-Y6MjxErlmA49jhBuKu9d7h9Z7Tt45ja3ZgpwYIf5TUUsP8tKOHZfABJmBm-eVA-AEAYgF8IehlSqSBQQIBBgBkgUECAUYBIAH8bPHvQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDSow_SCCQIgGEQARgdMgKKAjoJgECAwICAgIAISL39wTpY-q_OzJukhAOaCVBodHRwczovL3d3dy5tYW5hZ2VlbmdpbmUuY29tL3Byb2R1Y3RzL3NlcnZpY2UtZGVzay9scC9zZXJ2aWNlLWRlc2stc29sdXRpb24uaHRtbIAKA8gLAdoMEAoKEPC6rficzcLqMxICAQPiDRMI69jOzJukhAMVDayDCB0S_Qfl2BMCiBQD0BUBmBYBgBcBshcfCh0IABIUcHViLTY4MjgxNzM5Nzc5Nzg0OTYYp9yUAQ&sigh=DuruH5k_Mns&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_7PlmkT97sfI8py4VgFDqxQ4hqWWNICAk7-IOVnVeh16awsau06B6TjwECWR8jS6SYRtqQlvHOtKk_Vbe504HMWzfVC6QoJALDnEYAQ&template_id=5028&cbvp=2
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s40-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

OPTIONS
H2 204 11
thubanoa.com/ Frame 0
0 136ms
135ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/11?rnd=173479815&z=7013738&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=Oen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R&ruid=47af44e1-23f1-47e3-b098-fb98740c0f12&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&ot=527
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sc
Access-Control-Request-Method: GET
Origin: https://hubdrive.lat
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://hubdrive.lat
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sun, 11 Feb 2024 21:20:06 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 11 Show response
thubanoa.com/ 0
664 B 114ms
114ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/11?rnd=173479815&z=7013738&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=Oen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R&ruid=47af44e1-23f1-47e3-b098-fb98740c0f12&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&ot=527
Requested by: Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
X-Sc: VyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-trace-id: 27bb85b0ad097e42bac38145042595de
pragma: no-cache
date: Sun, 11 Feb 2024 21:20:06 GMT
x-sc: VyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
interstitial-08.com/ Frame D876 22 KB
6 KB 385ms
149ms Document
text/html 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
Requested by: Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: da199a6e4a10a386792f5f3981ef21db9205863149d8c71655af6cb565d2f4b8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 11 Feb 2024 21:20:06 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 container.html Show response
a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C2F3 6 KB
3 KB 41ms
40ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 21:20:05 GMT
expires: Mon, 10 Feb 2025 21:20:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5D73 0
0 106ms
105ms Image
text/html 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiuULBTrJZevbNtmmjvQPpvWPgAT6j4XmbaCDqMWtDcCNtwEQASAAYMmGgIDgo7QQggEXY2EtcHViLTk2NzM4NjUyOTE4MjkzODbIAQngAgCoAwHIAwKqBKYCT9CN4D6MIjF5aRtrCTTFZrd3kORueK3oczaUdtxyG4EfK9InVQ5wGCTSAkOY785FBE3Y8Lceu72cUm_Ih2_s-5PJB0ZfBe_jhV_k19C5WqdpKGM7Y0F12Hwohq9fwlgDPno5P2Fqk78z43ekdByqHr2DVSCwt3XMOBdFEDy4t_7sZH2wi0IPW8VV_TlEr0nkR_goIKyA-OYMKSvv0l4jny9bWmRrmBLEx1HRJD5AwMcIjzdnBvlCfQAE-qjaHeCJfnDu3T7SsTPbFr8-KF1eNvpICmXKE2Rl0lRIsTYRRtZJ2XUACvDyV-AmGcmPVqTUUbM9WuPghzswLpZp3MI7XXkdu66KueCUr6lR_cqAYkV2lObgFpgd-WyMnzmomb-IDA7dcVoB4AQBgAagm_64u9mCiewBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIIgiAYRABMgKKAjoJgECAwICAgIAISL39wTpYn8rOzJukhAOACgP6CwIIAYAMAeINEwjm-s7Mm6SEAxVZk4MIHab6A0DQFQGAFwGyFx0KGxIUcHViLTk2NzM4NjUyOTE4MjkzODYYp9yUAQ&sigh=6Sz8OZ-uvPw&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_ZOPcLkeUR1sNqRY-iWqx6wuYqaOoU537J3BX3GiS7Nbzw8ji33nl9V0OY_LOrtL7MWVImbCcr9khpEggxuTQF41ue7WGQjztz6MYAQ&cbvp=2&vis=1
Requested by: Host: a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com
URL: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s40-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 win
8proof.com/app/ Frame 5D73 0
44 B 118ms
39ms Image
text/plain 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8proof.com/app/win?id=730101626388&ap=Zck6BQANresIg5NZAAP6pjX_AAfdu-uWVpsTiQ&brid=3GV66owyJvJN6QpQ7eRh2w&t=b&cbvp=2
Requested by: Host: a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com
URL: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
content-length: 0
server: nginx

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 84D4 13 KB
13 KB 125ms
39ms Font
application/octet-stream 142.250.80.123
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.80.123 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s36-in-f27.1e100.net
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
Origin: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 20:22:48 GMT
age: 3438
x-guploader-uploadid: ABPtcPopblWE2tUKZiBfvjQlKkxRvgad9xbNi4bq-IOlKhsbu5HiUT3-4XhJn0cNif4jPja1JQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Sun, 11 Feb 2024 21:22:48 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame 84D4 12 KB
13 KB 142ms
56ms Font
application/octet-stream 142.250.80.123
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.80.123 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s36-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
Origin: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:04:53 GMT
age: 913
x-guploader-uploadid: ABPtcPo-y6ZTil5poqgDtwszViJqi9zVtxuFUXHYYYyKT_QSg8spmvYDTaWl0P3Cc7rYhi4cRw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Sun, 11 Feb 2024 22:04:53 GMT

GET
H2 200 style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame D876 12 KB
2 KB 95ms
35ms Stylesheet
text/css 104.22.24.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
age: 6512
etag: W/"656f1d9e-30c9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 853fa24aafe412eb-ATL
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame D876 3 KB
4 KB 94ms
34ms Image
image/png 104.22.24.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
cf-cache-status: HIT
age: 3133
content-length: 3429
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
etag: "656f1d9e-d65"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 853fa24aafe512eb-ATL
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 0100657458245.jpeg
interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame D876 52 KB
53 KB 125ms
124ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-d0e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 53472

GET
H2 200 0933414948049.jpeg
interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame D876 14 KB
15 KB 305ms
303ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
last-modified: Wed, 15 Aug 2018 10:56:50 GMT
server: nginx
etag: "5b7406f2-393b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 14651

GET
H2 200 0350025199145.jpeg
interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame D876 35 KB
35 KB 309ms
307ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
last-modified: Tue, 17 Jul 2018 10:46:08 GMT
server: nginx
etag: "5b4dc8f0-8b17"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 35607

GET
H2 200 01289039865190.jpeg
interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame D876 49 KB
50 KB 321ms
319ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-c502"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 50434

GET
H2 200 player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame D876 28 KB
28 KB 89ms
38ms Image
image/png 104.22.24.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
cf-cache-status: HIT
age: 3133
content-length: 28527
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
etag: "656f1d9e-6f6f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 853fa24aafea12eb-ATL
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 script.js Show response
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame D876 1 KB
561 B 87ms
36ms Script
application/javascript 104.22.24.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.24.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 12:54:54 GMT
server: cloudflare
age: 6200
etag: W/"656f1d9e-58b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 853fa24aafe712eb-ATL
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012401291952000/ Frame 9468 196 KB
55 KB 41ms
39ms Script
text/javascript 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3eca9711527fe0ef176061b86ddb6380ac65012af5295dc8594e1fd40b43dc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 00:30:00 GMT
age: 247806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56077
x-xss-protection: 0
server: sffe
etag: "1ed25d76f90879fd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Feb 2025 00:30:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame 9468 15 KB
5 KB 48ms
46ms Script
text/javascript 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952f4a545636082660a36e042a5fc4f08833978338cb85b731a8c8cdb6a1f9c3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 00:15:49 GMT
age: 248657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5233
x-xss-protection: 0
server: sffe
etag: "68ac9d88d2f391b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Feb 2025 00:15:49 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame 9468 95 KB
28 KB 49ms
48ms Script
text/javascript 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a577e7fb9faad8a5fdc642832ba0bcf65ae0f6205d7f9ae124b08ecfc8e7e579

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 00:19:18 GMT
age: 248448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "2d02fb878b5fde43"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Feb 2025 00:19:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame 9468 5 KB
2 KB 52ms
50ms Script
text/javascript 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b5110727771b2c728a77387937413360b7c81afe6b78c2d379f9382d5762f9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 00:03:09 GMT
age: 249417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1914
x-xss-protection: 0
server: sffe
etag: "705bfb43384be481"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Feb 2025 00:03:09 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame 9468 40 KB
13 KB 52ms
51ms Script
text/javascript 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

sffe /

Resource Hash

04a5eb2c4ba6aebc816c3005f46a65cc24cc3f3c4945cd7ab0b9d47975c7afb7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Feb 2024 00:13:34 GMT
age: 248792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "7c9e2849f5b8f3a3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 08 Feb 2025 00:13:34 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9468 16 KB
2 KB 56ms
56ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3309a12da2ed18db77a65bfd52b4fb97a0dfd77e4f22889bd708a010ffd2f9c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 11 Feb 2024 21:20:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 11 Feb 2024 20:39:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Feb 2024 21:20:06 GMT

GET
H3 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9468 2 KB
2 KB 53ms
52ms Image
image/png 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 22:25:08 GMT
x-content-type-options: nosniff
server: cafe
age: 82498
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Sun, 11 Feb 2024 22:25:08 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9468 295 B
319 B 52ms
51ms Image
image/png 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 20:40:55 GMT
x-content-type-options: nosniff
server: cafe
age: 2351
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 12 Feb 2024 20:40:55 GMT

GET
DATA 200
OK truncated
/ Frame 9468 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9468 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88f31001727ae235c02c037a7ad549ea23592dd78e34b94fc29b65450f11e7e3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0100657458245.jpeg
interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame D876 52 KB
53 KB 310ms
308ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-d0e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 53472

GET
H2 200 0933414948049.jpeg
interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame D876 14 KB
15 KB 313ms
312ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
last-modified: Wed, 15 Aug 2018 10:56:50 GMT
server: nginx
etag: "5b7406f2-393b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 14651

GET
H2 200 0350025199145.jpeg
interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame D876 35 KB
35 KB 314ms
312ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
last-modified: Tue, 17 Jul 2018 10:46:08 GMT
server: nginx
etag: "5b4dc8f0-8b17"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 35607

GET
H2 200 01289039865190.jpeg
interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame D876 49 KB
50 KB 314ms
313ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

accept-language: en-US,en;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fthubanoa.com%2F12%3Frnd%3D2132225297%26z%3D7013738%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DOen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R%26bag%3DydU9kaAfa6I%3D%26ruid%3D47af44e1-23f1-47e3-b098-fb98740c0f12%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fhubdrive.lat%252Ffile%252F364836294%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D2%26sah%3D1200%26drf%3Dhttps%253A%252F%252Fhubdrive-lat.cdn.ampproject.org%252F%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3DVyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:06 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-c502"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 50434

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 9468 47 KB
47 KB 41ms
40ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hubdrive.lat
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 00:21:07 GMT
x-content-type-options: nosniff
age: 248339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 00:21:07 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9468
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

65ms
64ms

Image
text/html

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294
Protocol: H2
Server: 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s32-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Redirect headers

date: Sun, 11 Feb 2024 21:20:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9468 0
0 107ms
106ms Image
text/html 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsIvCBjrJZb7SFOipjvQPq5SrsAWmzsfcdZS0tOTfEKHxs83EOBABILbz5psBYMmGgIDgo7QQoAGc74DCAsgBAakCiFZXLt_cST7gAgCoAwHIAwqqBLQCT9Cs8oST5ymqEuzaeQZwlGZnU_kTXhgYY24_V3GIcPgsqk8kGvaXdX2IF42rFTtFv-jhyiOOL7c4ylSP4ZAMcaR7qXA4XHp2t9jaZZaLKH14-OQwuXyUorSVr2e5gaQYkF-p2uEDgJugKoHDJwaP1K2npauZOgB6MNQsUpwcqrqJTZs5idNa-IKgROo38PBo9dqw43wfkVrhCK3LaaavQ7sqCYyYdf8bxrZe3oj2fpDtRSzNvKQdUfbA1GZg-b_eXgyOGDS6Q8z6BTIld5STAxcLnngif17j5IR6euk0fWcq4x3i6UH9UcuAz9efdqdttFPl5VdxIdJ13dQ51Fb3Jikrj8LDvtbU3RVqCnUrIJE7MCKXGP6hvL-r_MepGOADA9NRoqxgkDRaLEmVdvluwZ9kM2DABKiOuKefBOAEAYgF9pCZ-kiSBQQIBBgBkgUECAUYBIAHzJD_vQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCZ0R3SCCQIgGEQARgdMgKKAjoJgECAwICAgIAISL39wTpY98bOzJukhAOaCVtodHRwczovL3d3dy5tYW5hZ2VlbmdpbmUuY29tL3Byb2R1Y3RzL2FjdGl2ZS1kaXJlY3RvcnktYXVkaXQvYWN0aXZlLWRpcmVjdG9yeS1hdWRpdGluZy5odG1sgAoDyAsB2gwQCgoQ4Pfesea2xpx9EgIBA-INEwj2887Mm6SEAxXolIMIHSvKClbYEwKIFAjQFQGAFwGyFx8KHQgAEhRwdWItNjgyODE3Mzk3Nzk3ODQ5Nhin3JQB&sigh=ZNc_dmzpX5w&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_jAzhPDVJ_ihVyJGWXdjOpYzU0RkCYiMeeR-Ewrp2HKbdldAdYKxwPxWPLfptSOe4Yp9CxLdQ3gT6NtFjV_rz_JRUb5dcS8ctBRgB&template_id=5028&cbvp=2
Requested by: Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s40-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 container.html Show response
a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 26A4 6 KB
3 KB 43ms
41ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 21:20:05 GMT
expires: Mon, 10 Feb 2025 21:20:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 21CA 42 B
108 B 167ms
69ms Image
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthseBtjTucnJys83CZ8STgwNz7LXTNJmtvu0P4KcqGB4NEqhJ4pidUtn-vh2C1nGg9HEBWEM6mvYmRfEaTe0x88NIIgB7QfhtLFFNK8PLW3N_atyqK5_5mA0kksp9u_z6OA3ESUbecWmfBY1iQL5Em00ZrBcMDpfY&sai=AMfl-YRZ9duw_SookxSj2Pwi6ViYfGCJKmbY5zYGyFxmv2BrDdHE1Iba-zpdxCw8tVGlvWQq5JsWzPJkR0csF0ijL_tf45BFz21M2-GpRhQuuTCHW9iFUzHVMnQ9YLvIKysX_9bld0UtK5kq1CxgFbYQTQ&sig=Cg0ArKJSzEoNb-CnM3UqEAE&cid=CAQSTwAvHhf_7PlmkT97sfI8py4VgFDqxQ4hqWWNICAk7-IOVnVeh16awsau06B6TjwECWR8jS6SYRtqQlvHOtKk_Vbe504HMWzfVC6QoJALDnEYAQ&id=ampim&o=684,157&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1013&mtos=0,0,1013,1013,1013&tos=0,0,1013,0,0&tfs=214&tls=1227&g=100&h=100&tt=1227&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AE18 624 B
245 B 70ms
68ms Document
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGLPZ3IYCMAE&v=APEucNUpDao_e2nRICrFhCbm230bOvAcv2Jk5M2tVOyJfBXnHxrRu6rIopF8P8ZFSrOvEqf1o5vqrWFouBW5Sd2Vkvn3VMRp5A

Requested by

Host: a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com
URL: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 21:20:07 GMT
expires: Sun, 11 Feb 2024 21:20:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 26A4 111 KB
39 KB 129ms
39ms Script
text/javascript 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.6 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
Origin: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Feb 2024 14:11:17 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 26A4 8 KB
3 KB 114ms
44ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 00:22:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 00:22:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 26A4 23 KB
10 KB 104ms
40ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 00:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 00:10:45 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 26A4 41 KB
14 KB 42ms
42ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/364836294

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 09:17:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 26A4 3 KB
1 KB 52ms
51ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com
URL: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 16:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 16:09:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 26A4 20 KB
8 KB 43ms
42ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com
URL: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 00:10:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 00:10:36 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26A4 42 B
173 B 129ms
67ms Image
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DFOqVyWLo6Z10i0SN6K7mI-krZUB9hKQfO5pQscTDAFN3Qx3qHeTmS-mJuyCx7bwTZq3nHq4Gj3_-iAjbNaKtfa_qiIHBTgVJENy7IAwbKTxEek1o

Requested by

Host: a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com
URL: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26A4 205 KB
65 KB 82ms
81ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com
URL: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a89adcd85f7cfd505dc7b42270543241b2e39b7f87f8551012b736ef64bbef19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66416
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707309907044448"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Feb 2024 21:20:07 GMT

OPTIONS
H2 204 11
thubanoa.com/ Frame 0
0 136ms
136ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/11?rnd=173479815&z=7013738&b=5362695&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=Oen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R&ruid=47af44e1-23f1-47e3-b098-fb98740c0f12&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sc
Access-Control-Request-Method: GET
Origin: https://hubdrive.lat
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://hubdrive.lat
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sun, 11 Feb 2024 21:20:07 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 11 Show response
thubanoa.com/ 0
878 B 116ms
116ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/11?rnd=173479815&z=7013738&b=5362695&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=Oen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R&ruid=47af44e1-23f1-47e3-b098-fb98740c0f12&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Requested by: Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
X-Sc: VyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-trace-id: 01e3b3ee6f130ee6051df46a634d6df6
pragma: no-cache
date: Sun, 11 Feb 2024 21:20:07 GMT
x-sc: Lukk3-OSmRdZLi6AVyhyMC9DsGRbWIKefU7MIiqjlrVN_gUQAauFtvs-3boW11gKIQApH-HavvvSqVGJJXz7FWeUjrBiT6c0f4ppk5bfiW5Hi3KuXGkrd5xX9XmtiOyq8ylFrcCG2WvwSy1z7U5hL97Bv41qHU5S
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B6D0 38 KB
13 KB 42ms
41ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 248745
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 00:14:22 GMT
expires: Sat, 08 Feb 2025 00:14:22 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame AE18
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHtPrka8CzXh7ZBBytsdh8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHtPrka8CzXh7ZBBytsdh8&google_cver=1&C=1

43 B
335 B

48ms
47ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHtPrka8CzXh7ZBBytsdh8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGLPZ3IYCMAE&v=APEucNUpDao_e2nRICrFhCbm230bOvAcv2Jk5M2tVOyJfBXnHxrRu6rIopF8P8ZFSrOvEqf1o5vqrWFouBW5Sd2Vkvn3VMRp5A
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vP0BUpyu15Taa0pAhyz5Z5ldyurHWiorh0ze1fZGdquMdDbmlae3FpmInBiyFOuKMjyl4nu4Sm05D0ZQ%2Bzn%2F2Wjv0EKetWT1aDtUMrBqEt%2BfQwFtriv6RiwfCzRSMh8xvlKV3SpgU39g0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 853fa2510e7f44de-ATL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sqCaqyU%2FBawk2dlcN5XfmJ896HTTVZ3oHNo8VaZdbt%2B72Qv5dtn6jzzDqKeH7IykFT3Ql0nKK2A0a5JSt8u%2BvbLH5zz45nDcDzz60Xj5nQrYAL2gpjd4BaQq%2FdkUD9FeejN41dyt3c5uA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESECHtPrka8CzXh7ZBBytsdh8&google_cver=1&C=1
cache-control: no-cache
cf-ray: 853fa250ae2644de-ATL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AE18
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zck6B8AoJJ0AABXvACFiPgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHtPrka8CzXh7ZBBytsdh8&google_cver=1

43 B
767 B

49ms
49ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHtPrka8CzXh7ZBBytsdh8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGLPZ3IYCMAE&v=APEucNUpDao_e2nRICrFhCbm230bOvAcv2Jk5M2tVOyJfBXnHxrRu6rIopF8P8ZFSrOvEqf1o5vqrWFouBW5Sd2Vkvn3VMRp5A
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGLMTmqB4bu4cf5wMWJkwZqZ3rwsCVY3rJAxl4DrVBNxZ5hbnBJZse4JYW78n1ai%2FBcnC6CHLdvwCIcfrrFFCKsd52VoNIpaA5tv7zti%2BrtmgE2ARGz6OfIoTdbPGoP688xV5M%2B8HCvgeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 853fa251bbe6b115-ATL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECHtPrka8CzXh7ZBBytsdh8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame AE18
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENP5diXNsIECxgIvVHKqgb4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENP5diXNsIECxgIvVHKqgb4%26google_cver%3D1

43 B
1 KB

45ms
44ms

Image
image/gif

68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENP5diXNsIECxgIvVHKqgb4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSckNwEEMnO-vAEGLPZ3IYCMAE&v=APEucNUpDao_e2nRICrFhCbm230bOvAcv2Jk5M2tVOyJfBXnHxrRu6rIopF8P8ZFSrOvEqf1o5vqrWFouBW5Sd2Vkvn3VMRp5A

Protocol

Server

68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:08 GMT
an-x-request-uuid: 156e97d0-0f91-4e90-8aa9-7e38f5b2712b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.215.181.184; 185.215.181.184; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:08 GMT
an-x-request-uuid: ce65c0c1-1331-422f-9233-e884c4a3c581
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENP5diXNsIECxgIvVHKqgb4%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 185.215.181.184; 185.215.181.184; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE18
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY5MTQ2MjA2MzE4MDQxNTQ2NQ%3D%3D

170 B
188 B

68ms
68ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY5MTQ2MjA2MzE4MDQxNTQ2NQ%3D%3D

Requested by

Protocol

Server

142.250.64.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:08 GMT
an-x-request-uuid: 64c9f458-59e0-486f-8f26-152381b7d5f9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY5MTQ2MjA2MzE4MDQxNTQ2NQ%3D%3D
x-proxy-origin: 185.215.181.184; 185.215.181.184; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 26A4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0990e0542a7f8f66733b7c681010f90edd1d8a843f30be9cbf7b2d4ad029b113

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D876 548 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 204 15 Show response
thubanoa.com/ 0
651 B 114ms
113ms XHR
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/15?rnd=4077127937&z=7013738&var=&varid=0&rb=Oen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R&ruid=47af44e1-23f1-47e3-b098-fb98740c0f12&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.903%2C%22location%22%3A%22https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A3%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
Requested by: Host: thubanoa.com
URL: https://thubanoa.com/27/2dfc5cc60fdf6636778a3fa44bb932c7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
X-Sc: VyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-trace-id: 95795bda8ae319ea5a3bf88e275d2f18
pragma: no-cache
date: Sun, 11 Feb 2024 21:20:07 GMT
x-sc: VyYoJuf_LOVvArRlvoN28RL9UsPnaVgLyuXrvQnPrH7HFgqq3YLzRz6yNmZjjcTqwYmD5BpZiLGl_jmj
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://hubdrive.lat
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 15
thubanoa.com/ Frame 0
0 142ms
142ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thubanoa.com/15?rnd=4077127937&z=7013738&var=&varid=0&rb=Oen7Gs69dSsJgllL-si2m3_peTiIBexnIj48YToBZCp2PQ-dYqfeGLeIxpcvlEqBUKBN8IchP0g-6-OqFH_EH4fWLTqjJO7dofBfH8c-MFTLOfxL59x6gi9KWX0VN2e0Mh1n2miEr6Fcig2klOcTeNOqHh60H4gMFELMjKIta27fStkdvt7tyOeWVDXEJqTXZk6jsqA1qE39xRyALv2PzhQzLQfXa33ZdNrvlDARLoX7ZDa3r3BjebUW9NZs9okSgx4uQ8dsZwCv3o_3ePL-sE8jtihBrJ5Lv9por-XQARMslB10Cq65O2GMYl2eVr6R&ruid=47af44e1-23f1-47e3-b098-fb98740c0f12&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.903%2C%22location%22%3A%22https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A3%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sc
Access-Control-Request-Method: GET
Origin: https://hubdrive.lat
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://hubdrive.lat
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sun, 11 Feb 2024 21:20:07 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2285341212996986755/ Frame 5FC8 129 KB
34 KB 130ms
43ms Document
text/html 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2285341212996986755/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c943cf5e7d95fc5b1523925d7d5f0933efb92230cccc2c895db40f9907c87b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 249330
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 35248
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 00:04:37 GMT
expires: Sat, 08 Feb 2025 00:04:37 GMT
last-modified: Sat, 03 Feb 2024 15:47:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 26A4 0
0 174ms
83ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstYXbsL3LDLwM5obVThuIqWRUCtaNve2mT8Re4aXG45heWnTE5pWCSKo3bez_5k9BjjsY-vBzSVeEwBKptktpJ9E-TfbFlxKH2JC62F2uTJqfd670cKOMe5zk5YkidYpTjaWi20ZQAyc1qAy0CLsI-NZGipH9VRxjg5l3aL_CIZgUhUacrgLOFNgzTB15uE1bghhUvNKGQDRSxmhSh4oJ4xRLlXdAyTojYkW73TupNSkzXAyUPiykYsr9mlfUtUYlHJST1oi2Jb0BRlHQt3P0iOZ6p1YBcgWvr3ml4LEGogxSqziWLTi52JFMO60x4uXg6WjzyQ2Y3-M0ledWAXQmVdVprFy4QRfawKLGkHqOaqRdjw5psAYdihYXLij007k8olnyKg6yAHxef-HqC0O2gpwZY8ZjSRxYk7y2gYtXFnHNlqCBlV8P6yfep-SGL9ChvmpM7mjvoKDxDzrRe3fNjZ65skm5p2nO3OHo1Oepxpp-l_m-3WkBgQ78h7htUdCerE_rQQVxqSHuNHAAQX98d3YXi8pS1SdGFfIDG-fqgxl0ztSyxNfYHcoe9E7-qncIqq86SVh8tBHB_cMcSvaCsYyMlkzWSdr6b2TRcHEdoVdvWUj2yjP0JUkK5t-dtjauF649jHtKP7VRY5xlCK5cAiw3hi-0SI-RBT14uWJonuYILJ5p2_RL-TgmG8VtoFXy5sIeZUG_gHHI7iHIcrbBINeLHS9VnSq3c_WcKZQHLd4Liv4oo7TzSr26k0rsE3gsAFSxoinL4tTNroxfesupFSYI2aZnfayfGzbqNuUzRyX8kRoG65dkYoPKbwqVtYQGAz8pQ5v8fa2nNTQJakUZhRsUhY2-fjNQ-JqwuME7x9yR8sXCnPEWb4FHe4zJ0C3nRgNUZCcGcIB1dczW0Y9ii47KswqKF8BG_TU8XTq0mWw0Hn7B9uO7ubv5t1eKrpxBTYbU9E1g9D4lWxtxOSE1MGHyZ17TdUji-YiHGz_Zq7s9FoWFwoyhGdkeGow4kau6r89Hx18GxEmbxOQjX8PoJhGBYlLjiXjiJaXqZhWLFQO_i76-YGgc5w_9o_ICeSnRVsCzt7foSouRTEBAx6D1L3MDipLAsagl4DmCoKtlIalMxamdJZJ79GG4hydpatl6ze-QVcEkcdsOwI-dgyVJenLGXT3njXmOEv-MRAWDjJ05cU-61TYnEGZ7CqUZR7tQ5fj5jaQIiCES4FRdULzp8kteBmY3_0iOwWpeVzS4yyF_k4mChe3Zy5fRWbTLqX8e6PDuoeF5TL_LFBNLhDsp2XV95RNlxAacS8zO4SOx-uRVofVdwJ_lxS_7BYRnx0ElgrO-q0yCwTULRY0EHcYqGNaUWIrJ_cOwvwFQk9jORU7uoTtBDgyyq49tExXHgltFPq3suoE7YttdI45ixjc98k99x-3MaByzlhye5L_GtQ4UErwdUns6ArcnUY1ywL3t0nTUD2LUM&sai=AMfl-YTJzSGYuStsF0avUPnkDfjNfuiIapu65Q4TrsIKMYRcRC-AYTk-HJqEN6bjhRxZqMqXCnEr9jjNPLRGTOPKO1SvHnas_pVjfHxdSAumccVxQ-P_M2jWb8M4iTFCaNkUPRuEn_pzxyelvYBIeMgINs1SYdeou_4GLeS0FfCsq95Mr5uFb_Eu8sMRmoIWXMCEaO7L1WDCRhgXTFyxiGN_VDTZzlzc5QgwCQHj4L0tiS9m_K8_55jr03W2VEwvEDFKUA4U3gJRDjvbjE-MmdU1uXyGthYh4zMwlby003KZdey5gYheflclfmhS2ZliVkeI7g7bEAPIbkW7_Ud43gLR6JbT1arV76ksI-13sRY9eDWKtuDc9aX9d_-e6M-ghZBRgcEdJuPs2vurLfSzhIew6RtJdXcu-5mj2wLQvATzNW6h-5eAE8_hkrKKyWoOSteFto6WK7DENPPfuur0eJ2Jw13LaKQ3chYyRrEsHeufvAFjmp6Y_t0U2rmT0ij7JtgWoPrd96qBZHe8Kg&sig=Cg0ArKJSzNCnVhhwrQaSEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9qYW1lc2F2ZXJ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=206&cbvp=1&cstd=202&cisv=r20240207.95716&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Feb 2024 21:20:07 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 11 Feb 2024 21:20:07 GMT

GET
H2 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame B6D0 39 KB
15 KB 39ms
39ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 20:06:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Feb 2025 20:06:56 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 5FC8 32 KB
11 KB 42ms
42ms Script
text/javascript 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2285341212996986755/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2285341212996986755/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 19:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Feb 2024 19:32:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B6D0 0
20 B 73ms
72ms Image
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BSpQaBjrJZeuhLODQjvQPoey-gAUAAAAAOAHgBAI&bg=!uLulu_TNAAaxkZ3akZE7ADQBe5WfOLsiowEohFnEx57fYz346MYYCHF-Mq90zCe5beBAUZrAK-TBGy8UDMhTCjQOS2Z3AgAAAGlSAAAABGgBBwoAGuhGD0_hEulA-9WpURrkDPyvN2ttcwZefA7LmQMKKfXM43kxcsguLwzKvmFTqut-SUu0Cx00XTE0D5WFZeydCL0Odd1ckmS8M73Y-LoOeWXoLX177kUCp1YWBSGZ6zO2zPUBD6FF3aj5wMlyKACfAfGWNp0Hp3646alql37ZhT81Mp-ZmllwnEGd1xBi8ci2NX4kElF0jBJXpe-xIDt-MSgGebvOO3DbQi8ie2w-1aU8HzP8UK45zVh1esVhgKF3Desr8Bwx_mKvfmsYEGCsV42vBB15wHbMiQQXTF_d4oLCmKYn_jKOp2IcB7cBrNzoec82-VJY3htVkoW3PFp165f6Adb25BZNKXZRX701W84KL70YqlNjt7w1Fqabvf8WOatmSIiHv3gU8hiFq7piXf81do1dbGQWGHt_8X8Me6ycmDA_S5w5Rjf0hI5BYObqPUmqzNN0-3FudzLIs5b0u89HCOtsJOy5W32W2EAM2Wwv9XUS-Ph2mqjkBJdiJoTg6oHydl-CDF07thItXMSxwPNrhDmGPJIVbJ6GSdT98ChcgteuB04Pn-TdY_Uld121hxs0nCK3acxhPo7BnBefIhqYaTTNUiRV-yAliSvxPwMBwzzBFA4peCZCPiGM3qFYhQj1bAI1GjZJUlYlTlRCLMp3KOOLPokUU7i04oaTqI3OilsGqHstnzt6op0EE3Wdhq2JeY-fQuK18cKefo6lerhl6TKhpzBuChy-g4eFaLyM6nOXuxAhrZAM4UaeIHAzmj3qs33hsBGCqyiIBNtsE0HLZbAwtX0JOExl_QTy-66GXF4WrQcYNmHXdyTCS228j3LLgitry02cp8CBnPckfGsrCctXq7DYu0pScB1RlByzZAW63z0979qruhGd-PUyI94faWr7UvLhJCZAb78VpvofitgfsS0GiegStIJVYzrx46jXrLufAyrmh7Eotlmc3q3yiJbmBtiQp-5f_UP7-L3y2G6OWHBYO1OqPoITb9sG5q6NhnHbnVct1P7LbsuIX1GTpmjrkIqA9XodosISHQS_-EIvyfQX0Y9wuDvTjMqDG4U02RTkfw

Requested by

Host: a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com
URL: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 null
s0.2mdn.net/sadbundle/2285341212996986755/ Frame 5FC8 43 B
65 B 179ms
179ms Image
image/gif 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2285341212996986755/null

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2285341212996986755/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2285341212996986755/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 11 Feb 2024 21:20:07 GMT
date: Sun, 11 Feb 2024 21:20:07 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
allow-fenced-frame-automatic-beacons: true

GET
H3 200 HeartRings.jpg
s0.2mdn.net/sadbundle/2285341212996986755/ Frame 5FC8 89 KB
89 KB 43ms
43ms Image
image/jpeg 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2285341212996986755/HeartRings.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2285341212996986755/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.6 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

280dfa5fbc9f65ab87f7ad5daa57a6c16cd36f3e96c94479a7b6f571fc9c65f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2285341212996986755/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 00:21:46 GMT
date: Fri, 09 Feb 2024 00:21:46 GMT
x-content-type-options: nosniff
age: 248301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91604
x-xss-protection: 0
last-modified: Sat, 03 Feb 2024 15:47:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 5FC8 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 26A4 0
0 71ms
70ms Fetch
image/gif 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstYXbsL3LDLwM5obVThuIqWRUCtaNve2mT8Re4aXG45heWnTE5pWCSKo3bez_5k9BjjsY-vBzSVeEwBKptktpJ9E-TfbFlxKH2JC62F2uTJqfd670cKOMe5zk5YkidYpTjaWi20ZQAyc1qAy0CLsI-NZGipH9VRxjg5l3aL_CIZgUhUacrgLOFNgzTB15uE1bghhUvNKGQDRSxmhSh4oJ4xRLlXdAyTojYkW73TupNSkzXAyUPiykYsr9mlfUtUYlHJST1oi2Jb0BRlHQt3P0iOZ6p1YBcgWvr3ml4LEGogxSqziWLTi52JFMO60x4uXg6WjzyQ2Y3-M0ledWAXQmVdVprFy4QRfawKLGkHqOaqRdjw5psAYdihYXLij007k8olnyKg6yAHxef-HqC0O2gpwZY8ZjSRxYk7y2gYtXFnHNlqCBlV8P6yfep-SGL9ChvmpM7mjvoKDxDzrRe3fNjZ65skm5p2nO3OHo1Oepxpp-l_m-3WkBgQ78h7htUdCerE_rQQVxqSHuNHAAQX98d3YXi8pS1SdGFfIDG-fqgxl0ztSyxNfYHcoe9E7-qncIqq86SVh8tBHB_cMcSvaCsYyMlkzWSdr6b2TRcHEdoVdvWUj2yjP0JUkK5t-dtjauF649jHtKP7VRY5xlCK5cAiw3hi-0SI-RBT14uWJonuYILJ5p2_RL-TgmG8VtoFXy5sIeZUG_gHHI7iHIcrbBINeLHS9VnSq3c_WcKZQHLd4Liv4oo7TzSr26k0rsE3gsAFSxoinL4tTNroxfesupFSYI2aZnfayfGzbqNuUzRyX8kRoG65dkYoPKbwqVtYQGAz8pQ5v8fa2nNTQJakUZhRsUhY2-fjNQ-JqwuME7x9yR8sXCnPEWb4FHe4zJ0C3nRgNUZCcGcIB1dczW0Y9ii47KswqKF8BG_TU8XTq0mWw0Hn7B9uO7ubv5t1eKrpxBTYbU9E1g9D4lWxtxOSE1MGHyZ17TdUji-YiHGz_Zq7s9FoWFwoyhGdkeGow4kau6r89Hx18GxEmbxOQjX8PoJhGBYlLjiXjiJaXqZhWLFQO_i76-YGgc5w_9o_ICeSnRVsCzt7foSouRTEBAx6D1L3MDipLAsagl4DmCoKtlIalMxamdJZJ79GG4hydpatl6ze-QVcEkcdsOwI-dgyVJenLGXT3njXmOEv-MRAWDjJ05cU-61TYnEGZ7CqUZR7tQ5fj5jaQIiCES4FRdULzp8kteBmY3_0iOwWpeVzS4yyF_k4mChe3Zy5fRWbTLqX8e6PDuoeF5TL_LFBNLhDsp2XV95RNlxAacS8zO4SOx-uRVofVdwJ_lxS_7BYRnx0ElgrO-q0yCwTULRY0EHcYqGNaUWIrJ_cOwvwFQk9jORU7uoTtBDgyyq49tExXHgltFPq3suoE7YttdI45ixjc98k99x-3MaByzlhye5L_GtQ4UErwdUns6ArcnUY1ywL3t0nTUD2LUM&sai=AMfl-YTJzSGYuStsF0avUPnkDfjNfuiIapu65Q4TrsIKMYRcRC-AYTk-HJqEN6bjhRxZqMqXCnEr9jjNPLRGTOPKO1SvHnas_pVjfHxdSAumccVxQ-P_M2jWb8M4iTFCaNkUPRuEn_pzxyelvYBIeMgINs1SYdeou_4GLeS0FfCsq95Mr5uFb_Eu8sMRmoIWXMCEaO7L1WDCRhgXTFyxiGN_VDTZzlzc5QgwCQHj4L0tiS9m_K8_55jr03W2VEwvEDFKUA4U3gJRDjvbjE-MmdU1uXyGthYh4zMwlby003KZdey5gYheflclfmhS2ZliVkeI7g7bEAPIbkW7_Ud43gLR6JbT1arV76ksI-13sRY9eDWKtuDc9aX9d_-e6M-ghZBRgcEdJuPs2vurLfSzhIew6RtJdXcu-5mj2wLQvATzNW6h-5eAE8_hkrKKyWoOSteFto6WK7DENPPfuur0eJ2Jw13LaKQ3chYyRrEsHeufvAFjmp6Y_t0U2rmT0ij7JtgWoPrd96qBZHe8Kg&sig=Cg0ArKJSzNCnVhhwrQaSEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9qYW1lc2F2ZXJ5LmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=593&vt=11&dtpt=387&dett=3&cstd=202&cisv=r20240207.95716&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: hubdrive-lat.cdn.ampproject.org
URL: https://hubdrive-lat.cdn.ampproject.org/c/s/hubdrive.lat/file/364836294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Feb 2024 21:20:07 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9468 42 B
64 B 75ms
75ms Image
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_m1se_3xFAVeNzoP-jzBtdTWawpDr9AWa0RJhljhXYk_CkMZq8HOYryiSAytOYTpKIBvt4mOVr7LXc3lysZXKoQZH7HNOcXPrCeTHdBDUzD3K39SMgvE_LTeDITEx1eebmPVGxJNW7jb09afGxi9OHnzhvlnXdU1rGUPF3KfwOKI0UYCqC-lwVltcpbw&sai=AMfl-YR91-IQ8oQx9sQRoFuc6mmgdqoVMq0qXsJoH7KSrBXkYm5_GNtaHAzu4Dd4jxLYWljE1w0CfSw-6AOJ5UOcx8GrGnhjKhgiH0ynQXMIZ6bDhb4_TaRJkk4hKkLGnWz6qpm84uYpb3gsXmlwKxtg&sig=Cg0ArKJSzOLm1NyyBbx7EAE&cid=CAQSTgAvHhf_jAzhPDVJ_ihVyJGWXdjOpYzU0RkCYiMeeR-Ewrp2HKbdldAdYKxwPxWPLfptSOe4Yp9CxLdQ3gT6NtFjV_rz_JRUb5dcS8ctBRgB&id=ampim&o=684,652&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=114&tls=1115&g=100&h=100&tt=1115&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: hubdrive.lat
URL: https://hubdrive.lat/file/364836294

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hubdrive.lat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 26A4 42 B
64 B 148ms
69ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOhpB-5NJtnV06O7ejjW9VEmRUOYNNbJAyT3VKhiKB84lVkF4LOZxH-u-15pd70bsEkd4zAgN_us5XhedptjrpJn3mK2NQyKKrT8YEnJQfiwicD6-XcpmKyTacoJ_C4bVrf5FeoB893mI1pJ35D77HkOr9eRJS7Io&sai=AMfl-YScWV9ZflsqJ30Grg_dPmnAiW_HZN-ROJFliVh_3gEA5ScERSLggAzGsKoYEhxFxUTXF8MMSpGVCcsgp-V-FB9EuJYK_ANlhE-_MBrr930eu-v4VmfdhLfLfIDXw5oyRvLBlnXqOR5IuPUOdPwhSw&sig=Cg0ArKJSzGG7w9YjPAC4EAE&cid=CAQSTwAvHhf_9RaWrRX1qhGHlqwP9pyXF_x9PyMQMZVXyask3abh1MP9DU2ZURVT0Zzf3Y7DruFPLgcvKlid5eeY3WuwxyGOAIjKQKbZHcHmMG4YAQ&id=lidar2&mcvt=1000&p=652,702,902,1002&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3263134374&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=361920700&rst=1707686407177&rpt=236&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a337ab5927e0ef3b49697c744a6d53f2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 21:20:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame E24B 85 KB
9 KB 38ms
37ms Stylesheet
text/css 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?290eb2f
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: ca943937aa6c69286d489d0720b1c8734d67446f5495374ff618f40788b65c75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:08 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: EBGAETYB7Q67X0H2
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 21:53:34
cdn-pullzone: 786569
x-amz-id-2: 6gB9LZm41K1fFG9A5WKJPDYL/pzIoptpSKuZzx1FKYqj3jBtUhzQLO2lsVMwkEU2whrXJXOLNbs=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"51616a4421ceea014ea555698310a2a5"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 9c5852f097443a94b5170ec8a8df7100
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame E24B 2 KB
1 KB 328ms
27ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6434846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 631
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZRXdKBggRZJZshvhykZOXKgQ%2BwEq3wlRYdyCotHnOwyZmJEl5XgPd21hyh77zjPJegImFdT4PqzkzRcsvSKhrtjJlm8SEqY0oBq8%2FtdgiOBLj2H6C8fCVz6VHMN3uXEodzNRKrH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853fa257d9f769f9-ATL
expires: Fri, 31 Jan 2025 21:20:08 GMT

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame 55CB 85 KB
9 KB 38ms
36ms Stylesheet
text/css 138.199.40.58
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?290eb2f
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: ca943937aa6c69286d489d0720b1c8734d67446f5495374ff618f40788b65c75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:08 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: EBGAETYB7Q67X0H2
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/03/2024 21:53:34
cdn-pullzone: 786569
x-amz-id-2: 6gB9LZm41K1fFG9A5WKJPDYL/pzIoptpSKuZzx1FKYqj3jBtUhzQLO2lsVMwkEU2whrXJXOLNbs=
last-modified: Sat, 03 Feb 2024 21:43:48 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"51616a4421ceea014ea555698310a2a5"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 59b43395aa1d163a2d301ff3e6dd1605
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 55CB 2 KB
912 B 325ms
34ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?6e086999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6434846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 631
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDpJtxg2C7hNr5xef03m4%2Ba2QZdBTGhgh0b3NAu2x5Ri5oX8NovGpU%2Fb5CmL9iZ3yvGKzzmWjPyYWdkhcsSk3UGibOFHXlXiZR0K9%2BBXST7rTCNWCOhQTbkR747wiC6YkTCoRoJH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853fa257d9fb69f9-ATL
expires: Fri, 31 Jan 2025 21:20:08 GMT

GET
DATA 200
OK truncated
/ Frame E24B 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 55CB 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 55CB 277 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 55CB 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 55CB 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 55CB 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 55CB 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 55CB 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK asyncspc.php Show response
greenfox.ink/d/ 3 KB
2 KB 128ms
128ms XHR
application/json 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://greenfox.ink/d/asyncspc.php?zones=7%7C10&prefix=revive-0-&cphost=43519b58b68d940f8734726dfed6c5c9%7C1%7Chubdrive.lat&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&referer=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F
Requested by: Host: greenfox.ink
URL: https://greenfox.ink/d/asyncjs.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: 69ba3d343b685d3376fc5d7d327d08d919ca572d61194c08ed4ed72a554c8604

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Feb 2024 21:20:08 GMT
Content-Encoding: gzip
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://hubdrive.lat
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 73ms
73ms XHR
application/json 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b2db136ca5f43dc0513874900130e60839dd1fe603635c1efc8de3abf3e6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12391
x-xss-protection: 0

GET /
tracker.arc.io/ 0
0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 78ms
77ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-18-223-141-84.us-east-2.compute.amazonaws.com

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 21:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 21:20:08 GMT

POST
H2 204 Q1de8d19S5QRfBqcMN3gcH
warden.arc.io/mailbox/nodes/ 0
0 135ms
44ms Fetch 18.223.141.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://warden.arc.io/mailbox/nodes/Q1de8d19S5QRfBqcMN3gcH

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?290eb2f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 11 Feb 2024 21:20:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"

GET
H/1.1 200
OK lg.php
greenfox.ink/d/ 43 B
523 B 135ms
134ms Image
image/gif 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&referer=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&cb=ffeeed6c7b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Feb 2024 21:20:08 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK lg.php
greenfox.ink/d/ 43 B
523 B 136ms
135ms Image
image/gif 5.45.74.150
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greenfox.ink/d/lg.php?bannerid=13&campaignid=5&zoneid=10&loc=https%3A%2F%2Fhubdrive.lat%2Ffile%2F364836294&referer=https%3A%2F%2Fhubdrive-lat.cdn.ampproject.org%2F&cb=a3c607bdf6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS: zmta28.corpresponse.com
Software: nginx/1.22.1 / PHP/8.0.30
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Feb 2024 21:20:08 GMT
Server: nginx/1.22.1
X-Powered-By: PHP/8.0.30
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4FF7 13 KB
5 KB 43ms
41ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 4220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 20:09:48 GMT
expires: Mon, 10 Feb 2025 20:09:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A9AE 829 B
560 B 60ms
58ms Document
text/html 142.251.41.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.4 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f4.1e100.net

Software

GSE /

Resource Hash

85143713d70e432ec22886edaafd0ca9dc7937ca95dd59a3c3c20d7a6e99c94e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8TDqEvgYNRxwdKduTkzoBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8TDqEvgYNRxwdKduTkzoBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 21:20:08 GMT
expires: Sun, 11 Feb 2024 21:20:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4FF7 39 KB
15 KB 48ms
47ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS