captcha.bot Open in urlscan Pro
104.26.6.110 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.wickbot-verify.xyz/
Effective URL:
https://captcha.bot/
Submission: On October 14 via api (October 14th 2023, 3:13:28 pm UTC) from US — Scanned from US

Summary HTTP 208 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 62 IPs in 6 countries across 57 domains to perform 208 HTTP transactions. The main IP is 104.26.6.110, located in and belongs to CLOUDFLARENET, US. The main domain is captcha.bot.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 25th 2023. Valid for: a year.

This is the only time captcha.bot was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 5	172.67.181.252 172.67.181.252	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 26	104.26.6.110 104.26.6.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.22.1.93 104.22.1.93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.26.6.139 104.26.6.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	18.238.25.94 18.238.25.94	16509 (AMAZON-02) (AMAZON-02)
2	23.48.145.205 23.48.145.205	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.217.13.104 172.217.13.104	15169 (GOOGLE) (GOOGLE)
6	172.217.13.194 172.217.13.194	15169 (GOOGLE) (GOOGLE)
17	138.199.40.58 138.199.40.58	60068 (CDN77 ^_^) (CDN77 ^_^)
9	3.160.22.119 3.160.22.119	16509 (AMAZON-02) (AMAZON-02)
1 2	104.17.2.184 104.17.2.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.57.101 104.16.57.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.13.174 172.217.13.174	15169 (GOOGLE) (GOOGLE)
1	142.250.31.156 142.250.31.156	15169 (GOOGLE) (GOOGLE)
2	18.238.25.72 18.238.25.72	16509 (AMAZON-02) (AMAZON-02)
1	206.189.125.55 206.189.125.55	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	141.148.8.2 141.148.8.2	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	172.217.13.206 172.217.13.206	15169 (GOOGLE) (GOOGLE)
3	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	104.26.3.70 104.26.3.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.13.166 172.217.13.166	15169 (GOOGLE) (GOOGLE)
2 4	3.160.5.46 3.160.5.46	16509 (AMAZON-02) (AMAZON-02)
2	104.26.8.169 104.26.8.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.2.114 104.18.2.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.72.202.96 52.72.202.96	14618 (AMAZON-AES) (AMAZON-AES)
1	3.233.146.171 3.233.146.171	14618 (AMAZON-AES) (AMAZON-AES)
1	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 7	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	74.119.119.129 74.119.119.129	19750 (AS-CRITEO) (AS-CRITEO)
7	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.22.145 104.18.22.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 14	172.217.13.130 172.217.13.130	15169 (GOOGLE) (GOOGLE)
16	172.217.13.97 172.217.13.97	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.83.76.68 23.83.76.68	395954 (LEASEWEB-...) (LEASEWEB-USA-LAX)
4	34.149.40.38 34.149.40.38	15169 (GOOGLE) (GOOGLE)
2 4	23.105.12.136 23.105.12.136	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	18.211.184.20 18.211.184.20	14618 (AMAZON-AES) (AMAZON-AES)
4 4	68.67.179.164 68.67.179.164	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
11	172.217.13.129 172.217.13.129	15169 (GOOGLE) (GOOGLE)
2	74.119.119.131 74.119.119.131	19750 (AS-CRITEO) (AS-CRITEO)
1	172.217.13.202 172.217.13.202	15169 (GOOGLE) (GOOGLE)
3 4	172.217.13.132 172.217.13.132	15169 (GOOGLE) (GOOGLE)
4	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	172.217.13.99 172.217.13.99	15169 (GOOGLE) (GOOGLE)
3	172.217.13.162 172.217.13.162	15169 (GOOGLE) (GOOGLE)
2 2	52.23.63.120 52.23.63.120	14618 (AMAZON-AES) (AMAZON-AES)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
4 5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 11	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
2	23.48.144.247 23.48.144.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	52.4.122.177 52.4.122.177	14618 (AMAZON-AES) (AMAZON-AES)
1 1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	63.251.28.133 63.251.28.133	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
5 5	52.72.216.167 52.72.216.167	14618 (AMAZON-AES) (AMAZON-AES)
1 1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
2 2	193.122.130.38 193.122.130.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2 2	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	40.76.134.238 40.76.134.238	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	35.194.66.159 35.194.66.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.200.202.245 34.200.202.245	() ()
2 2	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
2	162.248.18.34 162.248.18.34	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	159.127.42.41 159.127.42.41	25751 (VALUECLICK) (VALUECLICK)
1 1	192.184.68.134 192.184.68.134	14618 (AMAZON-AES) (AMAZON-AES)
1 1	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
1 2	67.220.226.233 67.220.226.233	16509 (AMAZON-02) (AMAZON-02)
208	62

5 172.67.181.252 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.wickbot-verify.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.26.6.110 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

captcha.bot	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.22.1.93 (None, )

ASN13335 (CLOUDFLARENET, US)

boot.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
intake.pbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.6.139 (None, )

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.238.25.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-25-94.cmh68.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.48.145.205 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-145-205.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.104 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 138.199.40.58 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-40-58.bunnyinfra.net

kumo.network-n.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.160.22.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-22-119.cmh68.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.2.184 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.174 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.156 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.25.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-25-72.cmh68.r.cloudfront.net

privygg.chargebeestaticv2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.189.125.55 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

geoip.network-n.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.148.8.2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
PTR: partner-p19.oracledatacloud.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.206 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.3.70 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.166 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.160.5.46 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-46.cmh68.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.8.169 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.2.114 (None, )

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.202.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-202-96.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.146.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-146-171.compute-1.amazonaws.com

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

networkn-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api2.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.22.145 (None, )

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.13.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.13.97 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f1.1e100.net

b45d3a787b758ba92ae69d224b1ce510.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.83.76.68 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com

u.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.105.12.136 (Manassas, United States) 2 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.184.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-184-20.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.164 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.13.129 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.202 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.13.132 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.99 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.23.63.120 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-63-120.compute-1.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.223.22.214 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.48.144.247 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-144-247.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.4.122.177 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-122-177.compute-1.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.133 (Secaucus, United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.72.216.167 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-216-167.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.122.130.38 (Ashburn, United States) 2 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.27.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

us01.z.antigena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.194.66.159 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.202.245 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.127.42.41 (United States) 2 redirects

ASN25751 (VALUECLICK, US)
PTR: iad11-nessy-float1.dotomi.com

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.184.68.134 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.39 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.226.233 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	captcha.bot 1 redirects captcha.bot	821 KB
20	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 ad.doubleclick.net — Cisco Umbrella Rank: 173 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	184 KB
18	network-n.com kumo.network-n.com — Cisco Umbrella Rank: 36826 geoip.network-n.com — Cisco Umbrella Rank: 71002	167 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 b45d3a787b758ba92ae69d224b1ce510.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	76 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	311 KB
13	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581 ads.pubmatic.com — Cisco Umbrella Rank: 588 image6.pubmatic.com — Cisco Umbrella Rank: 967 image2.pubmatic.com — Cisco Umbrella Rank: 1116 simage2.pubmatic.com — Cisco Umbrella Rank: 959 image4.pubmatic.com — Cisco Umbrella Rank: 1249 simage4.pubmatic.com — Cisco Umbrella Rank: 1354	27 KB
12	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 659 eb2.3lift.com — Cisco Umbrella Rank: 434	6 KB
12	privacy-mgmt.com cdn.privacy-mgmt.com — Cisco Umbrella Rank: 4402	70 KB
9	chargebee.com js.chargebee.com — Cisco Umbrella Rank: 24610	180 KB
7	hcaptcha.com js.hcaptcha.com — Cisco Umbrella Rank: 10514 newassets.hcaptcha.com — Cisco Umbrella Rank: 10576 api2.hcaptcha.com — Cisco Umbrella Rank: 21140	514 KB
7	openx.net 1 redirects networkn-d.openx.net — Cisco Umbrella Rank: 43650 u.openx.net — Cisco Umbrella Rank: 739 eu-u.openx.net — Cisco Umbrella Rank: 2959 us-u.openx.net — Cisco Umbrella Rank: 547	2 KB
7	4dex.io script.4dex.io — Cisco Umbrella Rank: 1696 mp.4dex.io — Cisco Umbrella Rank: 2423 u.4dex.io — Cisco Umbrella Rank: 3936	30 KB
6	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 895 gum.criteo.com — Cisco Umbrella Rank: 478 dis.criteo.com — Cisco Umbrella Rank: 648	8 KB
5	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 624	3 KB
5	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 402	2 KB
5	smartadserver.com 2 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 951 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898	3 KB
5	google.com 3 redirects analytics.google.com — Cisco Umbrella Rank: 178 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	btloader.com btloader.com — Cisco Umbrella Rank: 1081 api.btloader.com — Cisco Umbrella Rank: 1150	24 KB
5	wickbot-verify.xyz 2 redirects www.wickbot-verify.xyz	8 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 328 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086	3 KB
4	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 542 ib.adnxs.com — Cisco Umbrella Rank: 261	3 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 179	3 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 521	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 387	2 KB
3	yahoo.com pr-bh.ybp.yahoo.com Failed ups.analytics.yahoo.com — Cisco Umbrella Rank: 363	1 KB
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 712 mb.moatads.com — Cisco Umbrella Rank: 779	88 KB
3	pbstck.com boot.pbstck.com — Cisco Umbrella Rank: 8069 cdn.pbstck.com — Cisco Umbrella Rank: 8976 intake.pbstck.com — Cisco Umbrella Rank: 8654	18 KB
2	dotomi.com 2 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4048	744 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513	2 KB
2	technoratimedia.com 2 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1801	2 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 5274	1 KB
2	360yield.com 2 redirects ice.360yield.com — Cisco Umbrella Rank: 2362	696 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 728	55 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 782	688 B
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1374	104 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1176	1 KB
2	chargebeestaticv2.com privygg.chargebeestaticv2.com	1 KB
2	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 6285	11 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	156 KB
1	adform.net 1 redirects c1.adform.net — Cisco Umbrella Rank: 643	596 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 929	498 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 952	659 B
1	antigena.com us01.z.antigena.com — Cisco Umbrella Rank: 4797
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 602	1009 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 620	514 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 257	690 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 416	631 B
1	gstatic.com fonts.gstatic.com	34 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 621	279 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 470 Failed	1 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 2049	47 KB
1	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 2980	450 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	251 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	7 KB
0	rlcdn.com Failed api.rlcdn.com Failed
208	57

	Domain	Requested by
26	captcha.bot	1 redirects captcha.bot static.cloudflareinsights.com
17	kumo.network-n.com	captcha.bot kumo.network-n.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
12	cdn.privacy-mgmt.com	captcha.bot cdn.privacy-mgmt.com
11	eb2.3lift.com	3 redirects kumo.network-n.com eb2.3lift.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net captcha.bot tpc.googlesyndication.com
9	cm.g.doubleclick.net	7 redirects eb2.3lift.com eu-u.openx.net
9	js.chargebee.com	captcha.bot js.chargebee.com
6	securepubads.g.doubleclick.net	captcha.bot securepubads.g.doubleclick.net
5	match.prod.bidr.io	5 redirects
5	match.adsrvr.org	4 redirects kumo.network-n.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	newassets.hcaptcha.com	js.hcaptcha.com newassets.hcaptcha.com
5	www.wickbot-verify.xyz	2 redirects www.wickbot-verify.xyz
4	image2.pubmatic.com	ads.pubmatic.com
4	gum.criteo.com	static.criteo.net gum.criteo.com kumo.network-n.com
4	www.google.com	3 redirects tpc.googlesyndication.com
4	rtb-csync.smartadserver.com	2 redirects ssbsync.smartadserver.com
4	u.4dex.io	ssbsync.smartadserver.com
4	sb.scorecardresearch.com	2 redirects
3	us-u.openx.net	eu-u.openx.net
3	pixel.tapad.com	2 redirects
3	simage2.pubmatic.com	ads.pubmatic.com
3	x.bidswitch.net	3 redirects
3	googleads.g.doubleclick.net	captcha.bot
3	api.btloader.com	btloader.com
2	aax-eu.amazon-adsystem.com	1 redirects eu-u.openx.net
2	pubmatic-match.dotomi.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	sync.technoratimedia.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	ib.adnxs.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	eu-u.openx.net	kumo.network-n.com eu-u.openx.net
2	ads.pubmatic.com	kumo.network-n.com
2	ice.360yield.com	2 redirects
2	static.criteo.net	kumo.network-n.com static.criteo.net
2	sync-tm.everesttech.net	2 redirects
2	secure.adnxs.com	2 redirects
2	i.clean.gg	cadmus.script.ac
2	script.4dex.io	kumo.network-n.com script.4dex.io
2	ad-delivery.net
2	privygg.chargebeestaticv2.com	js.chargebee.com
2	challenges.cloudflare.com	1 redirects captcha.bot
2	www.googletagmanager.com	captcha.bot
2	z.moatads.com	captcha.bot z.moatads.com
2	btloader.com	captcha.bot
1	simage4.pubmatic.com	ads.pubmatic.com
1	c1.adform.net	1 redirects
1	cms.quantserve.com	1 redirects
1	image4.pubmatic.com
1	um.simpli.fi	1 redirects
1	us01.z.antigena.com
1	bh.contextweb.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	ads.stickyadstv.com	1 redirects
1	dis.criteo.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	pr-bh.ybp.yahoo.com	eb2.3lift.com
1	px.ads.linkedin.com	eb2.3lift.com
1	fonts.gstatic.com	fonts.googleapis.com
1	u.openx.net	1 redirects
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	intake.pbstck.com	www.wickbot-verify.xyz
1	match.sharethrough.com	ssbsync.smartadserver.com
1	id5-sync.com	ssbsync.smartadserver.com kumo.network-n.com
1	ssbsync.smartadserver.com	www.wickbot-verify.xyz
1	b45d3a787b758ba92ae69d224b1ce510.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	api2.hcaptcha.com	newassets.hcaptcha.com
1	cadmus.script.ac	script.4dex.io
1	js.hcaptcha.com	js.chargebee.com
1	bidder.criteo.com	kumo.network-n.com
1	networkn-d.openx.net	kumo.network-n.com
1	hbopenbid.pubmatic.com	kumo.network-n.com
1	hb.yellowblue.io	kumo.network-n.com
1	tlx.3lift.com	kumo.network-n.com
1	mp.4dex.io	kumo.network-n.com
1	cdn.pbstck.com	boot.pbstck.com
1	ad.doubleclick.net
1	www.google-analytics.com	www.googletagmanager.com
1	cdn.jsdelivr.net	kumo.network-n.com
1	mb.moatads.com	z.moatads.com
1	geoip.network-n.com	kumo.network-n.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	captcha.bot
1	boot.pbstck.com	captcha.bot
0	api.rlcdn.com Failed	kumo.network-n.com
208	89

This site contains links to these domains. Also see Links.

Domain
docs.captcha.bot
privy.gg
discord.com
arcane.bot

Subject Issuer	Validity	Valid
wickbot-verify.xyz E1	`2023-10-06` - `2024-01-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-25` - `2024-06-24`	a year	crt.sh
pbstck.com Cloudflare Inc ECC CA-3	`2023-06-04` - `2024-06-03`	a year	crt.sh
*.privacy-mgmt.com Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
kumo.network-n.com R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
js.chargebee.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.chargebeestaticv2.com Amazon RSA 2048 M01	`2023-04-30` - `2024-05-29`	a year	crt.sh
geoip.network-n.com R3	`2023-08-25` - `2023-11-23`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
cadmus.script.ac E1	`2023-09-02` - `2023-12-01`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-09-17` - `2023-12-16`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
u.4dex.io GTS CA 1D4	`2023-08-25` - `2023-11-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-06-02` - `2023-12-02`	6 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.z.antigena.com Sectigo ECC Domain Validation Secure Server CA	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh

This page contains 20 frames:

Primary Page: https://captcha.bot/
Frame ID: CE683854FE5D27B88735F195429C78CE
Requests: 105 HTTP requests in this frame

Frame: https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/master.html
Frame ID: 94CD03F61C7B869A39018AB5B075741F
Requests: 8 HTTP requests in this frame

Frame: https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 59D4F64350CDA266F851972F2245CA7E
Requests: 2 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 2FF13C523728066017F56B7A8AA6342C
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/bea6ade/static/hcaptcha.html
Frame ID: 66BE4448C44FDC8BD54EEBC9679CC505
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/bea6ade/static/hcaptcha.html
Frame ID: 9DF10FF29DE3175FC3D93FF9CB5F6629
Requests: 3 HTTP requests in this frame

Frame: https://b45d3a787b758ba92ae69d224b1ce510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B4DA848DD7CDAEFE2F64E416F3BB23E7
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 2906C2130CC053B5612800A45E27DF58
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: C114EE5AAEA50B87FC95AE283F2A6782
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: 944DAA12BD2199DE8217C5F2F5B8FA03
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs
Frame ID: 6AFC33C7FC469B827B090BD6BD6DBC6C
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0B3F3CAB54D98BDDE6127AC6C2F6EF4E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF0BB2459119F5166484B22F5FD4A95E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=captcha.bot&gdpr=0&gdpr_consent=
Frame ID: DC3DCD47E9E4168EA895037D41FB91B1
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Frame ID: 9D55C393D80B3CC7CA9C6744E58EEADB
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158684&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: FCA028AB2AB14675D0A28EF1B8F74D8C
Requests: 14 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=765fac68-b57c-489c-8ec7-92aeec542751&gdpr=0&us_privacy=1---
Frame ID: FDD58F3E1ED535C64B3FD0744B07A869
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=604B7506-F320-425D-A2DB-058DC89D91B0&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: C1D92398DDB5F329D20C984DB71DD44A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACaCE7KVWAAABwLfPBxUg&gdpr=0
Frame ID: A9DFEC5DD465C3AC651B0AE7E1BAD858
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4652640509533943309&gdpr=0&gdpr_consent=
Frame ID: B318C65C4063C27746DF86F9E93FA520
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Captcha.bot - Verification done right

Page URL History Show full URLs

https://www.wickbot-verify.xyz/ Page URL
https://www.wickbot-verify.xyz/cdn-cgi/phish-bypass?atok=0YLFwa97csy2GH7R.XbJb1BgfOYrnQpppWrUtMXRlXE-169729... HTTP 301
https://www.wickbot-verify.xyz/ HTTP 302
https://captcha.bot/ Page URL

Detected technologies

Chargebee (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.chargebee\.com/v([\d.]+)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

208
Requests

83 %
HTTPS

0 %
IPv6

57
Domains

89
Subdomains

62
IPs

6
Countries

2859 kB
Transfer

7253 kB
Size

93
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.captcha.bot/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://privy.gg/
Title: Privy.gg LLC

Search URL Search Domain Scan URL

URL: https://discord.com/application-directory/512333785338216465
Title: Add to Discord

Search URL Search Domain Scan URL

URL: https://arcane.bot/
Title: Arcane.bot

Search URL Search Domain Scan URL

URL: https://privy.gg/legal
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.wickbot-verify.xyz/ Page URL
https://www.wickbot-verify.xyz/cdn-cgi/phish-bypass?atok=0YLFwa97csy2GH7R.XbJb1BgfOYrnQpppWrUtMXRlXE-1697296392-0-%2F HTTP 301
https://www.wickbot-verify.xyz/ HTTP 302
https://captcha.bot/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js?onload=onloadTurnstileCallback

Request Chain 40

https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 86

https://sb.scorecardresearch.com/cs/25110922/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 114

https://sb.scorecardresearch.com/b?c1=2&c2=25110922&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1697296402276&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fcaptcha.bot%2F&c8=Captcha.bot%20-%20Verification%20done%20right&c9=https%3A%2F%2Fwww.wickbot-verify.xyz%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=25110922&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1697296402276&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fcaptcha.bot%2F&c8=Captcha.bot%20-%20Verification%20done%20right&c9=https%3A%2F%2Fwww.wickbot-verify.xyz%2F

Request Chain 119

https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-1f526R2x7e55u7d548nXjCHZ8C4Qws_X3GlAZc8J2w&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/102/8/2.gif?puid=3796168301766332927&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
https://id5-sync.com/k/155.gif?puid=AACaCE7KVWAAABwLfPBxUg&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=1ade366f-290d-4b4c-b61e-aead62f41cf7&ttl=%%TTL%% HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/5/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/102/2/5/5.gif?puid=4652640509533943309&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F4%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F4%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/102/123/4/6.gif?puid=18b2ebfcc56-4a900000010a4d0c&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F3%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F3%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/102/10/3/7.gif?puid=1943222738216027918&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/102/112/2/8.gif?puid=FDE70105006A576C&gdpr=0&gdpr_consent=

Request Chain 120

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3796168301766332927&gdpr=0&gdpr_consent=

Request Chain 121

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4652640509533943309&gdpr=0&gdpr_consent=

Request Chain 122

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZSqwEgAXw0ys2QBY HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZSqwEgAXw0ys2QBY&gdpr=0&gdpr_consent=&_test=ZSqwEgAXw0ys2QBY

Request Chain 156

https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&us_privacy=1---&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D%26us_privacy%3D1--- HTTP 302
https://u.4dex.io/setuid?bidder=openx&uid=e92dddc4-c5b4-43a8-8c6a-2212c2f22a70&us_privacy=1---

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 169

https://ice.360yield.com/server_match?partner_id=1790&us_privacy=1---&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26us_privacy%3D1---%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ice.360yield.com/ul_cb/server_match?partner_id=1790&us_privacy=1---&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26us_privacy%3D1---%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://u.4dex.io/setuid?bidder=improvedigital&us_privacy=1---&uid=459e2523-3b73-4edd-a932-d50aa89e2915

Request Chain 177

https://eb2.3lift.com/sync?us_privacy=1---& HTTP 302
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

Request Chain 180

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=1ade366f-290d-4b4c-b61e-aead62f41cf7&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 181

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA4NzQ3MTI4NjIyMTEwNTMzMzQzOQ%3D%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDaTQvcuHKSRTY4gbWs4Rdo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 183

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA4NzQ3MTI4NjIyMTEwNTMzMzQzOQ%3D%3D

Request Chain 187

https://x.bidswitch.net/sync?ssp=triplelift&user_id=2087471286221105333439&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=2087471286221105333439&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=841089db-f6aa-40c9-89ff-f7268b35256d&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=841089db-f6aa-40c9-89ff-f7268b35256d&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=af49f442-70fe-4077-a586-231693885f09&ssp=triplelift&expires=30&user_group=5&bsw_param=841089db-f6aa-40c9-89ff-f7268b35256d HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=841089db-f6aa-40c9-89ff-f7268b35256d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 188

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
https://eb2.3lift.com/xuid?mid=2711&xuid=08fe9a51-a58a-4fa5-9535-67b8736b8034&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---

Request Chain 189

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=4652640509533943309&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 190

https://ads.stickyadstv.com/user-matching?id=3656&us_privacy=1--- HTTP 302
https://u.4dex.io/setuid?bidder=freewheel&uid=2e5610ad4a38bab386155ea77412e9d&us_privacy=1---

Request Chain 192

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=604B7506-F320-425D-A2DB-058DC89D91B0&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=604B7506-F320-425D-A2DB-058DC89D91B0&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 193

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYUNFN0tWV0FBQUJ3TGZQQnhVZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AACaCE7KVWAAABwLfPBxUg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3796168301766332927&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AACaCE7KVWAAABwLfPBxUg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3796168301766332927%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3796168301766332927&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACaCE7KVWAAABwLfPBxUg&pid=558502&do=add&gdpr=0 HTTP 303
https://sync.technoratimedia.com/services?uid=AACaCE7KVWAAABwLfPBxUg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3796168301766332927%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D75349DAF358D41BEB41C7EC7E3F6BA1D%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fmatch.prod.bidr.io%252Fcookie-sync%253Fgdpr%253D0%2526userid%253D3796168301766332927%2526gdpr%253D0%2526gdpr%253D0%2526bee_sync_partners%253Dpm%2526bee_sync_current_partner%253Dsyn%2526bee_sync_initiator%253Dadx%2526bee_sync_hop_count%253D4%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D75349DAF358D41BEB41C7EC7E3F6BA1D%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fmatch.prod.bidr.io%252Fcookie-sync%253Fgdpr%253D0%2526userid%253D3796168301766332927%2526gdpr%253D0%2526gdpr%253D0%2526bee_sync_partners%253Dpm%2526bee_sync_current_partner%253Dsyn%2526bee_sync_initiator%253Dadx%2526bee_sync_hop_count%253D4%26uid%3D&s=191740&C=1 HTTP 302
https://sync.technoratimedia.com/services?srv=cs&nuid=75349DAF358D41BEB41C7EC7E3F6BA1D&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3796168301766332927%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&uid=ZSqwFTNqeRT3oQMQTlRXgAAA%263550 HTTP 307
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3796168301766332927&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACaCE7KVWAAABwLfPBxUg&gdpr=0

Request Chain 194

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4652640509533943309&gdpr=0&gdpr_consent=

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YEt1BvMgQl2i2wWNyJ2RsA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 196

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=604B7506-F320-425D-A2DB-058DC89D91B0 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=604B7506-F320-425D-A2DB-058DC89D91B0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ebee18d4-8456-4a05-830c-d7ca2f013150%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ade366f-290d-4b4c-b61e-aead62f41cf7&ttd_puid=ebee18d4-8456-4a05-830c-d7ca2f013150%2C%2C

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjA0Qjc1MDYtRjMyMC00MjVELUEyREItMDU4REM4OUQ5MUIw&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENFKir0c7h0-KPxSXrn11yI&google_cver=1

Request Chain 201

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:668783CB8D214D7DB68307CF93EACE6D

Request Chain 202

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1ade366f-290d-4b4c-b61e-aead62f41cf7&gdpr=0&gdpr_consent=

Request Chain 204

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=604B7506-F320-425D-A2DB-058DC89D91B0&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=604B7506-F320-425D-A2DB-058DC89D91B0&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UjK.agJE2uUV7IvayhHuFYDAX9d.qGA-~A&gdpr=0

Request Chain 205

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=604B7506-F320-425D-A2DB-058DC89D91B0&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=247b7ca668f7104b&is_secure=true&networkId=17100&version=1&nuid=604B7506-F320-425D-A2DB-058DC89D91B0&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAG-wpxBaDQQwNK6JfRAAAAAAA&expiration=1697382806&nuid=604B7506-F320-425D-A2DB-058DC89D91B0&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 206

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NJbpgmCT6tYvwenTMpH2h2CX69cvx-2FO5unxGvW

Request Chain 207

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1943222738216027918

Request Chain 208

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=3df1a52c-0e76-ca9a-00cd-9da27143e878 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=3df1a52c-0e76-ca9a-00cd-9da27143e878&dcc=t

Request Chain 209

https://match.adsrvr.org/track/cmf/openx?oxid=6527d951-12dc-7160-c0c3-1f3519702398&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1ade366f-290d-4b4c-b61e-aead62f41cf7&ttd_puid=6527d951-12dc-7160-c0c3-1f3519702398&gdpr=0&gdpr_consent=

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJqTkD723CNrOBdM6EIE6uE&google_cver=1

208 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.wickbot-verify.xyz/ 4 KB
2 KB 368ms
8ms Document
text/html 172.67.181.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wickbot-verify.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.181.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1f0f83f53adcd0e9bc4cccfc072381711fcc862569583f010b4567b297dd54f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cf-ray: 8160c3d7dc0642ad-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 14 Oct 2023 15:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Csw1e%2Fg30MJ7wmSIMHS5FN6lwwaSEG%2FN6OB7pq1aqhGv9hOKF09aBToShA6lboJD74hykC9AZYPXDaO9ljPh%2BrtuwP3gLAz3y04eAiz4zOLVf0XHDrtzlBtHeu0HI7GpDI0dLVs5x44G"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cf.errors.css
www.wickbot-verify.xyz/cdn-cgi/styles/ 24 KB
5 KB 7ms
7ms Stylesheet
text/css 172.67.181.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wickbot-verify.xyz/cdn-cgi/styles/cf.errors.css

Requested by

Host: www.wickbot-verify.xyz
URL: https://www.wickbot-verify.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.181.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.wickbot-verify.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 07:45:52 GMT
server: cloudflare
etag: W/"6523afb0-5e44"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 8160c3d7ec2342ad-EWR
expires: Sat, 14 Oct 2023 17:13:12 GMT

GET
H2 200 icon-exclamation.png
www.wickbot-verify.xyz/cdn-cgi/images/ 452 B
540 B 7ms
6ms Image
image/png 172.67.181.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wickbot-verify.xyz/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: www.wickbot-verify.xyz
URL: https://www.wickbot-verify.xyz/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.181.252 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.wickbot-verify.xyz/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 07:45:52 GMT
server: cloudflare
etag: "6523afb0-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8160c3d83c5142ad-EWR
content-length: 452
expires: Sat, 14 Oct 2023 17:13:12 GMT

GET
H2

200

Primary Request / Show response
captcha.bot/
Redirect Chain

https://www.wickbot-verify.xyz/cdn-cgi/phish-bypass?atok=0YLFwa97csy2GH7R.XbJb1BgfOYrnQpppWrUtMXRlXE-1697296392-0-%2F
https://www.wickbot-verify.xyz/
https://captcha.bot/

4 KB
2 KB

612ms
295ms

Document
text/html

104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57cec2f9d45727f5fc352cf95314767e857163e8bcc7b4cd21bb0f419f549fed

Request headers

Referer: https://www.wickbot-verify.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8160c3ff8b804244-EWR
content-encoding: br
content-type: text/html
date: Sat, 14 Oct 2023 15:13:19 GMT
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRcltA4oeAzpQJz2OqIbSz2%2BpmQm2YgM%2BKUYQKV1mfret%2Fw5CBueKIwINL2HFTrPFqiS%2BrfUs06V8Rt0iAhQrISx4F9B0vAY4iwIlmR2RXjQKwg5W7P1e73cHuHX"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8160c3f76b4042ad-EWR
content-type: text/html; charset=utf-8
date: Sat, 14 Oct 2023 15:13:18 GMT
location: https://captcha.bot
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnQE08GrpXM6SUhHoqD8QcgQJGuD3gPNSV98E1M6gRLmLbsT2s2rt0stuZAqxJ1Tbi%2Fqx9jxkbQzykRolWeu6xRCUd9%2BjJa%2BXYEYAxanB9VKudTOvuWsd0N5xGbn5w4i20VjswMRQGE9"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept

GET
H2 200 b9a66c8b-8c9c-49f1-bde4-1100d393cf5e Show response
boot.pbstck.com/v1/tag/ 1 KB
862 B 701ms
102ms Script
application/javascript 104.22.1.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://boot.pbstck.com/v1/tag/b9a66c8b-8c9c-49f1-bde4-1100d393cf5e
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3605b6c4de659f5343c81343c56be71561023c462fb7d90623523c81e0ad8997

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-ray: 8160c40529ee8c0b-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 tag Show response
btloader.com/ 31 KB
12 KB 605ms
15ms Script
application/javascript 104.26.6.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5684350990417920&upapi=true
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ab6aea6be2db01c3ed0503f1eae4aa2a770fd4a02942272bd089c317dd4d4a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Oct 2023 14:17:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3321
etag: W/"faa57d8d0bdd82e7c2b4028225198500"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGycJtLBBejYPlRxqB74Ux7eCOqYxB1MstJ90gVEP0R8a1%2BleebK4pkDXTDeWPg7rgmYJM5ydUSd2RuRR6VvkMHyqn%2BKvvTdeuAqrxzywL%2BHzP2%2FKWc%2Bu5Wc6i%2B%2BMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 8160c4051b9c43c2-EWR

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cdn.privacy-mgmt.com/unified/ 123 KB
38 KB 102ms
20ms Script
text/javascript 18.238.25.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.25.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-25-94.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1dbf3e6920c6e83b660261fc1aecd7a0b322929b9ff017bc197591c132dde23

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 14:44:08 GMT
content-encoding: gzip
via: 1.1 14405483c2e3182a4780ba139c62b70a.cloudfront.net (CloudFront)
last-modified: Wed, 27 Sep 2023 13:43:30 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P5
age: 1751
x-amz-server-side-encryption: AES256
etag: W/"f63dadcf60c57d2349046b3b9b21c82e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: ZjjXaldk-SeBYljBOgy_n7cue2QYFVDkdhsCrNvsHyxQ-ZpRCTDD4A==

GET
H2 200 moatheader.js Show response
z.moatads.com/networknheader13924283968/ 245 KB
86 KB 37ms
4ms Script
application/x-javascript 23.48.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/networknheader13924283968/moatheader.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.145.205 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-48-145-205.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 10e80b1ab143582af97d6f653d0566090d455ae1bb14c09481ae296cfa354647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:19 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 09:38:56 GMT
server: AmazonS3
x-amz-request-id: 2C052GSEH19A18YM
etag: "44a9278bc9e6fe8fc10dbd70b42be91a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=14403
accept-ranges: bytes
content-length: 87291
x-amz-id-2: fJW5FoIo0YYR/7pEr3dYHdN2qamIN1yN8ZX5Wz6MKH9jkGGf5iwLtaGsqJThJ/gpgsC3gX/VZew=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 635ms
37ms Script
application/javascript 172.217.13.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0CPE0JFSCT

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

60701d52f522e516788557a2002a7d7db8cd97d4b0f1bd8fb1c73b2bda17ae5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 15:13:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 686ms
88ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1dd3b33ea7c133e8b5a4560c9483a29e31835fc2d824831e527c5d03c2ceb579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29471
x-xss-protection: 0
server: cafe
etag: 620 / 19644 / m202310100101 / config-hash: 16770446656291207178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 14 Oct 2023 15:13:20 GMT

GET
H2 200 app.js Show response
kumo.network-n.com/dist/ 21 KB
8 KB 484ms
4ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/app.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 8fe09cd7d95970bdc2eb05e5583c428ba5c057b63d66c50c282169217b635813

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:20
cdn-pullzone: 411106
last-modified: Fri, 13 Oct 2023 10:20:46 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"652919fe-545c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=2592000
cdn-requestid: f6e5e7197429bd859d06a5af9b19edb7
cdn-requestcountrycode: US
cdn-status: 200
expires: Sun, 12 Nov 2023 10:23:20 GMT

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 255 KB
76 KB 73ms
21ms Script
application/x-javascript 3.160.22.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.22.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-22-119.cmh68.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

885830666e510620eb0fc84df7206a7719bf3e8d5c38ac24a859c7e6e10dd439

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: Y1W0mNP802d6wq5B3.fkXBxIwj_jPfAL
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sat, 14 Oct 2023 15:08:52 GMT
via: 1.1 b7a454c5d7e9ad8ba2aca6a02bb25f14.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P3
age: 268
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 10 Oct 2023 04:38:55 GMT
server: AmazonS3
etag: W/"9b1851a2863f88846edfd7a81e7edbff"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: KqtrRrhPLlsweC5hZNYZYkTkMXGo0vu11bRtZQ3lX8HcnAPspJB9hA==

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/dffb14d6/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js?onload=onloadTurnstileCallback

33 KB
11 KB

41ms
35ms

Script
application/javascript

104.17.2.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/dffb14d6/api.js?onload=onloadTurnstileCallback
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d063d7e58bade3ae244489087afa82f9f7c59276cdd7dcfbb2a9b5b600c5da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8160c406298b43a6-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 14 Oct 2023 15:13:20 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/g/dffb14d6/api.js?onload=onloadTurnstileCallback
cache-control: max-age=300, public
cf-ray: 8160c405c92243a6-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 chunk-vendors.bfc7157a.js Show response
captcha.bot/js/ 150 KB
53 KB 72ms
69ms Script
application/javascript 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6026b5e35c99959ff49bb57e086263c3145cf10054c10448b944348d7a3d2ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
cf-polished: origSize=153350
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: W/"64f27664-25706"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58um%2Bt31PaMITI2NCoWuAZdXAOexV9QL5A3oj4qCcPimByiQfCl4%2FZewfntY1IIRQxd5pV7xyxnwDTC%2F8nOBJZBymCEGbbYZumYX35103DAhrg55emz9vR7E6hm%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8160c4027f654244-EWR

GET
H2 200 app.d2f60c84.js Show response
captcha.bot/js/ 13 KB
6 KB 69ms
66ms Script
application/javascript 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/js/app.d2f60c84.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36055e20a57cff96e85e4b29f811d811dbfad19ee2b7831dab67f5bc5c12e8e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
cf-polished: origSize=13187
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: W/"64f27664-3383"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvG8OA0r2DXOa%2BawONe8ijv80Iw3HruAL%2BZ1ECMK6veycESUTGe7yHgak6oXasuTcqwl0yTYv4UJzUGOV1H6F2%2FD5PcrAS7sBVNDOVplesU2HOtb1H7nr8V6io0R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8160c4028f664244-EWR

GET
H2 200 app.9efca7f6.css
captcha.bot/css/ 44 KB
9 KB 18ms
17ms Stylesheet
text/css 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/css/app.9efca7f6.css
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3d215c620df0dc34367ff106ebf0aa5aac565a848508702dd59f50b3487d3b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
age: 4859
etag: W/"64f27664-aff9"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEVgPHrQpk1fvSBUxtjXzmsSuIra99Oc1pD%2FMdYI3rEezQMd313I5yUnznxzl1CUjGlh92wSgSpFXbikJTcdCeJNInlv1AtJudMSUsSszeXM67IdEk2EYKL80%2BdP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
cf-ray: 8160c4016e034244-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 561ms
84ms Script
text/javascript 104.16.57.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://captcha.bot/
Origin: https://captcha.bot
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8160c4052ae743b6-EWR

GET
H2 200 166-6201a6ad94a43ae4302b.js Show response
js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/ 12 KB
4 KB 72ms
70ms Script
application/x-javascript 3.160.22.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/166-6201a6ad94a43ae4302b.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.22.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-22-119.cmh68.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4d6c8141eb19ce2c58dc35d4641e55ac340dfa735fbc08a20a5ecde918fd49d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: oidtLuUUpo4Qx2f._04JhiyHnJYihZGf
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sat, 14 Oct 2023 15:12:21 GMT
via: 1.1 b7a454c5d7e9ad8ba2aca6a02bb25f14.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P3
age: 89
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 10 Oct 2023 04:38:55 GMT
server: AmazonS3
etag: W/"a17ed2219c7837173b04997b74db3840"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: MxuJrIpXd3ZGPT0U0csNsC9wn7nV_Glv36BZpuLM8LFrBGpUsTPMTw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
77 KB 457ms
83ms Script
application/javascript 172.217.13.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer

Requested by

Host: captcha.bot
URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

49020ca4543c0f3dc0f8eaee07b2dbdd884e23288133c1ae9da377658d2a843f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78258
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 15:13:20 GMT

GET
H2 200 470.7460785c.css
captcha.bot/css/ 128 KB
52 KB 21ms
20ms Stylesheet
text/css 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/css/470.7460785c.css
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/app.d2f60c84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32b756bfa32d3c2a0a584ebaa8d5050f9db464fe5a7c7ca25bd54ebfea5b15fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
age: 1884
etag: W/"64f27664-1801d"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsL%2B2N7a9pPnU%2B0A5ynUx9GYYSX2WJuN8dRWqq1XxiM%2FjVumu29nRZLEQAJL1SQZm%2Bf57gaHVTf%2BntUUj5yUpiGlCN4XTkc6sv7SQiRXrJyYtziQADySqY6qQT59"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
cf-ray: 8160c402ffec4244-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 470.fcd1a4e9.js Show response
captcha.bot/js/ 19 KB
6 KB 16ms
15ms Script
application/javascript 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/js/470.fcd1a4e9.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/app.d2f60c84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a15182680bbb1a5ecf3f1e85c57a921831ac46605eabf2e17381e8a2a8937a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1884
cf-polished: origSize=19050
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: W/"64f27664-4a6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ayy2rjgKNB3Uvq1a69rwmAfN6Y91oUHuppnb1PHXZv3msAj6ppfEx87i0D7dYSRRtuDorQYJxWmw1PpKWKyRum4ysqXtHwj1m497TzJXoOotIUgYagLfg8bPrPG7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8160c402ffef4244-EWR

GET
DATA 200
OK truncated
/ 89 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62d056f363b8b39fd0f85690a31012fcb6f1f0cef642bb247fc8ae627e33ac6d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4383437e4c7973582c6fa37a8693ce3d30e4026a462995671533ef885b0a130a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 logo.0d11fe46.png
captcha.bot/img/ 15 KB
15 KB 19ms
16ms Image
image/webp 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/img/logo.0d11fe46.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6227e69f1c3711825b5166ddcbd07539e556ce7068917ad7701a5af5b4814f33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5836
cf-polished: origFmt=png, origSize=34020
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 14910
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: "64f27664-84e4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdf1GtAfmF6TdM%2FVkUHtYvBbpTK8xl1dWvwKsFEnzXrE%2BVBLm%2B48y7t7Ty7Qm%2FzU%2FyTDkjmr2mySpVeeavuaFdyXdYbtnMCs5HKm%2FTxjDG8Jf%2Bqtt1FDAJFIgPak"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405ebc34244-EWR

GET
H2 200 landing-promo.423c8618.png
captcha.bot/img/ 8 KB
9 KB 20ms
15ms Image
image/webp 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/img/landing-promo.423c8618.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a87310dacb8e83018f2cbb037552a79868dafb9214613d442581b3f3eeea914

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1884
cf-polished: origFmt=png, origSize=16963
content-disposition: inline; filename="landing-promo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8702
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: "64f27664-4243"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IS%2F832DucVFvYx6bBpGOGTkRYpAG6MSIYvUyMm9bY4gZTXgA5xrPRiTkOvbuHFORZ0u2KEVWMqUOOgFuvEPDuTv%2BNYts7jUp%2B3XfzAcITowwutI9LlvbMdNTj3%2Fm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405ebc44244-EWR

GET
H2 200 bitcoin.png
captcha.bot/promo/crypto/ 8 KB
9 KB 18ms
13ms Image
image/webp 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/bitcoin.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9eab613f27dc9efb747630f963208741cc088b586edfbfdaaebf7d733dc2d63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1884
cf-polished: origFmt=png, origSize=14655
content-disposition: inline; filename="bitcoin.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8608
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: "64f27664-393f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUHts7zS7z1P%2BYSxBEfe83ab%2FcI5eiugKHndor%2F7cXkq4fEKe4RAXZIAYus7J%2BVrGtGjZ3LSt5feNGqGQANGCTMmZQWn%2FkbeUv75IGGJrf5ahcaZ7ZuU0BoJde%2Bg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405ebc54244-EWR

GET
H2 200 doge.png
captcha.bot/promo/crypto/ 190 KB
190 KB 42ms
37ms Image
image/webp 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/doge.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08a184bb8e17a3028350b402628040f572e5e6b2a57a5959c5acd78bfb1f5f9a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1883
cf-polished: origFmt=png, origSize=332322
content-disposition: inline; filename="doge.webp"
alt-svc: h3=":443"; ma=86400
content-length: 194348
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: "64f27664-51222"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFtVaTBI8YpESGKF1mq7YQnIRb%2F5J9%2B7AimWmXeWgqlVwYAS%2FlhJqMncSHSLy4OTAFkRLCfkRdzLTCZ%2Fz9eaKsfzr%2FYbhTDyok4WvyR0Hw4JaHUOPn1TGnJKwcfC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405ebc64244-EWR

GET
H2 200 eth.png
captcha.bot/promo/crypto/ 84 KB
85 KB 43ms
39ms Image
image/png 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/eth.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bba3a253608d50cff0174ea1102b3ff4e93993be25d07c0e0223f20f19c37382

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1883
cf-polished: origSize=86443, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 86302
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: "64f27664-151ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bR0mYslPIa%2Bc9SqsUcn31NcKZieSzfdWUcCgcn4fsxO%2BuzE7vh6t8lGsrnHzdyuPUbCmspTy0B419M%2BBw8XMH3uD2GDdQJmswuU6IhJ3L7bYgMkHYsA8dVZ0pWOX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405ebc74244-EWR

GET
H2 200 ape.webp
captcha.bot/promo/crypto/ 153 KB
153 KB 24ms
20ms Image
image/webp 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/ape.webp
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e424ab30e57e903c77ed203fd48b8e240c9333d18eada751c7a5744ad5ac5f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1883
etag: "64f27664-2639a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyGDsmZcC8JPjY8wODZCQn%2FyxVP5B714K%2B50KMr9RyPMA9IkVKWbDDKX9GKIf78r0zNoRi1f3YLb36o6OVud7k5yVyhP4YbqPkFTi2Bpre3Z5Tfvijjw%2B6mwY2SC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405ebc84244-EWR
alt-svc: h3=":443"; ma=86400
content-length: 156570

GET
H2 200 boost.png
captcha.bot/promo/discord/ 29 KB
29 KB 22ms
18ms Image
image/webp 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/discord/boost.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6800d363cb5a534231c868a110cc4762d636d4df062c41a407c1c091e959e96f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1883
cf-polished: origFmt=png, origSize=67807
content-disposition: inline; filename="boost.webp"
alt-svc: h3=":443"; ma=86400
content-length: 29300
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: "64f27664-108df"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SjZBV5Kw891Bzb1D4c6fAD7%2F8v5rkamOrMIYlttJpznrg%2Fg0ff%2BCCxS%2BSZERdng9ZNnD0PStXVJUzAKRp9M4hlzGLTJFluTQ9f8bzMiGd04znR%2F1RHrtlMrgU5x"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405ebc94244-EWR

GET
H2 200 badge.png
captcha.bot/promo/discord/ 4 KB
4 KB 26ms
22ms Image
image/webp 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/discord/badge.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45081b381b2448cac81c3cc81ed427d216719a54890a2242e691ab7608a0ada8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1883
cf-polished: origFmt=png, origSize=8231
content-disposition: inline; filename="badge.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4252
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: "64f27664-2027"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAdANzk3NkHGG74Ot89zKDlOwW1hAfMdmAejDxg618WxdILOSs1mMF00Kkl2VK1gNvvCAbYsAhjXJyadH8%2FCnZHEkdKZyHLdSoHAYAB7AOEQ9mbEYJi5zRSLvK%2Fg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405ebca4244-EWR

GET
H2 200 nitro.webp
captcha.bot/promo/discord/ 14 KB
14 KB 23ms
19ms Image
image/webp 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/discord/nitro.webp
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2a0ebb4c1e2bfeb215c6d41bb6c4fb0fac5a228fddf6a4bc77ef08e7f2e7477

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1883
etag: "64f27664-361c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcvFa4lzXADCqu5hJSlTBtSkNWwVkXVkuNowYhBb0QAqjpNPqVbCa0%2FwbuL%2FsvzgRXigTcUnAfONjKZa6bmGLarqzSKcFWoJzkfrJEe8M1nrGUczZLWHRb1ZceXi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405ebcc4244-EWR
alt-svc: h3=":443"; ma=86400
content-length: 13852

GET
H2 200 phishing.png
captcha.bot/promo/ 9 KB
9 KB 33ms
29ms Image
image/webp 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/phishing.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93dc5afee0d7c64a418ee3804bb76f9855e7ff5a501a26ed29cd544f066bb6d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1883
cf-polished: origFmt=png, origSize=13769
content-disposition: inline; filename="phishing.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8860
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: "64f27664-35c9"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4BafbKTlz%2Fsr3HUPQlcXOX25YC9Stfx5bidMhtA%2F67LHTL2QzRFQ4yvL6v2TwVwURTG8a5aC04JbUNWfhURTv%2F2Ips2g5NNRrDlNxh1U%2F%2BXizznDaIsp84O4gNh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405ebcd4244-EWR

GET
H2 200 sus.png
captcha.bot/promo/ 7 KB
7 KB 27ms
23ms Image
image/webp 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/sus.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a71902890d932247a4c1a8f83c6f0b8dd7a6e7a12d64524559aa158c9a19f1db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1883
cf-polished: origFmt=png, origSize=23982
content-disposition: inline; filename="sus.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7104
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: "64f27664-5dae"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZqI1UukOUrwQgq4ZmAmjwli7MIan%2FWcsd%2F2HTVfVAHGtGCDnGbk%2FlKEyl3%2BojQBa7Wz22bg6z2r6ldise3YYi265WxAp1Hmf2pkANUqD1w1WJgAnxOwGAxNsB4v"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405fbce4244-EWR

GET
H2 200 accessible.png
captcha.bot/promo/ 16 KB
16 KB 42ms
38ms Image
image/webp 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/accessible.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a929bcd8cce2585ea3be49e84b6735c35debe93e48f62f5dd7e4fc4b33825e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1883
cf-polished: origFmt=png, origSize=27419
content-disposition: inline; filename="accessible.webp"
alt-svc: h3=":443"; ma=86400
content-length: 16334
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: "64f27664-6b1b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtmtHjURQ3lkpo43tE%2BUelURqkfAo28PPmkfHo0jJH0Crxo1CLNESL4ZHBxK5yrQiGTg7WxN5mQCxe%2Bo9PELvRPKJDOmzsmLaweCkiwAtU3TSKeEub%2F0TjKpGzyA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405fbcf4244-EWR

GET
H2 200 time-limit.png
captcha.bot/promo/ 6 KB
6 KB 33ms
29ms Image
image/webp 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/time-limit.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 950487041eb8b857d86436c10b487f194b9b97a4205366978d9b945de8164ccb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1883
cf-polished: origFmt=png, origSize=11864
content-disposition: inline; filename="time-limit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5896
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: "64f27664-2e58"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qypZl8RRiSYUJCWoDBaYkD5lnGpqh7brkpp5YIuGGtsC1pLZJpwY5Ppi5z%2Fe5KG31HTXa87CJoE45fokRx0kcgP9K%2FsdzTvQ1mfTg6GFTlWmoZ8nqguwsbnE91Ko"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405fbd04244-EWR

GET
H2 200 analytics.png
captcha.bot/promo/ 139 KB
140 KB 33ms
30ms Image
image/webp 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/analytics.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd6334bbbdabc6a816851f5c2c4a71193190a0569359d4f8834e45b57e10dfb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1882
cf-polished: origFmt=png, origSize=382343
content-disposition: inline; filename="analytics.webp"
alt-svc: h3=":443"; ma=86400
content-length: 142700
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
server: cloudflare
etag: "64f27664-5d587"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ke2sG%2Bo0c0jDzDg4hfJAvK%2BQeSLiBlRP%2FGZyjZMambQLZ5QPVB3qb548iJFmdDcO%2Bop1n9mzIQA%2B9TYyxs8XwrRK5JGZNRJFAG9iEaC9ebIbYkNMzZTh2z%2BKcaVP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 8160c405fbd14244-EWR

GET
H2 200 discord-logo.1bf7c650.svg
captcha.bot/img/ 2 KB
1 KB 41ms
38ms Image
image/svg+xml 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/img/discord-logo.1bf7c650.svg
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Sep 2023 23:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1883
etag: W/"64f27664-82e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcP%2FMw037oxo9FEe6j3%2FmbLo%2FQUhFmpMPYFWPq9sewHBZoQZe5dpXqNVRkdjHf%2F8j8lj%2FJM7nzpatB%2FLCKxyzBYztDsfduHsSYdoNj%2BSnaMopvGaqw26y9M%2FzBrm"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=120
cf-ray: 8160c405fbd24244-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 statistics Show response
captcha.bot/api/v1/ 17 B
324 B 112ms
112ms XHR
application/json 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/api/v1/statistics
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 658ffd74a97d16dd5aee5d87942e1c02de47d2ddedddb146435f29dd59990850

Request headers

Accept: application/json, text/plain, */*
Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
Authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgCmoKv6o8%2F9Odxh9W8gzlf8AOqLzLCUQOwoQu5Uvwj118EWeNm4FQYmrgG1yPeaTkLo7KnHiXyurBPDD9aSe9jb0W73q%2B4VI1yibGrULQwWWakjw1AVPlCLxKgR"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8160c405fbd34244-EWR
alt-svc: h3=":443"; ma=86400
content-length: 17

GET
H2 200 animation.css
js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/ 722 B
1 KB 19ms
19ms Stylesheet
text/css 3.160.22.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/animation.css

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.22.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-22-119.cmh68.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: foyXDctj67AQ38AQugjXyXC8alSOBAgn
strict-transport-security: max-age=300; includeSubdomains; preload
via: 1.1 b7a454c5d7e9ad8ba2aca6a02bb25f14.cloudfront.net (CloudFront)
date: Sat, 14 Oct 2023 15:12:22 GMT
x-amz-cf-pop: CMH68-P3
age: 95
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 722
last-modified: Tue, 10 Oct 2023 04:38:56 GMT
server: AmazonS3
etag: "520016f3fad41f77bb889758ac030aaf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300,public
accept-ranges: bytes
x-amz-cf-id: CmWv1yTMcjN77Jp-0L-OlnB7OUoUvMR0XHqOCofQhJo825isR_wFxw==

GET
H2 200 master.html Show response
js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/ Frame 94CD 234 B
718 B 19ms
19ms Document
text/html 3.160.22.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/master.html

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/166-6201a6ad94a43ae4302b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.22.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-22-119.cmh68.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d057c168900930935083f50b73f6fdc5246adddeb0a5d2bdc26a36d840067b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 91
cache-control: max-age=300,public
content-length: 234
content-type: text/html
date: Sat, 14 Oct 2023 15:13:20 GMT
etag: "3a89e4dda29ed81913aa87c318c581ee"
last-modified: Tue, 10 Oct 2023 04:38:57 GMT
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 b7a454c5d7e9ad8ba2aca6a02bb25f14.cloudfront.net (CloudFront)
x-amz-cf-id: -d9dI0VHvvSLQbWQ41HmFS2zNPXuob42U7zQiA4dJ_0wt1p3yqXIVg==
x-amz-cf-pop: CMH68-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: ltfFTZm8vxdNHRh4e9455LquXdlbApwy
x-cache: Hit from cloudfront

GET
H2

200

main.js Show response
captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 59D4
Redirect Chain

https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
4 KB

11ms
11ms

Script
application/javascript

104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Server

104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93a69cbdd8926d0eb89dc1b0f8eba48fdb3a2abfe037b999b373696791d6a268

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDDUs1ySrW1sXh1BXuKJBL2531meEpabPuzzeNzcNonfJ1xe6nFphes%2BPldqOcKZQR0%2FTez3TjbygVJqO4RdiyOL9IQPDLJ38IoWS1%2BekexpauRDcYVWfHIjhaXB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8160c4069c7f4244-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 14 Oct 2023 15:13:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1O2MnPu3W0kRfSgCtwn6gsYfLZAJ%2Bl%2FJmP7QAmbszj4Er9AjLNet1YdMQOIMHw2nRAjX1xZjeVxFil2yQzKfPKp39puZv9nSD0uc8dHlUjulHCUe2WMS2vQLBHy"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8160c4067c574244-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 captchabot.json Show response
kumo.network-n.com/configs/sites/ 10 KB
3 KB 320ms
10ms Fetch
application/json 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/configs/sites/captchabot.json
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 4c312c83a48bedce6c0bc36d839175d3518b086ab48e654f849637ea9554b208

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:41
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 16:24:22 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"65281db6-290d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: d5bc4cf8066c59e0a95a6d7669ccc32f
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 master-c4eea884aa34223beb59.js Show response
js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/ Frame 94CD 235 KB
69 KB 21ms
20ms Script
application/x-javascript 3.160.22.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/master-c4eea884aa34223beb59.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/master.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.22.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-22-119.cmh68.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2498aa5cd234e02ed13bab1e374faf9d9c5a1530b53edb14dc8740c70b5a000a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: stenfzEMgK.X7scazf1Vts2A.NVboaT3
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sat, 14 Oct 2023 15:13:20 GMT
via: 1.1 b7a454c5d7e9ad8ba2aca6a02bb25f14.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P3
age: 34
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 10 Oct 2023 04:38:55 GMT
server: AmazonS3
etag: W/"5a093173fc7294ba538861d85f02e15d"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: uDCdCZ7lXaqSFPZPSRe6cmj09Ewq15c8OPGnZAc1p3Iyq2KKH26PjA==

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 400ms
35ms Ping
text/plain 172.217.13.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VT1JT14S09&gtm=45je3ab0&_p=1182326786&_gaz=1&cid=951842731.1697296400&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Home&dp=%2F&dl=https%3A%2F%2Fcaptcha.bot%2F&sid=1697296400&sct=1&seg=0&dr=https%3A%2F%2Fwww.wickbot-verify.xyz%2F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s04-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 370ms
18ms Ping
text/plain 142.250.31.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VT1JT14S09&cid=951842731.1697296400&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.156 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 8160c3ff8b804244 Show response
captcha.bot/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 59D4 0
438 B 29ms
29ms XHR
text/plain 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/cdn-cgi/challenge-platform/h/g/jsd/r/8160c3ff8b804244
Requested by: Host: captcha.bot
URL: https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56YyD9gSFtuaCeBNnZW3x%2F7ify5uny8wdsmfpzm%2B6lcbyc3GOA5eTL18mGX0IvWJztOhui0vnnpq5MLsV48NF3BBr8hhvjDQ1bP21ze3t%2FWWQnMNc9rbT25Sx6EN"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8160c4080e4b4244-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 179-f90fcb192897aff70e37.js Show response
js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/ Frame 94CD 3 KB
2 KB 20ms
20ms Script
application/x-javascript 3.160.22.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/179-f90fcb192897aff70e37.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/master-c4eea884aa34223beb59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.22.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-22-119.cmh68.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0f02ec031b6528236151ed6b95a702e387d183642e31d6721b682dcebb1847d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: BafWVlYncChuqi_sLE42R71OPvv6e.n5
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sat, 14 Oct 2023 15:13:20 GMT
via: 1.1 b7a454c5d7e9ad8ba2aca6a02bb25f14.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P3
age: 72
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 10 Oct 2023 04:38:55 GMT
server: AmazonS3
etag: W/"ace5c6928487acff71b91ef9a30da66f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: oft0Hl0qlyl3J8xAWu8ikeBHz-qxOzRaaF3Jd60zdXE7LVuteNGj0g==

GET
H2 200 187-72e8871342e78a6ca345.js Show response
js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/ Frame 94CD 3 KB
2 KB 21ms
20ms Script
application/x-javascript 3.160.22.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/187-72e8871342e78a6ca345.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/master-c4eea884aa34223beb59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.22.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-22-119.cmh68.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b9e628e0aee50e648e0c9e0440b6a8eb5c4641ccb80f2606cb3e23580ef03822

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: M84Xzio9SDgofBZxrvkfhN6tF0a08ka8
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sat, 14 Oct 2023 15:13:20 GMT
via: 1.1 b7a454c5d7e9ad8ba2aca6a02bb25f14.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P3
age: 43
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 10 Oct 2023 04:38:55 GMT
server: AmazonS3
etag: W/"a5cf5d1eba8e513552fb65caf42951c4"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: rh2CatW-suCEIxB0aOOl78EGHLeniv0-0SlA9exg_VH95gtiwBFeBg==

POST
H2 204 rum Show response
captcha.bot/cdn-cgi/ 0
173 B 9ms
8ms XHR
text/plain 104.26.6.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://captcha.bot/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type: application/json

Response headers

date: Sat, 14 Oct 2023 15:13:20 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://captcha.bot
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8160c4084e974244-EWR

GET
H2 200 pi-worker.js
js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/ Frame 94CD 64 KB
22 KB 21ms
20ms Other
application/x-javascript 3.160.22.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/pi-worker.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.22.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-22-119.cmh68.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

26523182f32244da4f398a2779e7ed802ca994fc0be744fa3c2fdc186bd89acd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: r.G4xLTw.NIQJjcqMRt6wmUjroErtPl9
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sat, 14 Oct 2023 15:13:20 GMT
via: 1.1 b7a454c5d7e9ad8ba2aca6a02bb25f14.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P3
age: 79
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 10 Oct 2023 04:38:55 GMT
server: AmazonS3
etag: W/"3ee2cc5134e9c1156c3eca5228a5756b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: cJFq-MGljHdvHQ76AFk5xGKyunXDMey-DOe4YoyzaMyoeSxd2j9NvA==

OPTIONS
H2 202 retrieve_js_info
privygg.chargebeestaticv2.com/api/internal/1697295600/ Frame 0
0 624ms
276ms Preflight 18.238.25.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://privygg.chargebeestaticv2.com/api/internal/1697295600/retrieve_js_info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.25.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-25-72.cmh68.r.cloudfront.net

Software

ChargeBee /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://js.chargebee.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version, chargebee-business-entity-id, X-TP-Token
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://js.chargebee.com
cache-control: max-age=0, must-revalidate, public, s-maxage=10800
content-length: 0
date: Sat, 14 Oct 2023 15:13:21 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: ChargeBee
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 2ac244f3035dac54badc413a33e6e00c.cloudfront.net (CloudFront)
x-amz-cf-id: L3Cc3JDHvZd8V1xSlJ4bSeP0yq3O4AQFCfiAyoS-vYh9VL94s5qfvg==
x-amz-cf-pop: CMH68-P5
x-cache: Miss from cloudfront

GET
H2 200 retrieve_js_info Show response
privygg.chargebeestaticv2.com/api/internal/1697295600/ Frame 94CD 596 B
1 KB 136ms
136ms XHR
application/json 18.238.25.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://privygg.chargebeestaticv2.com/api/internal/1697295600/retrieve_js_info

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/master-c4eea884aa34223beb59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.25.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-25-72.cmh68.r.cloudfront.net

Software

ChargeBee /

Resource Hash

951123e0869b65f4b5804038d441206251f835f9e1d5e344c6c4bdcde727e33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.chargebee.com/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:00:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 2ac244f3035dac54badc413a33e6e00c.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P5
age: 781
x-cache: Hit from cloudfront
content-length: 596
server: ChargeBee
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json;charset=utf-8
access-control-allow-origin: https://js.chargebee.com
cache-control: max-age=0, must-revalidate, public, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version, chargebee-business-entity-id, X-TP-Token
x-amz-cf-id: rsCMku10TuNeozSJaCc7AoTZmaJQ_yN84FKNgouYvhdjKndT-n4L7w==
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 cmp-sourcepoint.js Show response
kumo.network-n.com/dist/1.34.4/ 24 KB
8 KB 10ms
5ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/cmp-sourcepoint.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 5b9d592cfe66f2c7ccfce0af01d2a8391dc82e7b19c013a69a15281117095119

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-5f4e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: 5ebee83ba9ccb47ce711d39c04941ee7
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 blockthrough.js Show response
kumo.network-n.com/dist/1.34.4/ 2 KB
1 KB 46ms
41ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/blockthrough.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 842fea842197879ad5afa91048cc2986038f1d873b69691231b45d40e7ddf864

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-96e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: 93aa9c9f0dcb1676ee9a142f38710781
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 comscore.js Show response
kumo.network-n.com/dist/1.34.4/ 3 KB
2 KB 47ms
41ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/comscore.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: e9c0e37a2af5a201890dee5fa3429d12755f1048526b20f2f59fd361718995df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-bb4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: bb41e0a2dd05d02e9a0706d537dfb617
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 gpt.js Show response
kumo.network-n.com/dist/1.34.4/ 10 KB
4 KB 12ms
7ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/gpt.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: c86b8ee66b99ba6f356124a3e00b088bdfbbba27acaecf4d95ab113875c95702

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-27f2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: d8769f7584b8e73580af8dcbeff32697
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 prebid.js Show response
kumo.network-n.com/dist/1.34.4/ 33 KB
11 KB 11ms
6ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/prebid.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 2d559f55a5d9fcb382a0df0f23b9b0d133cfb2e2ebd71c89a78121118eb4d1e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-8305"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: 9ddba87d901f90962f890607a7b87435
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 pubstack.js Show response
kumo.network-n.com/dist/1.34.4/ 18 KB
7 KB 48ms
43ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/pubstack.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 9e63268459915ec9fe252ec8e4f3fcecf4fb3be970b579ebfcf64f294419c7df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-48bd"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: 5a53081d6e38d755894540b27b7fc7f3
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 analytics.js Show response
kumo.network-n.com/dist/1.34.4/ 3 KB
2 KB 45ms
42ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/analytics.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: cadd78ac6f1a0c5c7fbb588e634feb8da47508cc5fd0ac0c3d86a6f007a1ac50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-a15"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: 6d57ef98e88b4d6ba4c7013c430c5dfa
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 moat-yield-display.js Show response
kumo.network-n.com/dist/1.34.4/ 3 KB
2 KB 47ms
44ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/moat-yield-display.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: ae45c1844c8f2c1bdf41dfda57c40bff31a4d7ec02520c045851cc38b83254fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-c21"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: 2e3f9bbf706612f5f39e221e3e1f4292
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 celtra-bfab.js Show response
kumo.network-n.com/dist/1.34.4/ 9 KB
4 KB 48ms
45ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/celtra-bfab.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 042ef1ebee8ad449c71aefc3f0adcf4bdd701b07c74ade0fa6da63ce7df5a01f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-23e2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: c1fc25c2d05c5e3e10c95d53b5bc9a05
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 gpt-positions.js Show response
kumo.network-n.com/dist/1.34.4/ 10 KB
5 KB 47ms
44ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/gpt-positions.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 2b9acfa0116c673d4ce94ecd90abc08387041daf4b11ef9f7c48bf01f80a590c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-2923"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: 7855c3ece903de306cd843b045e2e184
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 primis.js Show response
kumo.network-n.com/dist/1.34.4/ 10 KB
5 KB 49ms
47ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/primis.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 214ef4f4bf69f7aa8baf79f05123244fbca540fa1a1da6148bc1396f13bc615b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-2767"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: 6e19825215a45888f1936c2b5eb2380e
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 request-manager.js Show response
kumo.network-n.com/dist/1.34.4/ 12 KB
5 KB 50ms
48ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/request-manager.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 55667ad15e32fbe6b4baf84d7d92990880c673f1b6af0c31cbdbebc2edfc1f5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-2f8c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: 1692fe029883785a57563413ee7346de
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 refresh.js Show response
kumo.network-n.com/dist/1.34.4/ 28 KB
9 KB 51ms
49ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/refresh.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 8a1de67bfcc56567df86d36c2d87faa71bc585d820e7c5eb36acf647ec1d4a18

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-7149"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: bcd874e2a95f9200791789c0c4b59369
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 reload-ad-slots.js Show response
kumo.network-n.com/dist/1.34.4/ 4 KB
2 KB 54ms
52ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/dist/1.34.4/reload-ad-slots.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: d67b5cb376cf9b69d457c2b043e7b62298ffbdc3a023ceb53491a3de8b80d224

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:21
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 10:42:19 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6527cd8b-10bc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=31536000
cdn-requestid: 75c156531f2256b080f57bd373300576
cdn-requestcountrycode: US
cdn-status: 200
expires: Sat, 12 Oct 2024 10:23:21 GMT

GET
H2 200 / Show response
geoip.network-n.com/ 1 KB
870 B 245ms
74ms Fetch
application/json 206.189.125.55
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.network-n.com/
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.34.4/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 206.189.125.55 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 389bcd8bd2c778873a0f6ef3ca9619272610555edb7010a58bc9982a6586d357

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: public
date: Sat, 14 Oct 2023 15:13:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
expires: Sun, 15 Oct 2023 15:13:20 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/ 420 KB
132 KB 16ms
15ms Script
text/javascript 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 19:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71153
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134722
x-xss-protection: 0
server: cafe
etag: 2928310903106852838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 12 Oct 2024 19:27:27 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 409 B
588 B 191ms
84ms Script
text/html 141.148.8.2
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2Ba%24%3D!!t%2BxBk~GmfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-U1x6SU1Pay8LK2cVLcG%2BmrJmsoDc9ZqfjMl4KXWpKuTLRN33zxvdHAUA2QXrbTQTMR4Y&rs=1-3jLzQ%2BKAS248Xw%3D%3D&sc=1&os=1-fw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fcaptcha.bot%2F&pcode=networknheader13924283968&rx=323383746141&callback=MoatNadoAllJsonpRequest_66437739
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/networknheader13924283968/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.148.8.2 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS: partner-p19.oracledatacloud.com
Software: istio-envoy /
Resource Hash: 848bc1151024639f3b0fe6a11bdb96d4eb08e13bbd16b5194b72cf0b60b0718e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:21 GMT
server: istio-envoy
etag: "fddabdc2e4d8fefee55817be16da71df607bbb73"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 45
timing-allow-origin: *
content-length: 409

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 2FF1 1 KB
2 KB 29ms
28ms Document
text/html 23.48.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/networknheader13924283968/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.145.205 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-48-145-205.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2897
content-length: 1374
content-type: text/html
date: Sat, 14 Oct 2023 15:13:20 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
x-akamai-ew-subworker: 8096267
x-amz-id-2: 3EUbB6wka8dM4MxSoynAj7U8+CptU4Oid3/QPAkBgaOjDafcCdWDHVacdn0X0UggNFTFuYMVGV0=
x-amz-request-id: 088A9E01548DEE43

GET
H2 200 prebid.php Show response
kumo.network-n.com/ 284 KB
88 KB 4ms
4ms Script
application/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/dist/1.34.4/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-40-58.bunnyinfra.net
Software: BunnyCDN-NY1-885 /
Resource Hash: 9dbcfd04b47b94d2c207f4806bb2bdf5c3e77c222e95a3c2264180eab1f58cab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:21 GMT
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 10/13/2023 10:23:53
cdn-pullzone: 411106
last-modified: Thu, 12 Oct 2023 13:35:04 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"4aa24613594a82314feef84e54f08bde"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=UTF-8
cdn-cache: HIT
cdn-uid: ba22edd1-b119-4d71-a19a-0ecb82f45dc0
cache-control: public, max-age=2592000
x-server: 1
cdn-requestid: ee57999649390359aa2f88786e8b8c6d
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 595ms
11ms XHR
application/json 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231014

Requested by

Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fc199896e3265b455b71f95436abb463f1c18c78d2658a01256ed0932cfc000c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 14 Oct 2023 15:13:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 40349
x-jsd-version: 1.0.1842
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 846
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21927-LGA
x-jsd-version-type: version
etag: W/"63b-Y0+98qnTuk0TPS1Yvik3nzYvQfA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 collect
www.google-analytics.com/g/ 0
251 B 610ms
42ms Ping
text/plain 172.217.13.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0CPE0JFSCT&gtm=45je3ab0&_p=1182326786&cid=951842731.1697296400&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697296401&sct=1&seg=0&dl=https%3A%2F%2Fcaptcha.bot%2F&dr=https%3A%2F%2Fwww.wickbot-verify.xyz%2F&dt=Captcha.bot%20-%20Verification%20done%20right&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CPE0JFSCT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ccpa.9150e6676be078733cd5.bundle.js Show response
cdn.privacy-mgmt.com/unified/4.13.3/ 12 KB
4 KB 19ms
18ms Script
text/javascript 18.238.25.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/4.13.3/ccpa.9150e6676be078733cd5.bundle.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.25.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-25-94.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d96a415933700f3aa03e86b13fafae24fa8b0e7d563882c460490826372d2b7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:44:39 GMT
content-encoding: br
via: 1.1 14405483c2e3182a4780ba139c62b70a.cloudfront.net (CloudFront)
last-modified: Mon, 25 Sep 2023 21:49:54 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P5
age: 1474123
etag: W/"0ed57f1d98b89cea027396ec9755c52c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: z-xbjN1eK0xyZaLcQ-CIACmovJKqxpiJyGqW-tnwgxOSNll96cjXRQ==

GET
H2 200 gdpr-tcf.ac0bfbc8b852604722a2.bundle.js Show response
cdn.privacy-mgmt.com/unified/4.13.3/ 133 KB
24 KB 20ms
20ms Script
text/javascript 18.238.25.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacy-mgmt.com/unified/4.13.3/gdpr-tcf.ac0bfbc8b852604722a2.bundle.js
Requested by: Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.25.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-25-94.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f5b15472a8914487b1718df3e7b2723f3206bf3204ba064bcac0669aab99417

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 13:44:09 GMT
content-encoding: gzip
via: 1.1 14405483c2e3182a4780ba139c62b70a.cloudfront.net (CloudFront)
last-modified: Mon, 25 Sep 2023 21:49:54 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P5
age: 1474153
etag: W/"8d6bbbf699f2cda3fa7afc80ff19ab84"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: 2OZ5Nn8lxdbpXw8e_dDq-qNkz9qZZDAvHJkZoRdJCjo6HwGygQaYgA==

GET
H2 200 get_site_data Show response
cdn.privacy-mgmt.com/mms/v2/ 203 B
1 KB 58ms
19ms XHR
application/javascript 18.238.25.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fcaptcha.bot&account_id=1823

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.25.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-25-94.cmh68.r.cloudfront.net

Software

Resource Hash

0e97fff79aa4c691696caec2a6b566c05d553f2411fa54f23bb627f0a5d3f77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 21:51:25 GMT
strict-transport-security: max-age=15552000; includeSubdomains
x-sp-mms-node: ip-10-128-21-251
via: 1.1 a7c924310215d5696144d830e7655adc.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P5
age: 62516
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=3600, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: IN26-0SgKkXCb4YaNF439_oL_gnM1X6aNn4pTzyjRnfiXlsyv6pflA==

GET
H2 200 tag
btloader.com/ 31 KB
12 KB 11ms
10ms Other
application/javascript 104.26.6.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5684350990417920&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ab6aea6be2db01c3ed0503f1eae4aa2a770fd4a02942272bd089c317dd4d4a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:21 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Oct 2023 14:17:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3322
etag: W/"faa57d8d0bdd82e7c2b4028225198500"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2Bl47srnMCkVdmCm2mY8JWusqU9j0lQv0S1HUtxaUPQsflKu%2BW2IUFHFiXGSPEe4xc%2B4O6riEWEvzwtvzBD3LLZsRY%2B%2FgqUnnhrpZ7AM8315NRMH4RNEyhW3W6E66Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 8160c40bfc8d43c2-EWR

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 50ms
32ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5684350990417920&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 14 Oct 2023 15:13:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
331 B 558ms
14ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1983141
x-guploader-uploadid: ADPycdui5Mn-KLxawd8E668vlLsY7SNJ-jLiVRlWH7V_SiTs02h7qoIbEww9hZTzKR5xCwZfd6gMrHrK6WCbAYU2KXkUzA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUY5bqhvc2zk%2BpC8cVdMfhZqGw1SvCFEB7pqtcy7rcGudPQffp58mGRciOuHp6hCTJ0t73jNx1sFJVg%2FTjb1RaBft%2B1u34%2Fbb%2FAYgTZSbKDZzNwjiMHoP77yINR%2FXhB%2BFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8160c40f6f5a438c-EWR
expires: Thu, 21 Sep 2023 16:46:44 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 67ms
13ms Image
image/x-icon 172.217.13.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 11:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 15 Oct 2023 11:57:59 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
916 B 555ms
12ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.57846337443557
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1983141
x-guploader-uploadid: ADPycdui5Mn-KLxawd8E668vlLsY7SNJ-jLiVRlWH7V_SiTs02h7qoIbEww9hZTzKR5xCwZfd6gMrHrK6WCbAYU2KXkUzA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5Xde4IXUxZ8uAf8Hxmv2FtUGwIli5AVBQruYsF9jf6XwY2ep1%2FhrRndx9KhwDZk18DYaxv0c%2BvwL9cZ2J9JTlgTLHyXYgLb9nIEBc22ibxjq5Tm2oz%2FZV6c8rbLFsYQLg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8160c40f6f58438c-EWR
expires: Thu, 21 Sep 2023 16:46:44 GMT

GET
H2 200 collector-d8cb7f0.js Show response
cdn.pbstck.com/ 61 KB
17 KB 557ms
15ms XHR
application/javascript 104.22.1.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbstck.com/collector-d8cb7f0.js
Requested by: Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/b9a66c8b-8c9c-49f1-bde4-1100d393cf5e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6eef34a0c9e985e995c924486d23ac237ae9e428763dd934b07ad65626526c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:21 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: FEP7QHG7D5G7ANXV
age: 432904
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6JWacokKUqbaWXcvFYATZkQaUMecmpUqkw/4qjn/60hbQ/xz3+Q7KhU/3QPbTqZUJcQ6Y2OX6+o=
last-modified: Mon, 09 Oct 2023 08:15:49 GMT
server: cloudflare
etag: W/"73f689884b644651fd0ea2ef750b8713"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=604800, immutable
cf-ray: 8160c40f6c378c90-EWR

OPTIONS
H2 200 meta-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 0
0 19ms
19ms Preflight
text/plain 18.238.25.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/meta-data?hasCsp=true&accountId=1823&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=31646&ch=null&scriptVersion=4.13.3&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.25.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-25-94.cmh68.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://captcha.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 62515
cache-control: max-age=86400, s-maxage=86400
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 13 Oct 2023 21:51:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a7c924310215d5696144d830e7655adc.cloudfront.net (CloudFront)
x-amz-cf-id: nFSLkNWx7mBIfa0H_hG5xHi-2F0r3YDPi2YLkhwgVbvgdRCmZ4XXMQ==
x-amz-cf-pop: CMH68-P5
x-cache: Hit from cloudfront
x-powered-by: Express

GET
H2 200 meta-data Show response
cdn.privacy-mgmt.com/wrapper/v2/ 301 B
837 B 21ms
20ms XHR
application/json 18.238.25.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.25.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-25-94.cmh68.r.cloudfront.net

Software

/ Express

Resource Hash

338f112655f5b4f5fb9b63471ecceb1a6ff0934952b72a82d36c97103611a7dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Oct 2023 15:11:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 a7c924310215d5696144d830e7655adc.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P5
age: 106
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 301
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: jyexZPY8xh5RQZJ1DyY7fpo1EUCPZPu7RV_8v2zQP9a6eoExGfn4Xg==

GET
H2 200 messages Show response
cdn.privacy-mgmt.com/wrapper/v2/ 777 B
1 KB 19ms
19ms XHR
application/json 18.238.25.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A1823%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fcaptcha.bot%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=418206796431241009651d&scriptVersion=4.13.3&scriptType=unified

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.25.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-25-94.cmh68.r.cloudfront.net

Software

/ Express

Resource Hash

5fbdcfb777ce33aa6c5ef62ab691da6c6b64ecc927c65186a5437f761b8f7b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Oct 2023 15:11:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 a7c924310215d5696144d830e7655adc.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P5
age: 106
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 777
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: 5yTq2X3CanapwVf_lBeXDRXAKdGvScfVbez8mM-5LaA1w9RyIFPDGQ==

OPTIONS
H2 200 messages
cdn.privacy-mgmt.com/wrapper/v2/ Frame 0
0 20ms
20ms Preflight
text/plain 18.238.25.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.25.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-25-94.cmh68.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://captcha.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 69186
cache-control: max-age=86400, s-maxage=86400
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 13 Oct 2023 20:00:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a7c924310215d5696144d830e7655adc.cloudfront.net (CloudFront)
x-amz-cf-id: L7cgNTvDcI714eaUzFftEiGtnrfKXPSwSaOBoIrMOE-0-AM4O3v62Q==
x-amz-cf-pop: CMH68-P5
x-cache: Hit from cloudfront
x-powered-by: Express

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/25110922/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

164ms
164ms

Script
application/javascript

3.160.5.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Server: 3.160.5.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-5-46.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:14:37 GMT
content-encoding: gzip
via: 1.1 03093c003b20d410ed3ec3e4bb2d569c.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 09:10:12 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P4
age: 10726
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: ZK9H29ktzLjd_KKf_juwaCbMWk__Tax-0xl7OPx-vaMZ8_xIS5fDqw==

Redirect headers

date: Sat, 14 Oct 2023 15:13:21 GMT
via: 1.1 03093c003b20d410ed3ec3e4bb2d569c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: CMH68-P4
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: XQgvnMWyHXukHIaCzNfgCD7MHX_juL_VADLrqD6Gs6iwEKPRAqC-eg==

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 395ms
18ms Script
application/javascript 104.26.8.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 15:13:21 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 02 Oct 2023 15:19:34 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1036237
ETag: W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbB3kw06a0rfI4bg6TKEeCw9QZcpRWhBVkkn6gyC%2BbcYBJJu5hB%2FBakao%2BkVKR3GL91neI0zcs%2FRzbsfyZleBnorSAbE85RHrIyzK%2FxvSRNLzgyU6VLL0%2BOb%2BSCyXJg5"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 8160c40f6dc343ed-EWR

POST
H2 200 pv-data Show response
cdn.privacy-mgmt.com/wrapper/v2/ 195 B
730 B 127ms
126ms XHR
application/json 18.238.25.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=418206796431241009651d&scriptVersion=4.13.3&scriptType=unified

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.25.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-25-94.cmh68.r.cloudfront.net

Software

/ Express

Resource Hash

628270db738e4e47256b685a8283e13d18331d1045dfadcc48791eb896fbb26f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Oct 2023 15:13:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 a7c924310215d5696144d830e7655adc.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P5
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://captcha.bot
x-cache: Miss from cloudfront
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length: 195
x-amz-cf-id: NCQgbrgjC7H1yrLAzfs2mYK4rrCET77soWRAN7WHZp6G8shMLr_YPw==

POST
H2 404 pv-data Show response
cdn.privacy-mgmt.com/wrapper/v2/ 9 B
538 B 59ms
58ms XHR
text/plain 18.238.25.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=418206796431241009651d&scriptVersion=4.13.3&scriptType=unified

Requested by

Host: cdn.privacy-mgmt.com
URL: https://cdn.privacy-mgmt.com/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.25.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-25-94.cmh68.r.cloudfront.net

Software

/ Express

Resource Hash

0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Oct 2023 15:13:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 a7c924310215d5696144d830e7655adc.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P5
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://captcha.bot
x-cache: Error from cloudfront
cache-control: no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
content-length: 9
x-amz-cf-id: cJ4aTdYr2vWp0UiXcu3u5KGQz9UH5jylaSqsKn_qenFhKN_WH45ozA==

POST
H2 200 prebid Show response
mp.4dex.io/ 1 KB
2 KB 445ms
82ms XHR
application/json 104.18.2.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.2.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d9622bdebe74cbc290dd6633243794c170faf4ffeacaf4d257adbd69607b5e3

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-las
date: Sat, 14 Oct 2023 15:13:21 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: nn_lb1, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: nn_lb5, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: nn_lb2, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: nn_lb3, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: nn_lb4
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8160c40f6fc43350-EWR
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
540 B 484ms
125ms XHR
application/json 52.72.202.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.24.1&referrer=https%3A%2F%2Fcaptcha.bot%2F&tmax=1500&gdpr=false&us_privacy=1---

Requested by

Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.72.202.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-202-96.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:21 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
450 B 385ms
26ms XHR
application/json 3.233.146.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.233.146.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-146-171.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 017a6d35c608b67709829c14f4e5623253fc42c0f8a868d000eb6885abfe8c18

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 14 Oct 2023 15:13:21 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://captcha.bot
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 16
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 363ms
9ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://captcha.bot
date: Sat, 14 Oct 2023 15:13:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
networkn-d.openx.net/w/1.0/ 190 B
599 B 619ms
267ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://networkn-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcaptcha.bot%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=889ed0cc-a007-40e2-8474-9c4d4540f4e2%2Cd7540140-ebed-48dd-9de2-e3aab4f87932%2Ce664bf50-e802-483f-abd2-76b044941466%2Cc7343697-69aa-4043-bdce-6cdf55471197%2C25800a57-7903-4619-8332-b1e8e55cf736&nocache=1697296401466&gdpr=0&us_privacy=1---&pubcid=b68be608-bb5b-4e97-9a15-d7dd7d571065&schain=1.0%2C1!network-n.com%2Cpa_3b022ccc%2C1%2C%2C%2C&aus=320x50%2C728x90%2C468x60%7C320x50%2C728x90%2C468x60%7C320x50%2C728x90%2C970x90%2C468x60%7C320x50%2C728x90%2C468x60%7C320x50%2C728x90%2C468x60&divids=nn_lb1%2Cnn_lb5%2Cnn_lb2%2Cnn_lb3%2Cnn_lb4&aucs=%2C%2C%2C%2C&auid=559618845%2C559618852%2C559618847%2C559618849%2C559618850
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: c05c7d5d9996825f3f9b332f337cc7dbc20429eaec389252653b2ed71ecb57c9

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:22 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://captcha.bot
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
190 B 364ms
13ms XHR
text/plain 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.24.1&cb=74183601720

Requested by

Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://captcha.bot
date: Sat, 14 Oct 2023 15:13:21 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 181-042f46f459535dfe6471.js Show response
js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/ Frame 94CD 13 KB
4 KB 19ms
18ms Script
application/x-javascript 3.160.22.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/181-042f46f459535dfe6471.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/master-c4eea884aa34223beb59.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.22.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-22-119.cmh68.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

deef0be7fbc792b7c0ad26ccc64c652864d481380a6c8b0a47fc5499b91d93a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: JvX_GQYWvomObDKM1oE5LFZkkXNw.xpD
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Sat, 14 Oct 2023 15:11:31 GMT
via: 1.1 b7a454c5d7e9ad8ba2aca6a02bb25f14.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P3
age: 231
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 10 Oct 2023 04:38:55 GMT
server: AmazonS3
etag: W/"8c6ca2d6b886568b2483182dbe65f1b7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: pBrHD_2QE7aQHE1LpCSeL8feXbvveVhW0ZU9daxlmubdZEBbxxt42A==

GET
H2 200 api.js Show response
js.hcaptcha.com/1/ Frame 94CD 324 KB
92 KB 36ms
12ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hcaptcha.com/1/api.js?onload=hCaptchaLoadCallback&render=explicit

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.10.09-09.27/v2/181-042f46f459535dfe6471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b1c309fa26cd16ba5254f2452b8d9e33a34825c5dddbe6a8e7248e4aa0eb3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.chargebee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: IwS3Ofh3KUTSGUeEHr6NMcNa5UvqP0hT
age: 0
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 13 Oct 2023 11:15:06 GMT
server: cloudflare
etag: W/"9cc0c7d8e1de0fc88916b45f5ea73121"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8160c40f69130c95-EWR
x-amz-cf-id: uGSfr7dw50elElVyNKZmLnJoBD5oBpyKofINEW8bhyIv9xIcJQcNCw==

OPTIONS
H2 200 pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 0
0 31ms
31ms Preflight
text/html 18.238.25.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=418206796431241009651d&scriptVersion=4.13.3&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.25.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-25-94.cmh68.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://captcha.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://captcha.bot
allow: POST
cache-control: no-cache, no-store
content-length: 4
content-type: text/html; charset=utf-8
date: Sat, 14 Oct 2023 15:13:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a7c924310215d5696144d830e7655adc.cloudfront.net (CloudFront)
x-amz-cf-id: gAGUlVoEyhdSufhn0GETRhShAn-uvMxiT2RRdJDMDVrJecYatcv9XA==
x-amz-cf-pop: CMH68-P5
x-cache: Miss from cloudfront
x-powered-by: Express

OPTIONS
H2 200 pv-data
cdn.privacy-mgmt.com/wrapper/v2/ Frame 0
0 31ms
31ms Preflight
text/html 18.238.25.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=418206796431241009651d&scriptVersion=4.13.3&scriptType=unified

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.25.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-25-94.cmh68.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://captcha.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://captcha.bot
allow: POST
cache-control: no-cache, no-store
content-length: 4
content-type: text/html; charset=utf-8
date: Sat, 14 Oct 2023 15:13:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a7c924310215d5696144d830e7655adc.cloudfront.net (CloudFront)
x-amz-cf-id: ZSq4d8V_dym_DmLNY1dWdA_o5Nvg6ql36bg6FODRt-PWumhv6wc4Xw==
x-amz-cf-pop: CMH68-P5
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 35ms
30ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5684350990417920&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:21 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 35ms
31ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=e0R8DNbRdA&w=5167600400596992&o=5684350990417920&cv=2.1.19-1-g9747148&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fcaptcha.bot%2F&sid=dM3s1WFT&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5684350990417920&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 14 Oct 2023 15:13:21 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 133 KB
47 KB 345ms
13ms Script
application/javascript 104.18.22.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a69ab7839896b2e8d6acd561f231993ada2f07c995bb2263887324f7386a3fed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:22 GMT
content-encoding: gzip
last-modified: Fri, 13 Oct 2023 20:31:53 GMT
server: cloudflare
age: 0
etag: W/"89f128a70860926c8045d01128775694607a88a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 8160c411abe7189d-EWR

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 329ms
17ms Fetch
application/javascript 104.26.8.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sat, 14 Oct 2023 15:13:22 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1035997
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Oct 2023 15:19:33 GMT
Server: cloudflare
ETag: W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUlrNAJaNST8eMXJ2%2FjJVsmKXp5b8v5xNYoq6M%2FuV2vArxFt%2FcYgupykjuCSMZU%2B2olnoSYrPlptK2NFRgnyqngT1f44V%2FJVYDfujkwuXImruvcL0zpJzQj164JsS0FW"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 8160c4118a5e43b0-EWR

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/bea6ade/static/ Frame 66BE 2 KB
945 B 24ms
14ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/bea6ade/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=hCaptchaLoadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfe8371fda5d99284c37c1f1276c3241dd2c50dbdb27d2ac3119644c1cced041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.chargebee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
age: 10518
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 8160c40fd94f0c95-EWR
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 15:13:21 GMT
last-modified: Fri, 13 Oct 2023 11:15:06 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 5b4b6c6517b988a4ff2c794e5583ee02.cloudfront.net (CloudFront)
x-amz-cf-id: Wwv8XJxvNCsyzmzvw8zjySMiAVbmBXwxa2NsvwjkeWX_byS3FrhCSg==
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: BFqnnVKIY0nPW8nIZsZXpslUeEYFMt9U
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/bea6ade/static/ Frame 9DF1 2 KB
760 B 14ms
13ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/bea6ade/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=hCaptchaLoadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfe8371fda5d99284c37c1f1276c3241dd2c50dbdb27d2ac3119644c1cced041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.chargebee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
age: 10518
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 8160c40fd9500c95-EWR
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 15:13:21 GMT
last-modified: Fri, 13 Oct 2023 11:15:06 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 5b4b6c6517b988a4ff2c794e5583ee02.cloudfront.net (CloudFront)
x-amz-cf-id: Wwv8XJxvNCsyzmzvw8zjySMiAVbmBXwxa2NsvwjkeWX_byS3FrhCSg==
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: BFqnnVKIY0nPW8nIZsZXpslUeEYFMt9U
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/bea6ade/ Frame 66BE 324 KB
92 KB 12ms
11ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/bea6ade/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/bea6ade/static/hcaptcha.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b1c309fa26cd16ba5254f2452b8d9e33a34825c5dddbe6a8e7248e4aa0eb3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/bea6ade/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: IwS3Ofh3KUTSGUeEHr6NMcNa5UvqP0hT
age: 10522
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 13 Oct 2023 11:15:06 GMT
server: cloudflare
etag: W/"9cc0c7d8e1de0fc88916b45f5ea73121"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 8160c41019770c95-EWR
x-amz-cf-id: uGSfr7dw50elElVyNKZmLnJoBD5oBpyKofINEW8bhyIv9xIcJQcNCw==

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/bea6ade/ Frame 9DF1 324 KB
92 KB 12ms
12ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/bea6ade/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/bea6ade/static/hcaptcha.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b1c309fa26cd16ba5254f2452b8d9e33a34825c5dddbe6a8e7248e4aa0eb3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/bea6ade/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: IwS3Ofh3KUTSGUeEHr6NMcNa5UvqP0hT
age: 10522
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 13 Oct 2023 11:15:06 GMT
server: cloudflare
etag: W/"9cc0c7d8e1de0fc88916b45f5ea73121"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 8160c41019780c95-EWR
x-amz-cf-id: uGSfr7dw50elElVyNKZmLnJoBD5oBpyKofINEW8bhyIv9xIcJQcNCw==

GET
DATA 200
OK truncated
/ Frame 9DF1 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 checksiteconfig Show response
api2.hcaptcha.com/ Frame 66BE 778 B
1 KB 68ms
45ms XHR
application/json 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.hcaptcha.com/checksiteconfig?v=bea6ade&host=js.chargebee.com&sitekey=dc26aa54-4902-437f-80e2-a22947a6c01b&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/bea6ade/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bc27bd02b8e5f0aec1cdd9355bbced8478d537e3e07215cafc62075355a4304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 14 Oct 2023 15:13:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 8160c410b9ba0c95-EWR
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/78ee6fc/ Frame 66BE 563 KB
237 KB 16ms
15ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/78ee6fc/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/bea6ade/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4aedae609aaed9eee18be831f2f68431bbf164fee995c3778b3d967e78a89dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/bea6ade/static/hcaptcha.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: zRd.mnqF5ln6CQ3PkLHTaIjuF7gynRfq
age: 152867
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 11 Oct 2023 15:52:15 GMT
server: cloudflare
etag: W/"88ec119edce744c1711cd5ee39d7077a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 8160c4110ee44261-EWR
x-amz-cf-id: jcm_lvLuj1cGF6MOh8Wv6de1OSmzNTQMnMADjp6TIxJe1zdMWJ4V9A==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 158 KB
21 KB 789ms
789ms Fetch
text/plain 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1645898257165395&correlator=170325775938465&eid=31078638&output=ldjh&gdfp_req=1&vrg=202310100101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=6928793%2CCaptcha.Bot-649ed910bf94d%2CCaptcha.Bot-LB1-649ed959de356%2CCaptcha.Bot-LB5-649ed98ea02ec%2CCaptcha.Bot-LB2-649ed95eeb9f7%2CCaptcha.Bot-LB3-649ed9851244a%2CCaptcha.Bot-LB4-649ed989c7371&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F3%2C0%2F1%2F4%2C0%2F1%2F5%2C0%2F1%2F6&prev_iu_szs=1x1%7C320x50%7C728x90%7C468x60%2C320x50%7C728x90%7C468x60%2C320x50%7C728x90%7C3x1%7C970x90%7C468x60%2C320x50%7C728x90%7C468x60%2C320x50%7C728x90%7C468x60&ifi=1&didk=3277115065~3277115045~3277115064~3277115047~3277115046&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697296402199&lmt=1693647620&adxs=640%2C640%2C640%2C640%2C640&adys=140%2C1149%2C2312%2C3159%2C4373&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fcaptcha.bot%2F&ref=https%3A%2F%2Fwww.wickbot-verify.xyz%2F&vis=1&psz=1536x64%7C1536x64%7C1344x64%7C1344x64%7C1536x64&msz=320x0%7C320x0%7C320x0%7C320x0%7C320x0&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=951842731.1697296400&ga_sid=1697296402&ga_hid=1182326786&ga_fc=true&dlt=1697296399580&idt=1365&prev_scp=m_gv%3D0%26m_mv%3D0%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cm_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData&cust_params=url%3D%252F%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26refresh%3D1&adks=3550345316%2C2602055151%2C312607174%2C3717954854%2C3479079291&frm=20&is_cau=%2C%2C%2C%2C

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f2.1e100.net

Software

cafe /

Resource Hash

c109078ee12e27dc51c2f90e73f9275e7a6b2f1f980435306c3c494094f4e271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21025
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://captcha.bot
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 401ms
53ms XHR
application/json 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

c52c2add27a2ed187cbf775b4ebb41181de57f9182c6efd57526c97dce5c0eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12306
x-xss-protection: 0

GET
H2 200 container.html Show response
b45d3a787b758ba92ae69d224b1ce510.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B4DA 6 KB
3 KB 390ms
37ms Document
text/html 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b45d3a787b758ba92ae69d224b1ce510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 15:13:22 GMT
expires: Sun, 13 Oct 2024 15:13:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=25110922&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1697296402276&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1...
https://sb.scorecardresearch.com/b2?c1=2&c2=25110922&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1697296402276&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=...

0
225 B

172ms
172ms

Image
text/plain

3.160.5.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=25110922&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1697296402276&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fcaptcha.bot%2F&c8=Captcha.bot%20-%20Verification%20done%20right&c9=https%3A%2F%2Fwww.wickbot-verify.xyz%2F
Protocol: H2
Server: 3.160.5.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-5-46.cmh68.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:22 GMT
via: 1.1 03093c003b20d410ed3ec3e4bb2d569c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: CMH68-P4
x-amz-cf-id: liZvFKxUy9UUcNFSpez7-uWO32Wxfot95QxWQdwRw8lNvqmCbzd4SQ==
x-cache: Miss from cloudfront

Redirect headers

date: Sat, 14 Oct 2023 15:13:22 GMT
via: 1.1 03093c003b20d410ed3ec3e4bb2d569c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: CMH68-P4
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=25110922&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1697296402276&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fcaptcha.bot%2F&c8=Captcha.bot%20-%20Verification%20done%20right&c9=https%3A%2F%2Fwww.wickbot-verify.xyz%2F
content-length: 0
x-amz-cf-id: WIVgGQcxWsKY2JJQnnzNQjRgYBFR7ees2MkcVhGX1DFxGyUjVuXT6w==

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 33ms
11ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://captcha.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 14 Oct 2023 15:13:22 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 13ms
12ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Oct 2023 15:13:22 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 2906 824 B
1 KB 265ms
71ms Document
text/html 23.83.76.68
LEASEWEB-USA-LAX

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by: Host: www.wickbot-verify.xyz
URL: https://www.wickbot-verify.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.76.68 Los Angeles, United States, ASN395954 (LEASEWEB-USA-LAX, US),
Reverse DNS
Software: /
Resource Hash: 0080818f813496cca45eec2321158dbe39a83492a8e07f475de282b28e771ac8

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 824
content-type: text/html
date: Sat, 14 Oct 2023 15:13:22 GMT

GET
H2 200 setuid
u.4dex.io/ Frame 2906 0
1 KB 89ms
73ms Image
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=smart&uid=3796168301766332927&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:22 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET

8.gif
id5-sync.com/c/102/112/2/ Frame 2906
Redirect Chain

https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
https://id5-sync.com/c/102/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-1f526R2x7e55u7d548nXjCHZ8C4Qws_X3GlAZc8J2w&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_...
https://id5-sync.com/c/102/102/8/2.gif?puid=3796168301766332927&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
https://id5-sync.com/k/155.gif?puid=AACaCE7KVWAAABwLfPBxUg&id5AccountNum=155&numCascadesAllowed=9
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=1ade366f-290d-4b4c-b61e-aead62f41cf7&ttl=%%TTL%%
https://ib.adnxs.com/getuid?https://id5-sync.com/c/102/2/5/5.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/102/2/5/5.gif?puid=4652640509533943309&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F4%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F4%2F6.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/123/4/6.gif?puid=18b2ebfcc56-4a900000010a4d0c&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F3%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F3%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/102/10/3/7.gif?puid=1943222738216027918&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/102/112/2/8.gif?puid=FDE70105006A576C&gdpr=0&gdpr_consent=

0
0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 2906
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3796168301766332927&gdpr=0&gdpr_consent=

68 B
279 B

65ms
10ms

Image
image/png

18.211.184.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3796168301766332927&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol: H2
Server: 18.211.184.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-184-20.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:22 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=3796168301766332927&gdpr=0&gdpr_consent=
pragma: no-cache
date: Sat, 14 Oct 2023 15:13:22 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 2906
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4652640509533943309&gdpr=0&gdpr_consent=

43 B
414 B

31ms
29ms

Image
image/gif

23.105.12.136
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4652640509533943309&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 14 Oct 2023 15:13:22 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:22 GMT
an-x-request-uuid: e5b6b628-ae19-4559-b9a9-6b6cfea687fb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=4652640509533943309&gdpr=0&gdpr_consent=
x-proxy-origin: 5.181.234.132; 5.181.234.132; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 2906
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZSqwEgAXw0ys2QBY&gdpr=0&gdpr_consent=&_test=ZSqwEgAXw0ys2QBY

43 B
411 B

10ms
10ms

Image
image/gif

23.105.12.136
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZSqwEgAXw0ys2QBY&gdpr=0&gdpr_consent=&_test=ZSqwEgAXw0ys2QBY
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 23.105.12.136 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 14 Oct 2023 15:13:22 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by: cache-lga21955-LGA
pragma: no-cache
date: Sat, 14 Oct 2023 15:13:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1697296403.659135,VS0,VE0
x-cache: HIT
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZSqwEgAXw0ys2QBY&gdpr=0&gdpr_consent=&_test=ZSqwEgAXw0ys2QBY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 428ms
52ms Script
text/javascript 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 15:13:23 GMT

POST
H2 204 auction Show response
intake.pbstck.com/v1/intake/ 0
64 B 101ms
99ms XHR
text/plain 104.22.1.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.pbstck.com/v1/intake/auction?tId=b9a66c8b-8c9c-49f1-bde4-1100d393cf5e&c=5
Requested by: Host: www.wickbot-verify.xyz
URL: https://www.wickbot-verify.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.1.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 14 Oct 2023 15:13:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8160c41509318c90-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 348ms
16ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Oct 2023 15:13:23 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309290141000/ Frame C114 196 KB
56 KB 360ms
15ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 13 Oct 2023 10:47:02 GMT
age: 102381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56111
x-xss-protection: 0
server: sffe
etag: "196a98f213e9af2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Oct 2024 10:47:02 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C114 15 KB
5 KB 390ms
46ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 12 Oct 2023 21:41:25 GMT
age: 149518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "b67abf1ac5d05c62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 11 Oct 2024 21:41:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C114 94 KB
28 KB 393ms
49ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 13 Oct 2023 12:11:37 GMT
age: 97306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: sffe
etag: "f80aeafaeae93075"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Oct 2024 12:11:37 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C114 5 KB
2 KB 376ms
32ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 13 Oct 2023 16:20:26 GMT
age: 82377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "5fa0b581892e5d76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Oct 2024 16:20:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame C114 40 KB
13 KB 391ms
47ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 12 Oct 2023 20:17:49 GMT
age: 154534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "f431afcc9b21c868"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 11 Oct 2024 20:17:49 GMT

GET
DATA 200
OK truncated
/ Frame C114 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec917c37709c36f386d3c560ad305163261beae8c634482c68638795843411ac

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309290141000/ Frame 944D 196 KB
55 KB 366ms
34ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 13 Oct 2023 10:47:02 GMT
age: 102381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56111
x-xss-protection: 0
server: sffe
etag: "196a98f213e9af2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Oct 2024 10:47:02 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 944D 15 KB
5 KB 25ms
14ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 12 Oct 2023 21:41:25 GMT
age: 149518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "b67abf1ac5d05c62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 11 Oct 2024 21:41:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 944D 94 KB
28 KB 27ms
15ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 13 Oct 2023 12:11:37 GMT
age: 97306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: sffe
etag: "f80aeafaeae93075"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Oct 2024 12:11:37 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 944D 5 KB
2 KB 29ms
17ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 13 Oct 2023 16:20:26 GMT
age: 82377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "5fa0b581892e5d76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Oct 2024 16:20:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 944D 40 KB
13 KB 30ms
18ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 12 Oct 2023 20:17:49 GMT
age: 154534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "f431afcc9b21c868"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 11 Oct 2024 20:17:49 GMT

GET
DATA 200
OK truncated
/ Frame 944D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 561825db32676c8e7a5ae038cb527094eafaca408aa5b51c5503184ef48bb637

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 13471499732771934663
tpc.googlesyndication.com/simgad/ Frame C114 13 KB
13 KB 18ms
16ms Image
image/png 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13471499732771934663?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmcNo8H7RmeMoh6RjiexVwJC1B-ag

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

0c1dfcd2e83ee1c1bfad3b0bfaa2b916c65420d619ef516466e97276cfae2507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 18:43:03 GMT
x-content-type-options: nosniff
age: 592220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12908
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 04:56:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Oct 2024 18:43:03 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C114 2 KB
3 KB 15ms
14ms Image
image/png 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 14:20:20 GMT
x-content-type-options: nosniff
server: cafe
age: 3183
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 15 Oct 2023 14:20:20 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C114 295 B
399 B 15ms
14ms Image
image/png 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 23:25:54 GMT
x-content-type-options: nosniff
server: cafe
age: 56849
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 14 Oct 2023 23:25:54 GMT

GET
H2 200 13471499732771934663
tpc.googlesyndication.com/simgad/ Frame 944D 13 KB
13 KB 20ms
19ms Image
image/png 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13471499732771934663?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmcNo8H7RmeMoh6RjiexVwJC1B-ag

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

0c1dfcd2e83ee1c1bfad3b0bfaa2b916c65420d619ef516466e97276cfae2507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 18:43:03 GMT
x-content-type-options: nosniff
age: 592220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12908
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 04:56:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 06 Oct 2024 18:43:03 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 944D 2 KB
3 KB 16ms
15ms Image
image/png 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 14:20:20 GMT
x-content-type-options: nosniff
server: cafe
age: 3183
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 15 Oct 2023 14:20:20 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 944D 295 B
353 B 16ms
16ms Image
image/png 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 23:25:54 GMT
x-content-type-options: nosniff
server: cafe
age: 56849
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 14 Oct 2023 23:25:54 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309290141000/ Frame 6AFC 196 KB
55 KB 358ms
41ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 13 Oct 2023 10:47:02 GMT
age: 102381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56111
x-xss-protection: 0
server: sffe
etag: "196a98f213e9af2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Oct 2024 10:47:02 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 6AFC 15 KB
5 KB 31ms
20ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 12 Oct 2023 21:41:25 GMT
age: 149518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5226
x-xss-protection: 0
server: sffe
etag: "b67abf1ac5d05c62"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 11 Oct 2024 21:41:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 6AFC 94 KB
28 KB 47ms
35ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 13 Oct 2023 12:11:37 GMT
age: 97306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29036
x-xss-protection: 0
server: sffe
etag: "f80aeafaeae93075"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Oct 2024 12:11:37 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 6AFC 5 KB
2 KB 50ms
38ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 13 Oct 2023 16:20:26 GMT
age: 82377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "5fa0b581892e5d76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 12 Oct 2024 16:20:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309290141000/v0/ Frame 6AFC 40 KB
13 KB 51ms
39ms Script
text/javascript 172.217.13.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309290141000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f1.1e100.net

Software

sffe /

Resource Hash

541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 12 Oct 2023 20:17:49 GMT
age: 154534
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12962
x-xss-protection: 0
server: sffe
etag: "f431afcc9b21c868"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 11 Oct 2024 20:17:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6AFC 14 KB
2 KB 411ms
40ms Stylesheet
text/css 172.217.13.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Oct 2023 15:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 13:41:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Oct 2023 15:13:23 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6AFC 2 KB
3 KB 13ms
12ms Image
image/png 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 14:20:20 GMT
x-content-type-options: nosniff
server: cafe
age: 3183
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 15 Oct 2023 14:20:20 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6AFC 295 B
353 B 14ms
13ms Image
image/png 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 23:25:54 GMT
x-content-type-options: nosniff
server: cafe
age: 56849
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 14 Oct 2023 23:25:54 GMT

GET
DATA 200
OK truncated
/ Frame 6AFC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39d0d47dced882810764d0d5f9d1e7d5d2accf99f1acb428f50e85c7e8e0224e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0B3F 13 KB
5 KB 15ms
13ms Document
text/html 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 418813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Oct 2023 18:53:10 GMT
expires: Tue, 08 Oct 2024 18:53:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AF0B 829 B
1 KB 395ms
41ms Document
text/html 172.217.13.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f4.1e100.net

Software

GSE /

Resource Hash

0f7129bc8a18fde80c69132afa23cb252469090bd2e9030151b45631cc276c1b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fH0mUy_aXSuBrdJlZJpSoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fH0mUy_aXSuBrdJlZJpSoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 15:13:23 GMT
expires: Sat, 14 Oct 2023 15:13:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B3F 37 KB
15 KB 674ms
15ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:49:26 GMT

GET
H2

200

setuid
u.4dex.io/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&us_privacy=1---&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D%26us_privacy%3D1---
https://u.4dex.io/setuid?bidder=openx&uid=e92dddc4-c5b4-43a8-8c6a-2212c2f22a70&us_privacy=1---

0
1 KB

90ms
89ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=openx&uid=e92dddc4-c5b4-43a8-8c6a-2212c2f22a70&us_privacy=1---
Protocol: H2
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:23 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

date: Sat, 14 Oct 2023 15:13:23 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://u.4dex.io/setuid?bidder=openx&uid=e92dddc4-c5b4-43a8-8c6a-2212c2f22a70&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DC3D 15 KB
6 KB 340ms
17ms Document
text/html 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=captcha.bot&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 15:13:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 521765
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 341ms
20ms XHR
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 15 Oct 2023 15:13:23 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6AFC 33 KB
34 KB 355ms
13ms Font
font/woff2 172.217.13.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://captcha.bot
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 16:54:28 GMT
x-content-type-options: nosniff
age: 166735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 16:54:28 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C114
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

382ms
36ms

Image
text/html

172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Redirect headers

date: Sat, 14 Oct 2023 15:13:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 944D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

349ms
79ms

Image
text/html

172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Redirect headers

date: Sat, 14 Oct 2023 15:13:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6AFC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

326ms
80ms

Image
text/html

172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Redirect headers

date: Sat, 14 Oct 2023 15:13:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AF0B 0
0 386ms
84ms Image
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310100101&jk=1645898257165395&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C114 0
0 102ms
102ms Image
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYA0pErAqZY3_EPyTjvQPiLeMoAexuff_cYvuov_HEWQQASD58KdVYMnGqYvApNgPoAHmoPjQAsgBAuACAKgDAcgDCKoExQJP0PKW978Rz-0SZeJ3DTktDoorZhQnuFmiLt5WhrS8LdRBkrwElObftBk9WVOESkR0vzpf38xAhSekZYV7mq30fkb3DrC0bQGlRyHh6HwQFt983VEoghW23EDCCbeVoZky9cTPjvGnxDWlsQUpr5x7PAzC374EHedzJp4M90y2VQEg6taRsCVa5I7XBcU6NIQpiUyXQ39rbyXnIjH8N7nWL4VD2pL1eutGROOXccq3b-N08XSP0XwCy8mE7tJNEozWdYYut63mndx519wv7w4cyytHVnAQnkuE6UpUpIGuxyxpzWggwflHB0WuEKXs91ySRr179eriUosYCXdQoG_hNNPj23PwttWUJ80Y8iQfVBb-ASyGKslEsEBh7lUrq7p8Jj2MCKjqSpV5nmWRLNdfweLBqHnMeBWI9EF0f7_b50MdngUGwATxjt-woATgBAGIBeaoqfZAkgUECAQYAZIFBAgFGASgBgKAB4Lfh68BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ0J4b0ggUCIBhEAEYHTICigI6AoBASL39wTqaCT5odHRwczovL2dldGVhc3lwZGYuY29tL3BkZi9scDUvP21haW49aGVhZGxpbmUzJmxvd2VyPWhlYWRsaW5lM4AKA8gLAdoMEAoKEPC1_duVlL-peBICAQPiDRMIxNuJ6en1gQMV_ImDCB2IGwN02BMM0BUBgBcBshceChwIABIUcHViLTYxNzc5NjE3ODAxNDc1OTEYieMN&sigh=VPwg-BI5N4Y&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaN3HCb9UicG1-N3TVfgFIhqrtTA15lYvwT3Q_-lllOfhCsW2jJkyp8vYpakfuahIoCyrqmr6lCDXlpGZJEXm30OU2KhmfYyhgB&cbvp=2
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame DC3D 444 B
562 B 16ms
15ms Fetch
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=captcha.bot&sn=ChromeSyncframe&so=0&topUrl=captcha.bot&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=captcha.bot&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

669023d17050b609be40a4a308c21f6b697bcaa8d64676f2921b435941dbb03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=captcha.bot&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:23 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 5128848
expires: 0

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 944D 0
0 89ms
89ms Image
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSawTErAqZY7_EPyTjvQPiLeMoAexuff_cYvuov_HEWQQASD58KdVYMnGqYvApNgPoAHmoPjQAsgBAuACAKgDAcgDCKoEyAJP0PLYSQ8SrzruJfwAt9Pgu1yqqk1mWw6mjv5W71jabECmaMESHZW2yXpUaKfS7BrTwyS8FzrKeZr9VwxpUZkeMWddiehO-ORi9EvSPuitShftx3QFCLa7Z7sbIayv_q5_9e2JNxR7yE39hVI5I7wAQZuqNJhzWbUSZc7HYSOzEuY0E5lUZR7q4bbLkTAzho6_BMU_NB95cNLCCwkV6zytfpQBYem00ek9s4Q5Je-E9F4ADpy9m1XS2NlMbBiEIQgWujcRRxKex8jpZcahR_1RIcMGJNdk9rcH2UANpCFtSACvIASj3VEx45abLKB-mmvYeVKcVjtFem6a-71CC3Cf--6pU3GDOuOgeOveLXyI7z2z7V4WAn4HSy3ckYkYW3jhLvZmT_lU_f5NB1BcgM-znDmVaJhE2_tPiw0qjVDalueKdDdhqSMPwATxjt-woATgBAGIBeaoqfZAkgUECAQYAZIFBAgFGASgBgKAB4Lfh68BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQkOID0ggUCIBhEAEYHTICigI6AoBASL39wTqaCT5odHRwczovL2dldGVhc3lwZGYuY29tL3BkZi9scDUvP21haW49aGVhZGxpbmUzJmxvd2VyPWhlYWRsaW5lM4AKA8gLAdoMEQoLEICJ1Kmc-efB1wESAgED4g0TCMXbienp9YEDFfyJgwgdiBsDdNgTDNAVAYAXAbIXHgocCAASFHB1Yi02MTc3OTYxNzgwMTQ3NTkxGInjDQ&sigh=pohJ4C4tV-g&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaN3HCb9UicG1-N3TVfgFIhqrtTA15lYvwT3Q_-lllOfhCsW2jJkyp8vYpakfuahIoCyrqmr6lCDXlpGZJEXm30OU2KhmfYyhgB&cbvp=2
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6AFC 0
0 86ms
86ms Image
text/html 172.217.13.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CISw9ErAqZY__EPyTjvQPiLeMoAfnpYOCc_urrJySEpiBiedHEAEg-fCnVWDJxqmLwKTYD6ABkOb4hQPIAQHgAgCoAwHIAwqqBMACT9BvHReNJ6_8rVpkH-QdXjrzHzo3dS8xoXcxoaPdXSIbt_TeTY-tJx0otGgd9DWfba9b7Rs4o19lt2fcYx5p6IoJ26rD_XxANJ_mFNRCf65SNSBJgV_57MuTMnPbjq3HoRE2EGKy6rkZpLpejD0kfgxdGMYQy_qKW5CoHUQ0K3x9dSKRhNgaEL59y7SK2Kh9M6JOJF77RIeolQUw_k5vlyrJVwUD7sc7H28vg52UxRNGqKlPWgiPcCHmP0KOuLpQRq3xF-0tXWPxWdlyDexMkbjVTsSFZ14VX2dC9INGk5ldw_eOaPN5IEZO4uHeq3z673BIVp8rTEAgvt4FpkILh9bFRqQitUVhWgXhm8-iqL8zkwkE52vgd9YMauYYbfyMjHFXReGrLwV7v3iljBmeDp5efNQcnIzJs44IuwJQcfjABNW52qOwBOAEAYgFg-GszEySBQQIBBgBkgUECAUYBKAGZoAH2JmHeqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJDiA9IIFAiAYRABGB0yAooCOgKAQEi9_cE6mgmBAWh0dHBzOi8vd3d3LnRlbGVzaWduLmNvbS9zbXMtdmVyaWZ5L3RyaWFsLWFjY291bnQ_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1wYWlkX3NlYXJjaCZ1dG1fY2FtcGFpZ249Q29tbXVuaWNhdGlvbnMrLStBbWVyaWNhc4AKA8gLAdoMEQoLEJD6l5nB3fn34AESAgED4g0TCMbbienp9YEDFfyJgwgdiBsDdNgTDdAVAYAXAbIXHgocCAASFHB1Yi02MTc3OTYxNzgwMTQ3NTkxGInjDQ&sigh=tFlDX4gulRc&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaN3HCb9UicG1-N3TVfgFIhqrtTA15lYvwT3Q_-lllOfhCsW2jJkyp8vYpakfuahIoCyrqmr6lCDXlpGZJEXm30OU2KhmfYyhgB&cbvp=2
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul03s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 0B3F 0
40 B 12ms
11ms Image
text/plain 172.217.13.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-3c3qQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://ice.360yield.com/server_match?partner_id=1790&us_privacy=1---&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26us_privacy%3D1---%26uid%3D%7BPUB_USER_ID%7D
https://ice.360yield.com/ul_cb/server_match?partner_id=1790&us_privacy=1---&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26us_privacy%3D1---%26uid%3D%7BPUB_USER_ID%7D
https://u.4dex.io/setuid?bidder=improvedigital&us_privacy=1---&uid=459e2523-3b73-4edd-a932-d50aa89e2915

0
15 B

81ms
81ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=improvedigital&us_privacy=1---&uid=459e2523-3b73-4edd-a932-d50aa89e2915
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:24 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

location: https://u.4dex.io/setuid?bidder=improvedigital&us_privacy=1---&uid=459e2523-3b73-4edd-a932-d50aa89e2915
access-control-allow-origin: *
date: Sat, 14 Oct 2023 15:13:24 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 86ms
86ms Image
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310100101&jk=1645898257165395&bg=!h4SlhMvNAAbFpEfJ5aQ7ADQBe5WfOM7rxUffz-V-XjClYCI-waf10fYtpVicl5NDEwTsTFOpV369vUQZtZAFeHKlR-oDAgAAAHJSAAAACWgBBwoAOZ2b-IYW0J1OUbgUGXHuqPxeUgcIqXFeEbgpSRiTSfe4LldkRag3FF2SzkA12-HkpaEh46EluX_YnJkDBsxbqTkclLo9BBvPpIjt_RGO71cUqd9fhoR8CJ-nDhzk6ccFiUZSPNZJmadLjgtjF9wWyTHTI31F9bMnLdS8bsSTN3W2ECrMFPnvlE-BJCxP8jJtGL6ihwSUJ1PEVcKsRhpdddy7xGYLaTgJPYIxrV3KliC-Vkar81nF95yd0AHF_XQuiHQuzqQGgZvcHQ8B0mLLf5OCk_1VMI3fGyCzIzdlSYOYGfgNTzLa-lZavQlhULBCsdYetDwYstEVCj3v727vfqgkg4RocWUp61JD6wH3PwoVV10qB4pQLoXTLTYLONqMNSzro0rnMmYmfc8-lDRXZwnT78uh6xCf1L_nkhfP6QLX-NhqkbylhdxvR2J6j4GI_IaO2v0P0UkRd5EU_XrIbneCw2C5L71TSj_5fY82oflaiHUXNO5fN8dv_bxSwAHPz0yKpqrKH5jtn2fPES7tUxnmbHThT4KDhmNcBpnS1ZqZF0HBXKj05FJ14uUDKTJklubvZmyvg7GyXkJPp0ECRT0FeM6f3WDWlETYWBhIT3De_MzEQpoK3rmfIe-mEtXoKyvLrjXfXK7s4GKtXjuRcBqRbKSxf0hPTCRUaZhb6uUiBBpyBHsHKBCe7d6nakQTqDyUhDYlCFGMvehUKJqQUbXGMovWDqy6KuigJmWO96v4Y-7emYOkrnv5cDQAnvtCLSq92mwUdcGx-qNw3ena4pC0ZNc6gKzH_YZrc5H52bn8IlkCEuC2RsPXX2SX0ERSke3QoWWLfm5BEFch5fHmZ9cGgsb4GHW7-01y8wd_6Ki_tJk3kseKAzqfzeqHPnyNCqXJPApwbgTRzymIQzUazvyiyQmxIzVHA0r1ikTVgzCtRiMyLqOvk4tkYDfZ7MQSrV_LMv7LL9VlO7GVaX36BDFQKYNYcR0z3i5nRqFiRb44Aeal3ZG6o-ItB3SDJU2NVoEnwRk2rm5N9d5_RRz_Wzfws1DcU96sGwLIKko3mh1bGnzQiUjwtK2bMWd5EaE_RZWf-gfu5o6aqfVa4SpMkCyNfQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: yul02s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C114 42 B
176 B 82ms
81ms Image
image/gif 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsus9Gp2gMGb3CRpJQlq0Xl59Fve-CdcCV8tP79k3JPB12qfC0dDkzlkAgr736Y0wsrQrem7LTejsFCiGlBJvB_u8__dIDvWLzFYWzsn7u-tOnjluWgMuLoGLIpeUde69XNJ-_oUFbQFqA&sai=AMfl-YQ766WstXnIAHBLZZtBK2fn1YnPnQZKPYWoOSiGnruwFYfMJMzMsuZ-CvyYKtipcfmHG57J5E7Ld20LrA6BQa3Sz-OS2wOzncf9YSa853YZbdGFa3kHYtAoK0uXELxQk-hyOI0oUyLykJvB&sig=Cg0ArKJSzIFZyndqYtE_EAE&cid=CAQSSwDICaaN3HCb9UicG1-N3TVfgFIhqrtTA15lYvwT3Q_-lllOfhCsW2jJkyp8vYpakfuahIoCyrqmr6lCDXlpGZJEXm30OU2KhmfYyhgB&id=ampim&o=436,140&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=673&tls=1674&g=100&h=100&tt=1674&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 329ms
10ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcaptcha.bot%2F&domain=captcha.bot&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://captcha.bot
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 14 Oct 2023 15:13:24 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 203783
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 423 B
705 B 12ms
11ms XHR
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcaptcha.bot%2F&domain=captcha.bot&cw=1&pbt=1&lsw=1

Requested by

Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

fc76ac242d22a654b36f7f5bcbb04e6ede032dc2ddf5c6d97c2e2800d01271f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1776071
expires: 0

POST
H2 200 420.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 84ms
83ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/420.json

Requested by

Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

6929108ddef12f0862048062e7da05af2553c82c866646ffbae96a47360c5c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://captcha.bot
date: Sat, 14 Oct 2023 15:13:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
666 B 11ms
10ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=jdf94yb&fmt=json
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e1d36f02360d0ea003af2beb3f5e59387d62a80d5daa71a4b1be187e7da7a148

Request headers

Referer: https://captcha.bot/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 14 Oct 2023 15:13:25 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://captcha.bot
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Mon, 13 Nov 2023 15:13:25 GMT

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 9D55
Redirect Chain

https://eb2.3lift.com/sync?us_privacy=1---&
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

1 KB
2 KB

11ms
11ms

Document
text/html

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: 07b8cb6354e3992ae1b8ad6c887ff275341c527eee55ba2bee59ddfd549b42aa

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1304
content-type: text/html; charset=utf-8
date: Sat, 14 Oct 2023 15:13:25 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 14 Oct 2023 15:13:25 GMT
location: /sync?us_privacy=1---&&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FCA0 15 KB
6 KB 32ms
5ms Document
text/html 23.48.144.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158684&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.48.144.247 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-48-144-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=137385
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Sat, 14 Oct 2023 15:13:25 GMT
expires: Mon, 16 Oct 2023 05:23:10 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame FDD5 653 B
718 B 111ms
108ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=765fac68-b57c-489c-8ec7-92aeec542751&gdpr=0&us_privacy=1---
Requested by: Host: kumo.network-n.com
URL: https://kumo.network-n.com/prebid.php?v=6.24.1&adapters=pubmatic,criteo,adagio,rise,triplelift,openx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: d8c4b448064b6407a3fe0424bec0d6cdec89e865223be603653cb8417fc5b1c7

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 414
content-type: text/html
date: Sat, 14 Oct 2023 15:13:25 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

xuid
eb2.3lift.com/ Frame 9D55
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=1ade366f-290d-4b4c-b61e-aead62f41cf7&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
354 B

13ms
12ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=1ade366f-290d-4b4c-b61e-aead62f41cf7&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 14 Oct 2023 15:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=3658&xuid=1ade366f-290d-4b4c-b61e-aead62f41cf7&dongle=0cfd&gdpr=0&gdpr_consent=
date: Sat, 14 Oct 2023 15:13:25 GMT
server: Kestrel
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame 9D55
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA4NzQ3MTI4NjIyMTEwNTMzMzQzOQ%3D%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

12ms
12ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 9D55
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDaTQvcuHKSRTY4gbWs4Rdo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
354 B

16ms
14ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDaTQvcuHKSRTY4gbWs4Rdo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 14 Oct 2023 15:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDaTQvcuHKSRTY4gbWs4Rdo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9D55
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA4NzQ3MTI4NjIyMTEwNTMzMzQzOQ%3D%3D

170 B
243 B

38ms
38ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA4NzQ3MTI4NjIyMTEwNTMzMzQzOQ%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjA4NzQ3MTI4NjIyMTEwNTMzMzQzOQ%3D%3D
date: Sat, 14 Oct 2023 15:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 9D55 0
631 B 348ms
25ms Image
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2087471286221105333439&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:25 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CB83CAE3116E423DBA4062CC9C32F8BE Ref B: EWR30EDGE1618 Ref C: 2023-10-14T15:13:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHrp1VNygNLkHY+EopJA==

GET 2087471286221105333439
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame 9D55 0
0

GET
H2 200 c.gif
c.bing.com/ Frame 9D55 42 B
690 B 358ms
18ms Image
image/gif 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=2087471286221105333439&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:24 GMT
last-modified: Wed, 30 Aug 2023 15:12:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A555FB8DBA964AD8965DC6FD617268AB Ref B: EWR311000104049 Ref C: 2023-10-14T15:13:25Z
etag: "3370fe5b54dbd91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 9D55
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=2087471286221105333439&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=2087471286221105333439&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=841089db-f6aa-40c9-89ff-f7268b35256d&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=841089db-f6aa-40c9-89ff-f7268b35256d&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=af49f442-70fe-4077-a586-231693885f09&ssp=triplelift&expires=30&user_group=5&bsw_param=841089db-f6aa-40c9-89ff-f7268b35256d
https://eb2.3lift.com/xuid?mid=2409&xuid=841089db-f6aa-40c9-89ff-f7268b35256d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
354 B

12ms
12ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=841089db-f6aa-40c9-89ff-f7268b35256d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 14 Oct 2023 15:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=2409&xuid=841089db-f6aa-40c9-89ff-f7268b35256d&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sat, 14 Oct 2023 15:13:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 9D55
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3...
https://eb2.3lift.com/xuid?mid=2711&xuid=08fe9a51-a58a-4fa5-9535-67b8736b8034&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---

37 B
354 B

17ms
17ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=08fe9a51-a58a-4fa5-9535-67b8736b8034&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 14 Oct 2023 15:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:24 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://eb2.3lift.com/xuid?mid=2711&xuid=08fe9a51-a58a-4fa5-9535-67b8736b8034&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1353545
content-length: 0
expires: Sat, 14 Oct 2023 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 9D55
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=4652640509533943309&dongle=4d58&gdpr=0&gdpr_consent=

37 B
354 B

12ms
11ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=4652640509533943309&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 14 Oct 2023 15:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
an-x-request-uuid: d381ce65-44e0-402a-9c66-c79036b79664
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://eb2.3lift.com/xuid?mid=3335&xuid=4652640509533943309&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin: 5.181.234.132; 5.181.234.132; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3656&us_privacy=1---
https://u.4dex.io/setuid?bidder=freewheel&uid=2e5610ad4a38bab386155ea77412e9d&us_privacy=1---

0
15 B

73ms
72ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=freewheel&uid=2e5610ad4a38bab386155ea77412e9d&us_privacy=1---
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:26 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 14 Oct 2023 15:13:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://u.4dex.io/setuid?bidder=freewheel&uid=2e5610ad4a38bab386155ea77412e9d&us_privacy=1---
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1697296405976088-315

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame FCA0 2 KB
3 KB 32ms
9ms Script
text/html 8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70328892&p=158684&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158684&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 803fb3aa51617e6431af40bf9a9df070806b3a0b5468812274a1b2506750bd7d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 14 Oct 2023 15:13:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

dcm Show response
s.amazon-adsystem.com/ Frame C1D9
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=604B7506-F320-425D-A2DB-058DC89D91B0&redir=true&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=604B7506-F320-425D-A2DB-058DC89D91B0&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

42ms
38ms

Document
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=604B7506-F320-425D-A2DB-058DC89D91B0&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158684&gdpr=0&gdpr_consent=&us_privacy=1---

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 14 Oct 2023 15:13:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: QE8J6NP1161PH1F5G999

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 14 Oct 2023 15:13:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=604B7506-F320-425D-A2DB-058DC89D91B0&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: FWTXJY50D4F5WJYPZYQV

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A9DF
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDYUNFN0tWV0FBQUJ3TGZQQnhVZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partneruserid=AACaCE7KVWAAABwLfPBxUg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252C...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3796168301766332927&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?ev=AACaCE7KVWAAABwLfPBxUg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3796168301766332927%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3796168301766332927&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=A...
https://sync.technoratimedia.com/services?uid=AACaCE7KVWAAABwLfPBxUg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3796168301766332927%26gdpr%3D0%26gdpr%3D0%...
https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D75349DAF358D41BEB41C7EC7E3F6BA1D%26att%3D1%26pid%3D82%26cb%3Dhttps%...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D75349DAF358D41BEB41C7EC7E3F6BA1D%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F...
https://sync.technoratimedia.com/services?srv=cs&nuid=75349DAF358D41BEB41C7EC7E3F6BA1D&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3796168301766332927%26gdp...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3796168301766332927&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACaCE7KVWAAABwLfPBxUg&gdpr=0

42 B
279 B

10ms
10ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACaCE7KVWAAABwLfPBxUg&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158684&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 14 Oct 2023 08:16:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 14 Oct 2023 15:13:25 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACaCE7KVWAAABwLfPBxUg&gdpr=0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B318
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4652640509533943309&gdpr=0&gdpr_consent=

42 B
447 B

22ms
6ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4652640509533943309&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158684&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 14 Oct 2023 15:13:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 6bffd35f-12c0-4dd9-a71b-6712819d4989
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 14 Oct 2023 15:13:25 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4652640509533943309&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 5.181.234.132; 5.181.234.132; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FCA0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YEt1BvMgQl2i2wWNyJ2RsA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

6ms
4ms

Image
text/html

23.48.144.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.48.144.247 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-48-144-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:25 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=137385
accept-ranges: bytes
content-length: 5606
expires: Mon, 16 Oct 2023 05:23:10 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame FCA0
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=604B7506-F320-425D-A2DB-058DC89D91B0
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=604B7506-F320-425D-A2DB-058DC89D91B0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ebee18d4-8456-4a05-830c-d7ca2f013150%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ade366f-290d-4b4c-b61e-aead62f41cf7&ttd_puid=ebee18d4-8456-4a05-830c-d7ca2f013150%2C%2C

95 B
124 B

27ms
26ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ade366f-290d-4b4c-b61e-aead62f41cf7&ttd_puid=ebee18d4-8456-4a05-830c-d7ca2f013150%2C%2C

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1ade366f-290d-4b4c-b61e-aead62f41cf7&ttd_puid=ebee18d4-8456-4a05-830c-d7ca2f013150%2C%2C
date: Sat, 14 Oct 2023 15:13:25 GMT
server: Kestrel
content-length: 359

GET
H2 403 FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame FCA0 0
0 42ms
11ms Image
text/html 40.76.134.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20604B7506-F320-425D-A2DB-058DC89D91B0&rnd=RND
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 xuid
eb2.3lift.com/ Frame FCA0 37 B
354 B 19ms
13ms Image
image/gif 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7976&xuid=604B7506-F320-425D-A2DB-058DC89D91B0&dongle=u6nf&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 14 Oct 2023 15:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FCA0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjA0Qjc1MDYtRjMyMC00MjVELUEyREItMDU4REM4OUQ5MUIw&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

34ms
10ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 14 Oct 2023 15:13:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FCA0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENFKir0c7h0-KPxSXrn11yI&google_cver=1

42 B
266 B

36ms
12ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENFKir0c7h0-KPxSXrn11yI&google_cver=1
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 14 Oct 2023 15:13:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENFKir0c7h0-KPxSXrn11yI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FCA0
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:668783CB8D214D7DB68307CF93EACE6D

42 B
366 B

34ms
11ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:668783CB8D214D7DB68307CF93EACE6D
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 14 Oct 2023 15:13:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Sat, 14 Oct 2023 15:13:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:668783CB8D214D7DB68307CF93EACE6D
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 13 Oct 2023 15:13:25 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FCA0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1ade366f-290d-4b4c-b61e-aead62f41cf7&gdpr=0&gdpr_consent=

42 B
312 B

14ms
7ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1ade366f-290d-4b4c-b61e-aead62f41cf7&gdpr=0&gdpr_consent=
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 14 Oct 2023 15:13:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1ade366f-290d-4b4c-b61e-aead62f41cf7&gdpr=0&gdpr_consent=
date: Sat, 14 Oct 2023 15:13:25 GMT
server: Kestrel
content-length: 355

GET
H2 200 604B7506-F320-425D-A2DB-058DC89D91B0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FCA0 43 B
603 B 2516ms
2331ms Image
image/gif 34.200.202.245

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/604B7506-F320-425D-A2DB-058DC89D91B0?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.200.202.245 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 2
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame FCA0
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=604B7506-F320-425D-A2DB-058DC89D91B0&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=604B7506-F320-425D-A2DB-058DC89D91B0&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UjK.agJE2uUV7IvayhHuFYDAX9d.qGA-~A&gdpr=0

0
260 B

29ms
5ms

Image
text/plain

162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UjK.agJE2uUV7IvayhHuFYDAX9d.qGA-~A&gdpr=0
Protocol: H2
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:25 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-UjK.agJE2uUV7IvayhHuFYDAX9d.qGA-~A&gdpr=0
date: Sat, 14 Oct 2023 15:13:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FCA0
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=604B7506-F320-425D-A2DB-058DC89D91B0&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=247b7ca668f7104b&is_secure=true&networkId=17100&version=1&nuid=604B7506-F320-425D-A2DB-058DC89D91B0&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAG-wpxBaDQQwNK6JfRAAAAAAA&expiration=1697382806&nuid=604B7506-F320-425D-A2DB-058DC89D91B0&...

42 B
376 B

6ms
5ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAG-wpxBaDQQwNK6JfRAAAAAAA&expiration=1697382806&nuid=604B7506-F320-425D-A2DB-058DC89D91B0&is_secure=true&gdpr_consent=&gdpr=0
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 14 Oct 2023 15:13:26 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:26 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAG-wpxBaDQQwNK6JfRAAAAAAA&expiration=1697382806&nuid=604B7506-F320-425D-A2DB-058DC89D91B0&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame FDD5
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NJbpgmCT6tYvwenTMpH2h2CX69cvx-2FO5unxGvW

43 B
61 B

34ms
33ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NJbpgmCT6tYvwenTMpH2h2CX69cvx-2FO5unxGvW
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=765fac68-b57c-489c-8ec7-92aeec542751&gdpr=0&us_privacy=1---
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NJbpgmCT6tYvwenTMpH2h2CX69cvx-2FO5unxGvW
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame FDD5
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1943222738216027918

43 B
106 B

101ms
100ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1943222738216027918
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=765fac68-b57c-489c-8ec7-92aeec542751&gdpr=0&us_privacy=1---
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1943222738216027918
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame FDD5
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=3df1a52c-0e76-ca9a-00cd-9da27143e878
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=3df1a52c-0e76-ca9a-00cd-9da27143e878&dcc=t

43 B
855 B

234ms
234ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=3df1a52c-0e76-ca9a-00cd-9da27143e878&dcc=t

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=765fac68-b57c-489c-8ec7-92aeec542751&gdpr=0&us_privacy=1---

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Oct 2023 15:13:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: D8TAMFMQ09YQEDRJ49WV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 14 Oct 2023 15:13:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K69S56SYGP7REYWSK8EQ
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=3df1a52c-0e76-ca9a-00cd-9da27143e878&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FDD5
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=6527d951-12dc-7160-c0c3-1f3519702398&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1ade366f-290d-4b4c-b61e-aead62f41cf7&ttd_puid=6527d951-12dc-7160-c0c3-1f3519702398&gdpr=0&gdpr_consent=

43 B
257 B

96ms
91ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=1ade366f-290d-4b4c-b61e-aead62f41cf7&ttd_puid=6527d951-12dc-7160-c0c3-1f3519702398&gdpr=0&gdpr_consent=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=765fac68-b57c-489c-8ec7-92aeec542751&gdpr=0&us_privacy=1---
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=1ade366f-290d-4b4c-b61e-aead62f41cf7&ttd_puid=6527d951-12dc-7160-c0c3-1f3519702398&gdpr=0&gdpr_consent=
date: Sat, 14 Oct 2023 15:13:25 GMT
server: Kestrel
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame FDD5 170 B
232 B 46ms
44ms Image
image/png 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDk0ODBhOWItZGJhYi0yZmM0LWQ1MjMtNDU4Y2QzOTJlZGY4

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=765fac68-b57c-489c-8ec7-92aeec542751&gdpr=0&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FDD5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJqTkD723CNrOBdM6EIE6uE&google_cver=1

43 B
106 B

101ms
99ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJqTkD723CNrOBdM6EIE6uE&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=765fac68-b57c-489c-8ec7-92aeec542751&gdpr=0&us_privacy=1---
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:13:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJqTkD723CNrOBdM6EIE6uE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame FCA0 0
128 B 7ms
5ms Script
text/plain 162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158684&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158684&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:13:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/c/102/112/2/8.gif?puid=FDE70105006A576C&gdpr=0&gdpr_consent=

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1310

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/triplelift/2087471286221105333439?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

93 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 17:37:52	Name: sync Value: CgoIoQEQ7qX_9bIxCgoI4gEQ7qX_9bIxCgoItAIQ7qX_9bIxCgoI5gEQ7qX_9bIxCgoIhwIQ7qX_9bIxCgoItwIQ7qX_9bIxCgkIOhDupf_1sjEKCgiMAhDupf_1sjEKCQhfEO6l__WyMQoJCB8Q7qX_9bIx
.www.wickbot-verify.xyz/	1970-01-20 15:29:42	Name: __cf_mw_byp Value: 0YLFwa97csy2GH7R.XbJb1BgfOYrnQpppWrUtMXRlXE-1697296392-0-/
.captcha.bot/	1970-01-21 01:04:16	Name: _ga_VT1JT14S09 Value: GS1.1.1697296400.1.0.1697296400.60.0.0
.captcha.bot/	1970-01-21 01:04:16	Name: _ga Value: GA1.1.951842731.1697296400
.captcha.bot/	1970-01-21 00:13:52	Name: cf_clearance Value: tRzYh0Txvn852_jtgQQD7SKM4GaB7LQcqTurbmPUQZY-1697296400-0-1-47af432d.66a3482c.10ae1ccd-0.2.1697296400
captcha.bot/	1970-01-20 15:38:21	Name: geo-store-location Value: {"countryCode":"US","stateProvCode":"NY","stateProv":"New%20York","isEuMember":"false","version":"1.0"}
.captcha.bot/	1970-01-21 01:04:16	Name: _ga_0CPE0JFSCT Value: GS1.1.1697296401.1.0.1697296401.0.0.0
captcha.bot/	1970-01-20 16:11:28	Name: _pbjs_userid_consent_data Value: 6683316680106290
.captcha.bot/	1970-01-21 00:13:52	Name: _sharedid Value: b68be608-bb5b-4e97-9a15-d7dd7d571065
captcha.bot/	1970-01-21 00:13:52	Name: consentUUID Value: e95e02ac-5b0e-4bc1-88a3-59e1f719ccbd
api2.hcaptcha.com/	1970-01-20 15:28:18	Name: __cflb Value: 0H28vk2VKwPbLoawFincekpozDKK5F2cbnSfYuDKFwB
.openx.net/	1970-01-21 00:13:52	Name: i Value: b68be608-bb5b-4e97-9a15-d7dd7d571065\|1697296401
.script.ac/	1970-01-20 15:28:18	Name: __cf_bm Value: xjf4ub6HKfnfZe4RTOGTyS1QuYCAAmG08aTHCgCPSak-1697296402-0-ASzgivP+MXrVMRhuUj0R7b0T/48UPaOa8o1VWpR2IyNicrTXMHNzEPrU/3ityz19TdMO7XXEQXdV4SAU3Nw5HVc=
.scorecardresearch.com/	1970-01-21 01:04:16	Name: UID Value: 11102f40ac50042233abb771697296402
.smartadserver.com/	1970-01-21 00:58:30	Name: pid Value: 3796168301766332927
.adnxs.com/	1970-01-20 17:37:52	Name: uuid2 Value: 4652640509533943309
.everesttech.net/	1970-01-21 00:13:52	Name: everest_g_v2 Value: g_surferid~ZSqwEgAXw0ys2QBY
.sharethrough.com/	1970-01-20 16:11:28	Name: stx_user_id Value: ef20d4aa-c394-4a2d-8d22-9dca4235cc31
.captcha.bot/	1970-01-21 00:49:52	Name: __gads Value: ID=2e9efe7243ffbe64:T=1697296402:RT=1697296402:S=ALNI_MZo5gatORSobLKdWLKxlNFfDA1rBw
.captcha.bot/	1970-01-21 00:49:52	Name: __gpi Value: UID=000009fe2d2237fe:T=1697296402:RT=1697296402:S=ALNI_MZb5UsvASkvhqDYin-B01maoKeB-g
.bidr.io/	1970-01-21 00:56:50	Name: bito Value: AACaCE7KVWAAABwLfPBxUg
.bidr.io/	1970-01-21 00:56:50	Name: bitoIsSecure Value: ok
.adsrvr.org/	1970-01-21 00:15:18	Name: TDID Value: 1ade366f-290d-4b4c-b61e-aead62f41cf7
.eyeota.net/	1970-01-21 00:15:18	Name: mako_uid Value: 18b2ebfcc56-4a900000010a4d0c
.eyeota.net/	1970-01-20 15:28:17	Name: SERVERID Value: 19724~DM
.criteo.com/	1970-01-21 00:49:52	Name: uid Value: 08fe9a51-a58a-4fa5-9535-67b8736b8034
.doubleclick.net/	1970-01-21 01:04:16	Name: IDE Value: AHWqTUk1KCFLUoaXdUAXMlm9KVkLuzuflEDNsDJTcNYIKVdC6gPURzTHvM2Ah1_Z4zU
.doubleclick.net/	1970-01-20 15:28:20	Name: DSID Value: NO_DATA
.adform.net/	1970-01-20 16:12:54	Name: C Value: 1
.adform.net/	1970-01-20 16:54:40	Name: uid Value: 1943222738216027918
.360yield.com/	1970-01-20 17:37:52	Name: tuuid Value: 459e2523-3b73-4edd-a932-d50aa89e2915
.360yield.com/	1970-01-20 17:37:52	Name: tuuid_lu Value: 1697296404
.semasio.net/	1970-01-21 00:13:52	Name: SEUNCY Value: FDE70105006A576C
.id5-sync.com/	1970-01-20 17:37:52	Name: 3pi Value: 112#1697296404573#-514578480#FDE70105006A576C\|2#1697296403405#-971960306#4652640509533943309\|102#1697296403020#1062661569\|264#1697296403315#639159858#1ade366f-290d-4b4c-b61e-aead62f41cf7\|10#1697296404265#-905872847#1943222738216027918\|155#1697296403185#-2090516931#AACaCE7KVWAAABwLfPBxUg\|123#1697296403614#168461651
captcha.bot/	1970-01-20 15:28:20	Name: _lr_retry_request Value: true
captcha.bot/	1970-01-20 16:11:28	Name: _lr_env_src_ats Value: false
captcha.bot/	1970-01-20 16:54:40	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%221ade366f-290d-4b4c-b61e-aead62f41cf7%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-09-14T15%3A13%3A25%22%7D
.3lift.com/	1970-01-20 17:37:52	Name: tluid Value: 2087471286221105333439
.id5-sync.com/	1970-01-20 17:37:52	Name: id5 Value: 2efad611-ed8f-73e5-a705-b1c97555bb32#1697296402801#3
.openx.net/	1970-01-20 15:49:52	Name: pd Value: v2\|1697296405\|gen0vNvQiygu
.bidswitch.net/	1970-01-21 00:13:52	Name: tuuid Value: 841089db-f6aa-40c9-89ff-f7268b35256d
.bidswitch.net/	1970-01-21 00:13:52	Name: c Value: 1697296405
.bidswitch.net/	1970-01-21 00:13:52	Name: tuuid_lu Value: 1697296405
.pubmatic.com/	1970-01-21 00:13:52	Name: KADUSERCOOKIE Value: 604B7506-F320-425D-A2DB-058DC89D91B0
.pubmatic.com/	1970-01-20 17:37:52	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 15:29:42	Name: pi Value: 158684:2
.pubmatic.com/	1970-01-20 17:37:52	Name: DPSync3 Value: 1698451200%3A201_263%7C1697328000%3A248%7C1697846400%3A265
.pubmatic.com/	1970-01-20 17:37:52	Name: SyncRTB3 Value: 1698451200%3A21_13_54_250_3_220_71_166%7C1697846400%3A223_15
.creative-serving.com/	1970-01-21 00:49:52	Name: tuuid Value: af49f442-70fe-4077-a586-231693885f09
.creative-serving.com/	1970-01-21 00:49:52	Name: c Value: 1697296405
.creative-serving.com/	1970-01-21 00:49:52	Name: tuuid_lu Value: 1697296405
.pubmatic.com/	1970-01-20 17:37:52	Name: KRTBCOOKIE_57 Value: 22776-4652640509533943309&KRTB&23339-4652640509533943309
.pubmatic.com/	1970-01-20 17:37:52	Name: KRTBCOOKIE_377 Value: 6810-1ade366f-290d-4b4c-b61e-aead62f41cf7&KRTB&22918-1ade366f-290d-4b4c-b61e-aead62f41cf7&KRTB&22926-1ade366f-290d-4b4c-b61e-aead62f41cf7&KRTB&23031-1ade366f-290d-4b4c-b61e-aead62f41cf7
.tapad.com/	1970-01-20 16:54:40	Name: TapAd_TS Value: 1697296405418
.tapad.com/	1970-01-20 16:54:40	Name: TapAd_DID Value: ebee18d4-8456-4a05-830c-d7ca2f013150
.yahoo.com/	1970-01-21 00:14:14	Name: A3 Value: d=AQABBBWwKmUCEDSSCt9znYiofqMNvb3earcFEgEBAQEBLGU0Zdwt0iMA_eMAAA&S=AQAAAkUYXLfl2gAcrDLZC365d_M
.simpli.fi/	1970-01-21 00:15:18	Name: suid Value: 668783CB8D214D7DB68307CF93EACE6D
.analytics.yahoo.com/	1970-01-21 00:13:52	Name: IDSYNC Value: 18z8~2eh3
.smartadserver.com/	1970-01-21 00:15:18	Name: csync Value: 94:ZSqwEgAXw0ys2QBY\|111:ID5-1f526R2x7e55u7d548nXjCHZ8C4Qws_X3GlAZc8J2w\|127:AACaCE7KVWAAABwLfPBxUg\|139:0
.adsrvr.org/	1970-01-21 00:15:18	Name: TDCPM Value: CAESFgoHc3Z4OXQ1MBILCLKJktLEtKY8EAUSFwoIcHVibWF0aWMSCwigusfTxLSmPBAFEhQKBXRhcGFkEgsIpvmX1MS0pjwQBRgBIAEoAjILCOTvmoHbtKY8EAU4AVoFdGFwYWRgAg..
.pubmatic.com/	1970-01-20 16:11:28	Name: KRTBCOOKIE_148 Value: 19421-uid:668783CB8D214D7DB68307CF93EACE6D&KRTB&23486-uid:668783CB8D214D7DB68307CF93EACE6D&KRTB&23489-uid:668783CB8D214D7DB68307CF93EACE6D
.pubmatic.com/	1970-01-20 17:37:52	Name: KRTBCOOKIE_80 Value: 22987-CAESENFKir0c7h0-KPxSXrn11yI&KRTB&23025-CAESENFKir0c7h0-KPxSXrn11yI&KRTB&23386-CAESENFKir0c7h0-KPxSXrn11yI
.amazon-adsystem.com/	1970-01-21 01:04:16	Name: ad-privacy Value: 0
.tapad.com/	1970-01-20 16:54:40	Name: TapAd_3WAY_SYNCS Value: 1!6903
.openx.net/	1970-01-20 15:49:52	Name: univ_id Value: 537072971\|1ade366f-290d-4b4c-b61e-aead62f41cf7\|1697296405452275
.contextweb.com/	1970-01-21 00:06:40	Name: V Value: SBH5XNYvcari
.contextweb.com/	1970-01-21 00:13:52	Name: pb_rtb_ev Value: 3-1ney\|7dN.0.AACaCE7KVWAAABwLfPBxUg
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: fbe2ecc6fde89b80
.captcha.bot/	1970-01-21 00:49:16	Name: cto_bundle Value: B2g0Cl9SSU1oN2tISFhwdktRdEh5YlZxcWNybnpTNktGblklMkZyNlRsayUyQnJZRFRZdzdrVUtxMFRGRkdKZEQ3VkFMUUpCdENDNUphUlZIZjZFaWJ5bmtSRTZBdEhNNlp4MUdHN3JNQUlqT011eEd5aUNzcklTQlVsQ05KQlZVVkRFZTZWZ1oyZkFUOXZ2UmNVbzhEQzN0VVZpMkVRJTNEJTNE
.captcha.bot/	1970-01-21 00:49:16	Name: cto_bidid Value: wgL_h191WUw0cXBOeFV1MEt5RUpiNyUyRmh3NW1qYkZraW5aVDRzMkpsN3ZCWUJaQlUlMkZiZ0RWSkIzWlEwc2U2ckFkSkY4RUp0NHRXVkl1REVwaUg1SnNIWUklMkZtdjklMkJBQ3UlMkZyYXlkSWFPRGdla0RIY0klM0Q
.linkedin.com/	1970-01-20 17:37:52	Name: li_sugr Value: 69605025-cc9b-439d-a68f-f1ba82c86995
.linkedin.com/	1970-01-21 00:13:52	Name: bcookie Value: "v=2&db919672-6404-4a82-8617-b0d365aa9261"
.linkedin.com/	1970-01-20 15:29:42	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3022:u=1:x=1:i=1697296405:t=1697382805:v=2:sig=AQEWImLg4pvUnjWtb5WulezTKmc-JEjA"
.bing.com/	1970-01-21 00:49:52	Name: MUID Value: 2A92A4899E1466C228F6B7239F9E67B0
.c.bing.com/	1970-01-20 15:38:21	Name: MR Value: 0
.quantserve.com/	1970-01-20 17:37:52	Name: d Value: ELcBDAGXKoqsMA
.quantserve.com/	1970-01-21 00:58:30	Name: mc Value: 652ab015-b2002-db404-d6f98
.technoratimedia.com/	1970-01-21 01:04:16	Name: tads_uidp_73 Value: AACaCE7KVWAAABwLfPBxUg
.technoratimedia.com/	1970-01-21 01:04:16	Name: tads_uid Value: 75349DAF358D41BEB41C7EC7E3F6BA1D
.technoratimedia.com/	1970-01-21 01:04:16	Name: tads_uid_cd Value: 20231014151325+0000
.technoratimedia.com/	1970-01-21 01:04:16	Name: tads_zora Value: 2
.casalemedia.com/	1970-01-21 00:13:52	Name: CMID Value: ZSqwFTNqeRT3oQMQTlRXgAAA
.casalemedia.com/	1970-01-20 17:37:52	Name: CMPS Value: 3550
.casalemedia.com/	1970-01-20 17:37:52	Name: CMPRO Value: 3550
.technoratimedia.com/	1970-01-20 15:32:35	Name: tads_uidp_82 Value: ZSqwFTNqeRT3oQMQTlRXgAAA&3550
.pubmatic.com/	1970-01-20 17:37:52	Name: KRTBCOOKIE_699 Value: 22727-AACaCE7KVWAAABwLfPBxUg
.amazon-adsystem.com/	1970-01-20 21:44:06	Name: ad-id Value: AzTVaSRFSk5phKuDvWdy6JI
.ads.stickyadstv.com/	1970-01-20 16:11:28	Name: UID Value: 2e5610ad4a38bab386155ea77412e9d
.4dex.io/	1970-01-20 16:54:40	Name: uids Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjMtMTAtMTRUMTU6MTM6MjEuODY3MjM1Nzg5WiIsImFwcG5leHVzIjoiMjAyMy0xMC0xNFQxNToxMzoyMS44Njc0MzM5MTJaIiwiZXBsYW5uaW5nIjoiMjAyMy0xMC0xNFQxNToxMzoyMS44NjczMjIxM1oiLCJmcmVld2hlZWwiOiIyMDIzLTEwLTE0VDE1OjEzOjIxLjg2NzE1OTk1WiIsImltcHJvdmVkaWdpdGFsIjoiMjAyMy0xMC0xNFQxNToxMzoyMS44Njc0NTk0MTdaIiwiaW5kZXhleGNoYW5nZSI6IjIwMjMtMTAtMTRUMTU6MTM6MjEuODY3MTMwNjM1WiIsIm9uZXRhZyI6IjIwMjMtMTAtMTRUMTU6MTM6MjEuODY3NTAyNzExWiIsIm9wZW54IjoiMjAyMy0xMC0xNFQxNToxMzoyMS44NjcxNzQ2NzlaIiwicHVibWF0aWMiOiIyMDIzLTEwLTE0VDE1OjEzOjIxLjg2NzM4ODQ2MVoiLCJydWJpY29uIjoiMjAyMy0xMC0xNFQxNToxMzoyMS44NjcwNTE4OTlaIiwic21hcnQiOiIyMDIzLTEwLTE0VDE1OjEzOjIxLjg2NzU4OTA5NVoiLCJzb3ZybiI6IjIwMjMtMTAtMTRUMTU6MTM6MjEuODY3MTUwMDYxWiIsInRyaXBsZWxpZnQiOiIyMDIzLTEwLTE0VDE1OjEzOjIxLjg2NzIxMjg4NFoiLCJ1bnJ1bHkiOiIyMDIzLTEwLTE0VDE1OjEzOjIxLjg2NzAwNzAwNFoifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiZGE4ZGFjNzAtNGEzNy00NjA1LTg0YzctZGZiYTQ4NjE0ZmU1IiwiZXhwaXJlcyI6IjIwMjMtMTItMTNUMTU6MTM6MjEuODY0NDAwNTMzWiJ9LCJmcmVld2hlZWwiOnsidWlkIjoiMmU1NjEwYWQ0YTM4YmFiMzg2MTU1ZWE3NzQxMmU5ZCIsImV4cGlyZXMiOiIyMDIzLTEyLTEzVDE1OjEzOjI2LjEzOTI5MjIzNFoifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiNDU5ZTI1MjMtM2I3My00ZWRkLWE5MzItZDUwYWE4OWUyOTE1IiwiZXhwaXJlcyI6IjIwMjMtMTItMTNUMTU6MTM6MjQuMzkzODU5Mzg1WiJ9LCJvcGVueCI6eyJ1aWQiOiJlOTJkZGRjNC1jNWI0LTQzYTgtOGM2YS0yMjEyYzJmMjJhNzAiLCJleHBpcmVzIjoiMjAyMy0xMi0xM1QxNToxMzoyMy40MTk4NDMyODFaIn0sInNtYXJ0Ijp7InVpZCI6IjM3OTYxNjgzMDE3NjYzMzI5MjciLCJleHBpcmVzIjoiMjAyMy0xMi0xM1QxNToxMzoyMi42NDE3ODMyNThaIn19LCJiZGF5IjoiMjAyMy0xMC0xNFQxNToxMzoyMS44NjQzMDQ3MDdaIn0=
.dotomi.com/	1970-01-20 15:28:16	Name: DotomiTest Value: 247b7ca668f7104b
.pubmatic.com/	1970-01-20 17:37:52	Name: KRTBCOOKIE_32 Value: 11175-AAAG-wpxBaDQQwNK6JfRAAAAAAA&KRTB&22713-AAAG-wpxBaDQQwNK6JfRAAAAAAA&KRTB&22715-AAAG-wpxBaDQQwNK6JfRAAAAAAA&KRTB&23519-AAAG-wpxBaDQQwNK6JfRAAAAAAA
.pubmatic.com/	1970-01-20 16:11:28	Name: PugT Value: 1697296406
.pubmatic.com/	1970-01-20 16:11:28	Name: SPugT Value: 1697296406

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.privacy-mgmt.com/wrapper/v2/pv-data?hasCsp=true&env=prod&ch=418206796431241009651d&scriptVersion=4.13.3&scriptType=unified Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id5-sync.com/c/102/112/2/8.gif?puid=FDE70105006A576C&gdpr=0&gdpr_consent= Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	error	URL: https://captcha.bot/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1310' from origin 'https://captcha.bot' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1310 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20604B7506-F320-425D-A2DB-058DC89D91B0&rnd=RND Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
analytics.google.com
api.btloader.com
api.rlcdn.com
api2.hcaptcha.com
b45d3a787b758ba92ae69d224b1ce510.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
boot.pbstck.com
btloader.com
c.bing.com
c1.adform.net
cadmus.script.ac
captcha.bot
cdn.ampproject.org
cdn.jsdelivr.net
cdn.pbstck.com
cdn.privacy-mgmt.com
challenges.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
dis.criteo.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
geoip.network-n.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
intake.pbstck.com
js.chargebee.com
js.hcaptcha.com
kumo.network-n.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
mp.4dex.io
networkn-d.openx.net
newassets.hcaptcha.com
pagead2.googlesyndication.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
privygg.chargebeestaticv2.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
sb.scorecardresearch.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.technoratimedia.com
tlx.3lift.com
tpc.googlesyndication.com
u.4dex.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.wickbot-verify.xyz
x.bidswitch.net
z.moatads.com
api.rlcdn.com
id5-sync.com
pr-bh.ybp.yahoo.com
104.16.168.131
104.16.57.101
104.17.2.184
104.18.2.114
104.18.22.145
104.18.27.193
104.22.1.93
104.26.3.70
104.26.6.110
104.26.6.139
104.26.8.169
104.36.115.111
13.107.21.200
13.107.42.14
130.211.23.194
138.199.40.58
141.148.8.2
142.250.31.156
151.101.193.229
151.101.194.49
159.127.42.41
162.19.138.83
162.248.18.34
162.248.18.37
172.217.13.104
172.217.13.129
172.217.13.130
172.217.13.132
172.217.13.162
172.217.13.166
172.217.13.174
172.217.13.194
172.217.13.202
172.217.13.206
172.217.13.97
172.217.13.99
172.67.181.252
18.211.184.20
18.238.25.72
18.238.25.94
185.167.164.39
192.184.68.134
193.122.130.38
198.148.27.131
206.189.125.55
23.105.12.136
23.48.144.247
23.48.145.205
23.83.76.68
3.160.22.119
3.160.5.46
3.233.146.171
34.111.113.62
34.149.40.38
34.200.202.245
34.200.65.202
34.95.69.49
35.194.66.159
35.211.178.172
35.244.159.8
40.76.134.238
52.223.22.214
52.223.40.198
52.23.63.120
52.4.122.177
52.46.130.91
52.72.202.96
52.72.216.167
63.251.28.133
67.220.226.233
68.67.179.164
74.119.119.129
74.119.119.131
74.119.119.139
74.119.119.150
8.28.7.81
8.28.7.83
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
0080818f813496cca45eec2321158dbe39a83492a8e07f475de282b28e771ac8
017a6d35c608b67709829c14f4e5623253fc42c0f8a868d000eb6885abfe8c18
042ef1ebee8ad449c71aefc3f0adcf4bdd701b07c74ade0fa6da63ce7df5a01f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
062e8ad7db60ba4743150e409d430e84c3cdbbba05cba579d4ef3ab23016596e
06d063d7e58bade3ae244489087afa82f9f7c59276cdd7dcfbb2a9b5b600c5da
07b8cb6354e3992ae1b8ad6c887ff275341c527eee55ba2bee59ddfd549b42aa
08a184bb8e17a3028350b402628040f572e5e6b2a57a5959c5acd78bfb1f5f9a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1dfcd2e83ee1c1bfad3b0bfaa2b916c65420d619ef516466e97276cfae2507
0e97fff79aa4c691696caec2a6b566c05d553f2411fa54f23bb627f0a5d3f77e
0f02ec031b6528236151ed6b95a702e387d183642e31d6721b682dcebb1847d0
0f7129bc8a18fde80c69132afa23cb252469090bd2e9030151b45631cc276c1b
10e80b1ab143582af97d6f653d0566090d455ae1bb14c09481ae296cfa354647
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19ff3397c011d5accec7152829fd1191a2a1a01ff4f5e5826d412318183e27ba
1a87310dacb8e83018f2cbb037552a79868dafb9214613d442581b3f3eeea914
1dd3b33ea7c133e8b5a4560c9483a29e31835fc2d824831e527c5d03c2ceb579
214ef4f4bf69f7aa8baf79f05123244fbca540fa1a1da6148bc1396f13bc615b
2498aa5cd234e02ed13bab1e374faf9d9c5a1530b53edb14dc8740c70b5a000a
26523182f32244da4f398a2779e7ed802ca994fc0be744fa3c2fdc186bd89acd
2b9acfa0116c673d4ce94ecd90abc08387041daf4b11ef9f7c48bf01f80a590c
2d559f55a5d9fcb382a0df0f23b9b0d133cfb2e2ebd71c89a78121118eb4d1e5
2f5b15472a8914487b1718df3e7b2723f3206bf3204ba064bcac0669aab99417
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
32b756bfa32d3c2a0a584ebaa8d5050f9db464fe5a7c7ca25bd54ebfea5b15fd
338f112655f5b4f5fb9b63471ecceb1a6ff0934952b72a82d36c97103611a7dd
36055e20a57cff96e85e4b29f811d811dbfad19ee2b7831dab67f5bc5c12e8e8
3605b6c4de659f5343c81343c56be71561023c462fb7d90623523c81e0ad8997
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
389bcd8bd2c778873a0f6ef3ca9619272610555edb7010a58bc9982a6586d357
39d0d47dced882810764d0d5f9d1e7d5d2accf99f1acb428f50e85c7e8e0224e
3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546
3dd6334bbbdabc6a816851f5c2c4a71193190a0569359d4f8834e45b57e10dfb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4383437e4c7973582c6fa37a8693ce3d30e4026a462995671533ef885b0a130a
45081b381b2448cac81c3cc81ed427d216719a54890a2242e691ab7608a0ada8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49020ca4543c0f3dc0f8eaee07b2dbdd884e23288133c1ae9da377658d2a843f
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
4c312c83a48bedce6c0bc36d839175d3518b086ab48e654f849637ea9554b208
4d6c8141eb19ce2c58dc35d4641e55ac340dfa735fbc08a20a5ecde918fd49d6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
541344055050c46c93b77fddf2d7f018821eb38500e6fa795aa7883b16b934e6
55667ad15e32fbe6b4baf84d7d92990880c673f1b6af0c31cbdbebc2edfc1f5e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561825db32676c8e7a5ae038cb527094eafaca408aa5b51c5503184ef48bb637
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
57cec2f9d45727f5fc352cf95314767e857163e8bcc7b4cd21bb0f419f549fed
5b9d592cfe66f2c7ccfce0af01d2a8391dc82e7b19c013a69a15281117095119
5d9622bdebe74cbc290dd6633243794c170faf4ffeacaf4d257adbd69607b5e3
5fbdcfb777ce33aa6c5ef62ab691da6c6b64ecc927c65186a5437f761b8f7b8d
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60701d52f522e516788557a2002a7d7db8cd97d4b0f1bd8fb1c73b2bda17ae5a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e69f1c3711825b5166ddcbd07539e556ce7068917ad7701a5af5b4814f33
628270db738e4e47256b685a8283e13d18331d1045dfadcc48791eb896fbb26f
62d056f363b8b39fd0f85690a31012fcb6f1f0cef642bb247fc8ae627e33ac6d
658ffd74a97d16dd5aee5d87942e1c02de47d2ddedddb146435f29dd59990850
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
669023d17050b609be40a4a308c21f6b697bcaa8d64676f2921b435941dbb03e
6800d363cb5a534231c868a110cc4762d636d4df062c41a407c1c091e959e96f
6929108ddef12f0862048062e7da05af2553c82c866646ffbae96a47360c5c76
6a15182680bbb1a5ecf3f1e85c57a921831ac46605eabf2e17381e8a2a8937a0
6ab6aea6be2db01c3ed0503f1eae4aa2a770fd4a02942272bd089c317dd4d4a5
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7a929bcd8cce2585ea3be49e84b6735c35debe93e48f62f5dd7e4fc4b33825e5
7bc27bd02b8e5f0aec1cdd9355bbced8478d537e3e07215cafc62075355a4304
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
803fb3aa51617e6431af40bf9a9df070806b3a0b5468812274a1b2506750bd7d
842fea842197879ad5afa91048cc2986038f1d873b69691231b45d40e7ddf864
848bc1151024639f3b0fe6a11bdb96d4eb08e13bbd16b5194b72cf0b60b0718e
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
885830666e510620eb0fc84df7206a7719bf3e8d5c38ac24a859c7e6e10dd439
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a1de67bfcc56567df86d36c2d87faa71bc585d820e7c5eb36acf647ec1d4a18
8fe09cd7d95970bdc2eb05e5583c428ba5c057b63d66c50c282169217b635813
93a69cbdd8926d0eb89dc1b0f8eba48fdb3a2abfe037b999b373696791d6a268
93dc5afee0d7c64a418ee3804bb76f9855e7ff5a501a26ed29cd544f066bb6d3
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
950487041eb8b857d86436c10b487f194b9b97a4205366978d9b945de8164ccb
951123e0869b65f4b5804038d441206251f835f9e1d5e344c6c4bdcde727e33e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9dbcfd04b47b94d2c207f4806bb2bdf5c3e77c222e95a3c2264180eab1f58cab
9e424ab30e57e903c77ed203fd48b8e240c9333d18eada751c7a5744ad5ac5f7
9e63268459915ec9fe252ec8e4f3fcecf4fb3be970b579ebfcf64f294419c7df
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
a40e424d54800fc2704682930d3be386d0280b96a03869db6bf3894218f1eb7d
a69ab7839896b2e8d6acd561f231993ada2f07c995bb2263887324f7386a3fed
a71902890d932247a4c1a8f83c6f0b8dd7a6e7a12d64524559aa158c9a19f1db
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae45c1844c8f2c1bdf41dfda57c40bff31a4d7ec02520c045851cc38b83254fa
b1dbf3e6920c6e83b660261fc1aecd7a0b322929b9ff017bc197591c132dde23
b3d215c620df0dc34367ff106ebf0aa5aac565a848508702dd59f50b3487d3b2
b4aedae609aaed9eee18be831f2f68431bbf164fee995c3778b3d967e78a89dc
b9e628e0aee50e648e0c9e0440b6a8eb5c4641ccb80f2606cb3e23580ef03822
b9eab613f27dc9efb747630f963208741cc088b586edfbfdaaebf7d733dc2d63
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba3a253608d50cff0174ea1102b3ff4e93993be25d07c0e0223f20f19c37382
bfe8371fda5d99284c37c1f1276c3241dd2c50dbdb27d2ac3119644c1cced041
c05c7d5d9996825f3f9b332f337cc7dbc20429eaec389252653b2ed71ecb57c9
c109078ee12e27dc51c2f90e73f9275e7a6b2f1f980435306c3c494094f4e271
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c3b1c309fa26cd16ba5254f2452b8d9e33a34825c5dddbe6a8e7248e4aa0eb3a
c52c2add27a2ed187cbf775b4ebb41181de57f9182c6efd57526c97dce5c0eaf
c6026b5e35c99959ff49bb57e086263c3145cf10054c10448b944348d7a3d2ab
c86b8ee66b99ba6f356124a3e00b088bdfbbba27acaecf4d95ab113875c95702
c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd
cadd78ac6f1a0c5c7fbb588e634feb8da47508cc5fd0ac0c3d86a6f007a1ac50
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d057c168900930935083f50b73f6fdc5246adddeb0a5d2bdc26a36d840067b30
d67b5cb376cf9b69d457c2b043e7b62298ffbdc3a023ceb53491a3de8b80d224
d8c4b448064b6407a3fe0424bec0d6cdec89e865223be603653cb8417fc5b1c7
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d96a415933700f3aa03e86b13fafae24fa8b0e7d563882c460490826372d2b7b
db9cf405750f735875d15e818d2a914d9da5e585bb679bf133030313050129d7
deef0be7fbc792b7c0ad26ccc64c652864d481380a6c8b0a47fc5499b91d93a8
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e1d36f02360d0ea003af2beb3f5e59387d62a80d5daa71a4b1be187e7da7a148
e2a0ebb4c1e2bfeb215c6d41bb6c4fb0fac5a228fddf6a4bc77ef08e7f2e7477
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c0e37a2af5a201890dee5fa3429d12755f1048526b20f2f59fd361718995df
ec917c37709c36f386d3c560ad305163261beae8c634482c68638795843411ac
edb2010c5df1126fb248d0ec434aae2f8293f4f7182081eeeb6f9bb64bf0e9ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f1f0f83f53adcd0e9bc4cccfc072381711fcc862569583f010b4567b297dd54f
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f6eef34a0c9e985e995c924486d23ac237ae9e428763dd934b07ad65626526c3
fc199896e3265b455b71f95436abb463f1c18c78d2658a01256ed0932cfc000c
fc76ac242d22a654b36f7f5bcbb04e6ede032dc2ddf5c6d97c2e2800d01271f0

captcha.bot Open in urlscan Pro 104.26.6.110 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

208 Requests

83 %HTTPS

0 %IPv6

57 Domains

89 Subdomains

62 IPs

6 Countries

2859 kBTransfer

7253 kBSize

93 Cookies

5 Outgoing links

Page URL History

Redirected requests

208 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

captcha.bot Open in urlscan Pro
104.26.6.110 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

208
Requests

83 %
HTTPS

0 %
IPv6

57
Domains

89
Subdomains

62
IPs

6
Countries

2859 kB
Transfer

7253 kB
Size

93
Cookies

208 HTTP transactions
6 data transactions