bitcoinist.com Open in urlscan Pro
104.156.49.28 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Submission: On July 01 via manual (July 1st 2021, 7:27:21 pm UTC) from US

Summary HTTP 56 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 56 HTTP transactions. The main IP is 104.156.49.28, located in Temecula, United States and belongs to HVC-AS, US. The main domain is bitcoinist.com.

This is the only time bitcoinist.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	104.156.49.28 104.156.49.28	29802 (HVC-AS) (HVC-AS)
19	195.201.242.21 195.201.242.21	24940 (HETZNER-AS) (HETZNER-AS)
11	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
56	9

5 104.156.49.28 (Temecula, United States)

ASN29802 (HVC-AS, US)
PTR: 104-156-49-28.static.hvvc.us

bitcoinist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 195.201.242.21 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.21.242.201.195.clients.your-server.de

servedbyadbutler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	servedbyadbutler.com servedbyadbutler.com	489 KB
18	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	105 KB
6	doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	32 KB
6	googletagservices.com www.googletagservices.com	114 KB
5	bitcoinist.com bitcoinist.com	1 MB
2	2mdn.net s0.2mdn.net	159 KB
56	6

	Domain	Requested by
19	servedbyadbutler.com	bitcoinist.com servedbyadbutler.com
12	pagead2.googlesyndication.com	ad.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com bitcoinist.com
6	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
6	www.googletagservices.com	servedbyadbutler.com www.googletagservices.com ad.doubleclick.net
5	bitcoinist.com	bitcoinist.com
4	googleads4.g.doubleclick.net	ad.doubleclick.net
2	s0.2mdn.net	ad.doubleclick.net
2	ad.doubleclick.net	www.googletagservices.com
56	8

This site contains links to these domains. Also see Links.

Domain
nexo.io
servedbyadbutler.com
ad.doubleclick.net
twitter.com
www.aaxpro.com
mbitcasinopartners2.com
www.facebook.com
www.linkedin.com
telegram.me
bs.direct

Subject Issuer	Validity	Valid
bitcoinist.com cPanel, Inc. Certification Authority	`2021-05-15` - `2021-08-13`	3 months	crt.sh
servedbyadbutler.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2021-08-01`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Frame ID: CCC3BDD38461D33C21F26DEADB455A2C
Requests: 24 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 787671F426727A3D7086D6290DA43F29
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1224350.1921203NEWSBTC/B24082269.272302795;dc_ver=76.220;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1703049611;ord=h2oj3r;dc_rfl=1,http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US$0;xdt=0;crlt=Py9Ya!(Zkf;sttr=27;prcl=s
Frame ID: 677A2B6ED3B7754F6BF8CCAF2759EA7D
Requests: 10 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: F6C4CF9E4277D41705865637A30C8B47
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N1224350.1921203NEWSBTC/B24082269.279526477;dc_ver=76.220;dc_eid=40004000;sz=1200x90;u_sd=1;nel=1;dc_adk=1633536228;ord=2ug1l2;dc_rfl=1,http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US$0;xdt=0;crlt=Py9Ya!(Zkf;sttr=12;prcl=s
Frame ID: 51914FF8AA524C4B3B23FB49F219B346
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D77E401C2076CF6824873FE2964021CB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B49573CE538011C828D88CDC20BAF969
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
Frame ID: D35AD5A18F0E8AAFC4A2EAAE764A18D2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
Frame ID: 8BDA95689F015A0AA30BC942EB28FA91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

56
Requests

66 %
HTTPS

56 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

2224 kB
Transfer

2690 kB
Size

1
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://nexo.io/?utm_source=bitcoinist&utm_medium=fixed&utm_campaign=bitcoinist_logo_dec20&utm_term=earnoncrypto&utm_content=logo
Title:

Search URL Search Domain Scan URL

URL: http://servedbyadbutler.com/redirect.spark?MID=172179&plid=1466616&setID=476003&channelID=0&CID=460424&banID=520207882&PID=0&textadID=0&tc=1&mt=1625167618564207&sw=1600&sh=1200&spr=1&hc=cdbe442d5ef9ba69c3380dfa8405f6333cfa50e0&location=

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/clk/484732146;291484783;u
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/WietseWind/status/1220409071846809606
Title: again

Search URL Search Domain Scan URL

URL: https://www.aaxpro.com/en-US/ad-sign-up/?utm_source=bitcoinist&utm_medium=text&utm_campaign=brand
Title: Get 110 USDT Futures Bonus for FREE!

Search URL Search Domain Scan URL

URL: http://servedbyadbutler.com/redirect.spark?MID=172179&plid=1326319&setID=367529&channelID=0&CID=460423&banID=520207874&PID=0&textadID=0&tc=1&mt=1625167618562979&sw=1600&sh=1200&spr=1&hc=235d5a5a102d2cc9d86d80f3ed2ebe5ecdedef9b&location=

Search URL Search Domain Scan URL

URL: https://twitter.com/Twitter
Title: @Twitter

Search URL Search Domain Scan URL

URL: https://twitter.com/xrptipbot
Title: @xrptipbot

Search URL Search Domain Scan URL

URL: https://twitter.com/WietseWind/status/1220470568165822465
Title: update

Search URL Search Domain Scan URL

URL: https://twitter.com/WietseWind/status/1220470960341557248
Title: tweeted

Search URL Search Domain Scan URL

URL: https://mbitcasinopartners2.com/a66a32636
Title: 5 BTC + 300 Free Spins for new players & 15 BTC + 35.000 Free Spins every month, only at mBitcasino. Play Now!

Search URL Search Domain Scan URL

URL: http://servedbyadbutler.com/redirect.spark?MID=172179&plid=1466635&setID=476001&channelID=0&CID=460423&banID=520207874&PID=0&textadID=0&tc=1&mt=1625167618562398&sw=1600&sh=1200&spr=1&hc=25bcb2a04fa57524e080711d2115e1d0b7ccf779&location=

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2F
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=XRPTipBot+Gets+Twitter+Ban+Over+%E2%80%98Impersonation%E2%80%99+Claims&url=https%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2F
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2F&title=XRPTipBot+Gets+Twitter+Ban+Over+%E2%80%98Impersonation%E2%80%99+Claims
Title: Share

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2F&text=XRPTipBot+Gets+Twitter+Ban+Over+%E2%80%98Impersonation%E2%80%99+Claims
Title: Share

Search URL Search Domain Scan URL

URL: https://bs.direct/b2d24b0d6
Title: BitStarz Player Lands $2,459,124 Record Win! Could you be next big winner?

Search URL Search Domain Scan URL

URL: http://servedbyadbutler.com/redirect.spark?MID=172179&plid=1466638&setID=476002&channelID=0&CID=379029&banID=519875799&PID=0&textadID=0&tc=1&mt=1625167618561871&sw=1600&sh=1200&spr=1&hc=3f18bb8dce7d2d62794df17e33a7bcdd1c8af3f6&location=

Search URL Search Domain Scan URL

URL: http://servedbyadbutler.com/redirect.spark?MID=172179&plid=1281335&setID=317821&channelID=0&CID=437232&banID=520253050&PID=0&textadID=0&tc=1&mt=1625167618558459&sw=1600&sh=1200&spr=1&hc=0f3ffecf8062416d47617ed7c943f56840e62bda&location=

Search URL Search Domain Scan URL

URL: http://servedbyadbutler.com/redirect.spark?MID=172179&plid=1281336&setID=317822&channelID=0&CID=437232&banID=520003630&PID=0&textadID=0&tc=1&mt=1625167618593830&sw=1600&sh=1200&spr=1&hc=96b98f957e55dbcba8e7dfc7d6b82448741ad6ed&location=

Search URL Search Domain Scan URL

URL: http://servedbyadbutler.com/redirect.spark?MID=172179&plid=1065732&setID=359375&channelID=0&CID=350861&banID=519811679&PID=0&textadID=0&tc=1&mt=1625167618600466&sw=1600&sh=1200&spr=1&hc=4efae9263dd46229275e7d51e475dfdd462f5177&location=

Search URL Search Domain Scan URL

URL: http://servedbyadbutler.com/redirect.spark?MID=172179&plid=1280921&setID=438709&channelID=0&CID=398324&banID=520408081&PID=0&textadID=0&tc=1&mt=1625167618599765&sw=1600&sh=1200&spr=1&hc=40b2572f60cb221ea46dda0eae36fa3220822cf3&location=

Search URL Search Domain Scan URL

URL: http://servedbyadbutler.com/redirect.spark?MID=172179&plid=1281341&setID=438710&channelID=0&CID=437232&banID=520253050&PID=0&textadID=0&tc=1&mt=1625167618598554&sw=1600&sh=1200&spr=1&hc=9456c111a916f3140a432a7db63d5053a4929a9f&location=

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/ 28 KB
7 KB 628ms
613ms Document
text/html 104.156.49.28
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Protocol: HTTP/1.1
Server: 104.156.49.28 Temecula, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 104-156-49-28.static.hvvc.us
Software: LiteSpeed /
Resource Hash: 5b83e4194ff2345b21b28c8140cfcb986145b5ae5e2fa6700169464ab123a961

Request headers

Host: bitcoinist.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
X-LiteSpeed-Cache-Control: public,max-age=604800
X-LiteSpeed-Tag: 199_HTTP.200,199_post,199_URL.80d891faa304e16646e51f478671e2bb,199_Po.125979,199_
Etag: "717003-1625167618;gz"
X-Litespeed-Cache: miss
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Thu, 01 Jul 2021 19:26:58 GMT
Server: LiteSpeed

GET
H2 200 Nexo@2x.png
bitcoinist.com/stage2/wp-content/uploads/2021/03/ 4 KB
4 KB 396ms
131ms Image
image/png 104.156.49.28
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitcoinist.com/stage2/wp-content/uploads/2021/03/Nexo@2x.png
Requested by: Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.156.49.28 Temecula, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 104-156-49-28.static.hvvc.us
Software: LiteSpeed /
Resource Hash: 2dfabdb0555a9562e23ef2256eaf39e2e65ab625e00ce518882bb7e87b331208

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 19:26:58 GMT
last-modified: Mon, 15 Mar 2021 09:02:11 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3816
expires: Sat, 02 Jul 2022 01:26:58 GMT

GET
H2 200 ea86d05266f8a9ff66dfe12718b2438f.jpg
bitcoinist.com/wp-content/litespeed/avatar/ 3 KB
3 KB 513ms
248ms Image
image/jpeg 104.156.49.28
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitcoinist.com/wp-content/litespeed/avatar/ea86d05266f8a9ff66dfe12718b2438f.jpg
Requested by: Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.156.49.28 Temecula, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 104-156-49-28.static.hvvc.us
Software: LiteSpeed /
Resource Hash: 9c7b4d1e933b2fb7650b5c3a7f9242b462d5c389496f32a9f5eb0b6108db8793

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 19:26:58 GMT
last-modified: Mon, 28 Jun 2021 10:29:11 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3215
expires: Sat, 02 Jul 2022 01:26:58 GMT

GET
H2 200 etoro-trade-now-btn.jpg
bitcoinist.com/wp-content/uploads/2020/12/ 10 KB
10 KB 513ms
248ms Image
image/jpeg 104.156.49.28
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitcoinist.com/wp-content/uploads/2020/12/etoro-trade-now-btn.jpg
Requested by: Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.156.49.28 Temecula, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 104-156-49-28.static.hvvc.us
Software: LiteSpeed /
Resource Hash: e5ba112baafd707084b9eac1e87c5e02f7f696b8ed91d0d750118c324c6ebe84

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 19:26:58 GMT
last-modified: Fri, 18 Dec 2020 09:53:43 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 10173
expires: Sat, 02 Jul 2022 01:26:58 GMT

GET
H2 200 app.js Show response
servedbyadbutler.com/ 53 KB
10 KB 119ms
28ms Script
application/javascript 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/app.js
Requested by: Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 0dbea9391db9677a9962767b109679b8bb16781bfa3f1d23eff5fa77f3d20d1f

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 19:26:58 GMT
content-encoding: gzip
last-modified: Mon, 26 Apr 2021 18:12:07 GMT
server: nginx
etag: W/"60870277-d421"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
expires: Thu, 01 Jul 2021 19:56:58 GMT

GET
H2 200 shutterstock_1374880793.jpg
bitcoinist.com/wp-content/uploads/2020/01/ 1 MB
1 MB 364ms
131ms Image
image/jpeg 104.156.49.28
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bitcoinist.com/wp-content/uploads/2020/01/shutterstock_1374880793.jpg
Requested by: Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.156.49.28 Temecula, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 104-156-49-28.static.hvvc.us
Software: LiteSpeed /
Resource Hash: 09bb147e75327a61027dc2b01cd54cc68d0ef914da9e71af5c955b9e6a210207

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 19:26:58 GMT
last-modified: Fri, 24 Jan 2020 13:43:53 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 1332468
expires: Sat, 02 Jul 2022 01:26:58 GMT

GET
H/1.1 200
OK ;ID=172179;size=1200x90;setID=476003;type=async;domid=placement_476003_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-... Show response
servedbyadbutler.com/adserve/ 664 B
1 KB 69ms
54ms Script
application/x-javascript 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://servedbyadbutler.com/adserve/;ID=172179;size=1200x90;setID=476003;type=async;domid=placement_476003_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 26f92113099692b169821cb4fd863ce89bf3c71b160767cdaaf5689d04b647ed

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 19:26:58 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ;ID=172179;size=728x90;setID=367529;type=async;domid=placement_367529_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-o... Show response
servedbyadbutler.com/adserve/ 663 B
1 KB 67ms
53ms Script
application/x-javascript 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://servedbyadbutler.com/adserve/;ID=172179;size=728x90;setID=367529;type=async;domid=placement_367529_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: a52ca2e2e7d32a9f2da8dd0c0d0affb3f93cb1dc1445b59518e2256c96c69127

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 19:26:58 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ;ID=172179;size=728x90;setID=476001;type=async;domid=placement_476001_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-o... Show response
servedbyadbutler.com/adserve/ 663 B
1 KB 66ms
52ms Script
application/x-javascript 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://servedbyadbutler.com/adserve/;ID=172179;size=728x90;setID=476001;type=async;domid=placement_476001_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: ec0390081f4b5fe029e8023fac93e5cfe578db9efa628fe73cb49c85d37757a4

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 19:26:58 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ;ID=172179;size=728x90;setID=476002;type=async;domid=placement_476002_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-o... Show response
servedbyadbutler.com/adserve/ 662 B
1 KB 66ms
51ms Script
application/x-javascript 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://servedbyadbutler.com/adserve/;ID=172179;size=728x90;setID=476002;type=async;domid=placement_476002_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: e26333b07b19d3ff6998539d8c44943c0f6c9bdb0dd01e17e7bc1e2c2b842e94

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 19:26:58 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ;ID=172179;size=300x250;setID=317820;type=async;domid=placement_317820_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-... Show response
servedbyadbutler.com/adserve/ 730 B
1 KB 66ms
51ms Script
application/x-javascript 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://servedbyadbutler.com/adserve/;ID=172179;size=300x250;setID=317820;type=async;domid=placement_317820_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: d51c28086329649d34bb0e47ac05c6ceb4b300a22795e76d0776e8e179c302a3

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 19:26:58 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ;ID=172179;size=300x250;setID=317821;type=async;domid=placement_317821_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-... Show response
servedbyadbutler.com/adserve/ 664 B
1 KB 62ms
48ms Script
application/x-javascript 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://servedbyadbutler.com/adserve/;ID=172179;size=300x250;setID=317821;type=async;domid=placement_317821_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: daa4b902fa60f18d58775eaf59f1646f81f6db9600a3d88229785f0d3e0588c5

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 19:26:58 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ;ID=172179;size=300x250;setID=317822;type=async;domid=placement_317822_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-... Show response
servedbyadbutler.com/adserve/ 664 B
1 KB 35ms
35ms Script
application/x-javascript 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://servedbyadbutler.com/adserve/;ID=172179;size=300x250;setID=317822;type=async;domid=placement_317822_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 44f888ae6dad46f5d92ae1b6bd52429d9ceaba5eaecae9eb7423c26fdd061d3f

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 19:26:58 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ;ID=172179;size=300x250;setID=359375;type=async;domid=placement_359375_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-... Show response
servedbyadbutler.com/adserve/ 663 B
1 KB 37ms
36ms Script
application/x-javascript 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://servedbyadbutler.com/adserve/;ID=172179;size=300x250;setID=359375;type=async;domid=placement_359375_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: d9202dd7b519bff3a0e44943c6400a59edeec70222ba3be680e44ebdc04be53c

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 19:26:58 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ;ID=172179;size=300x250;setID=438709;type=async;domid=placement_438709_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-... Show response
servedbyadbutler.com/adserve/ 664 B
1 KB 36ms
35ms Script
application/x-javascript 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://servedbyadbutler.com/adserve/;ID=172179;size=300x250;setID=438709;type=async;domid=placement_438709_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: b57e1ce8499a3020cf33ad88a467d754ab5a55eae3d17931dfdf41eeca503a4f

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 19:26:58 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ;ID=172179;size=300x250;setID=438710;type=async;domid=placement_438710_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-... Show response
servedbyadbutler.com/adserve/ 664 B
1 KB 35ms
34ms Script
application/x-javascript 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://servedbyadbutler.com/adserve/;ID=172179;size=300x250;setID=438710;type=async;domid=placement_438710_0;place=0;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 83efbcd6f28f92a8fffed5ec42a6230ea6a17dd3e7494f6978095dea9df935ab

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 19:26:58 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ;ID=172179;size=1200x90;setID=476003;type=async;domid=placement_476003_1;place=1;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-... Show response
servedbyadbutler.com/adserve/ 929 B
1 KB 35ms
34ms Script
application/x-javascript 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://servedbyadbutler.com/adserve/;ID=172179;size=1200x90;setID=476003;type=async;domid=placement_476003_1;place=1;pid=906229;sw=1600;sh=1200;spr=1;rnd=906229;referrer=http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 26f219a8becb7fd1313ab91f3312d31e18e8f14b19aca1999df681f66359e5c4

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 19:26:58 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ;libID=2462244
servedbyadbutler.com/getad.img/ 21 KB
21 KB 30ms
30ms Image
image/jpeg 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://servedbyadbutler.com/getad.img/;libID=2462244
Requested by: Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: ecfb29d6073cd301be561de178b186cb39ea90593ba86860d4470017d7516e85

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 19:26:58 GMT
Last-Modified: Mon, 21 Dec 2020 13:33:56 GMT
Server: nginx
ETag: "5fe0a444-5265"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Content-Disposition: inline; filename="IMAGE 2020-12-21 14:22:02.jpg"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21093
Expires: Fri, 01 Jul 2022 12:26:58 PDT

GET
H/1.1 200
OK ;libID=844202
servedbyadbutler.com/getad.img/ 86 KB
86 KB 30ms
29ms Image
image/gif 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://servedbyadbutler.com/getad.img/;libID=844202
Requested by: Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 9309dc2813e5ecd713b0fbd0c6cf5cf00f41d69d3ea9428624ed531387e1986e

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 19:26:58 GMT
Last-Modified: Wed, 11 Mar 2020 14:38:09 GMT
Server: nginx
ETag: "5e68f7d1-156bc"
Content-Type: image/gif
Cache-Control: max-age=31536000
Content-Disposition: inline; filename="DEGQ-174_BIG-WINNER_Azrabah-Wishes_BTC_728x90_en.gif"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87740
Expires: Fri, 01 Jul 2022 12:26:58 PDT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 7876 8 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e94a4ffe8f92e41c3d79836d2aef56457ab8fb74eb258462987af0215a512e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 19:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3828
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 19:49:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 01 Jul 2021 20:18:15 GMT

GET
H/1.1 200
OK ;libID=2192379
servedbyadbutler.com/getad.img/ 35 KB
36 KB 30ms
30ms Image
image/png 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://servedbyadbutler.com/getad.img/;libID=2192379
Requested by: Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 257b97a3baebe358dea67dea13627e1d9924322334552be65dbd91c8e4359986

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 19:26:58 GMT
Last-Modified: Thu, 03 Dec 2020 16:06:20 GMT
Server: nginx
ETag: "5fc90cfc-8ca6"
Content-Type: image/png
Cache-Control: max-age=31536000
Content-Disposition: inline; filename="earn_btceth_728x90.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36006
Expires: Fri, 01 Jul 2022 12:26:58 PDT

GET
H/1.1 200
OK ;libID=2192425
servedbyadbutler.com/getad.img/ 40 KB
40 KB 30ms
29ms Image
image/png 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://servedbyadbutler.com/getad.img/;libID=2192425
Requested by: Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 54a8af2d0f318f84ce4f888b1c0361e459c3fbd82ebad658f41061f1bd02e572

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 19:26:58 GMT
Last-Modified: Thu, 03 Dec 2020 16:15:34 GMT
Server: nginx
ETag: "5fc90f26-9f4e"
Content-Type: image/png
Cache-Control: max-age=31536000
Content-Disposition: inline; filename="earn_btceth_1200x90.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40782
Expires: Fri, 01 Jul 2022 12:26:58 PDT

GET
H3-29 200 impl_v76.js Show response
www.googletagservices.com/dcm/ Frame 7876 37 KB
15 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v76.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 09:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15557
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 20:05:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:18:15 GMT

GET
H/1.1 200
OK ;libID=1003527
servedbyadbutler.com/getad.img/ 67 KB
67 KB 30ms
29ms Image
image/jpeg 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://servedbyadbutler.com/getad.img/;libID=1003527
Requested by: Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 5295fb6deb834257369c4c58038378e5d5f3138262555cca88c17e13b9f0eb80

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 19:26:58 GMT
Last-Modified: Wed, 07 Oct 2020 05:50:45 GMT
Server: nginx
ETag: "5f7d5735-10a3c"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Content-Disposition: inline; filename="1-300_250-eng_.jpg"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68156
Expires: Fri, 01 Jul 2022 12:26:58 PDT

GET
H2 200 B24082269.272302795;dc_ver=76.220;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1703049611;ord=h2oj3r;dc_rfl=1,http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-cla... Show response
ad.doubleclick.net/ddm/adi/N1224350.1921203NEWSBTC/ Frame 677A 28 KB
16 KB 113ms
55ms Document
text/html 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1224350.1921203NEWSBTC/B24082269.272302795;dc_ver=76.220;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1703049611;ord=h2oj3r;dc_rfl=1,http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US$0;xdt=0;crlt=Py9Ya!(Zkf;sttr=27;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

50f980015365578391a3307b613e9f4ab32922042fc072203b2b21706b2c74c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N1224350.1921203NEWSBTC/B24082269.272302795;dc_ver=76.220;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1703049611;ord=h2oj3r;dc_rfl=1,http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US$0;xdt=0;crlt=Py9Ya!(Zkf;sttr=27;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://bitcoinist.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://bitcoinist.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jul 2021 19:26:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 15566
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Jul-2021 19:41:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame F6C4 8 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e94a4ffe8f92e41c3d79836d2aef56457ab8fb74eb258462987af0215a512e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 19:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3828
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 19:49:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 01 Jul 2021 20:18:15 GMT

GET
H/1.1 200
OK ;libID=3101894
servedbyadbutler.com/getad.img/ 65 KB
65 KB 30ms
30ms Image
image/png 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://servedbyadbutler.com/getad.img/;libID=3101894
Requested by: Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 0e421d58840625b972c93ae3dc5047dd3d56e400fc3703d31e0feb484393445c

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 19:26:58 GMT
Last-Modified: Thu, 29 Apr 2021 07:57:01 GMT
Server: nginx
ETag: "608a66cd-10415"
Content-Type: image/png
Cache-Control: max-age=31536000
Content-Disposition: inline; filename="300_250-1.png"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66581
Expires: Fri, 01 Jul 2022 12:26:58 PDT

GET
H/1.1 200
OK ;libID=844192
servedbyadbutler.com/getad.img/ 151 KB
151 KB 30ms
30ms Image
image/gif 195.201.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://servedbyadbutler.com/getad.img/;libID=844192
Requested by: Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US
Protocol: HTTP/1.1
Server: 195.201.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.242.201.195.clients.your-server.de
Software: nginx /
Resource Hash: 66cadcb65465a321c302fd638e1f74e0485141280f91cd6f9e3c101435121f2f

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 19:26:58 GMT
Last-Modified: Wed, 11 Mar 2020 14:36:26 GMT
Server: nginx
ETag: "5e68f76a-25a67"
Content-Type: image/gif
Cache-Control: max-age=31536000
Content-Disposition: inline; filename="DEGQ-174_BIG-WINNER_Azrabah-Wishes_BTC_300x250_en.gif"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154215
Expires: Fri, 01 Jul 2022 12:26:58 PDT

GET
H3-29 200 impl_v76.js Show response
www.googletagservices.com/dcm/ Frame F6C4 37 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v76.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bitcoinist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 09:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15557
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 20:05:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 09:18:15 GMT

GET
H2 200 B24082269.279526477;dc_ver=76.220;dc_eid=40004000;sz=1200x90;u_sd=1;nel=1;dc_adk=1633536228;ord=2ug1l2;dc_rfl=1,http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-cla... Show response
ad.doubleclick.net/ddm/adi/N1224350.1921203NEWSBTC/ Frame 5191 28 KB
15 KB 99ms
70ms Document
text/html 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N1224350.1921203NEWSBTC/B24082269.279526477;dc_ver=76.220;dc_eid=40004000;sz=1200x90;u_sd=1;nel=1;dc_adk=1633536228;ord=2ug1l2;dc_rfl=1,http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US$0;xdt=0;crlt=Py9Ya!(Zkf;sttr=12;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

9358f994e5431fbdb7dd6c8a00c322e9c7d9338bdddca6b60210a5e0455b6e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N1224350.1921203NEWSBTC/B24082269.279526477;dc_ver=76.220;dc_eid=40004000;sz=1200x90;u_sd=1;nel=1;dc_adk=1633536228;ord=2ug1l2;dc_rfl=1,http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US$0;xdt=0;crlt=Py9Ya!(Zkf;sttr=12;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://bitcoinist.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://bitcoinist.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jul 2021 19:26:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 15577
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 01-Jul-2021 19:41:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 06302021-015657372-Crypto-Creative_300x250_EN__1_.gif
s0.2mdn.net/9944765/ Frame 677A 62 KB
62 KB 28ms
7ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9944765/06302021-015657372-Crypto-Creative_300x250_EN__1_.gif

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1224350.1921203NEWSBTC/B24082269.272302795;dc_ver=76.220;dc_eid=40004001;sz=300x250;u_sd=1;nel=1;dc_adk=1703049611;ord=h2oj3r;dc_rfl=1,http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US$0;xdt=0;crlt=Py9Ya!(Zkf;sttr=27;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42f18cb448b7b8f10b8b10452f13050ec21194b2d2dd97bb53de42c4be4e2b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:25:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Jun 2021 08:56:57 GMT
server: sffe
age: 36071
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63168
x-xss-protection: 0
expires: Fri, 02 Jul 2021 09:25:47 GMT

GET
H2 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/xfa/ Frame 677A 10 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/xfa/sodar_loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5317781d9e780e3f322cba012aca14f5b55b533c0a125f06271d09b33a9974d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 16:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9007
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4286
x-xss-protection: 0
server: cafe
etag: 12837953992469573683
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 16:56:51 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame 677A 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 19:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 19:24:12 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 677A 125 KB
38 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 19:26:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Thu, 01 Jul 2021 19:26:58 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 677A 0
545 B 134ms
46ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvP5dtznVTmPZ82_S88_gvfxI4i4WctrYF0ouu44Qf_wCfkZ8Un8cDgpPizEqLqQ2zOPUzJvqunr_gjgeamofBudwIBFD5B81vmhASQJCW7IuXN6aL3fHx5JqjiN2Unz-Q&sig=Cg0ArKJSzI7C1epfNfPFEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210624.80523&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 19:26:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 677A 5 KB
4 KB 26ms
24ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca2cad8a6212c944c9a26173d7b6a935a4b9025dd74e2a6e7ea9308a6f9b4233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 19:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4192
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 677A 41 KB
15 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 15:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 15:53:59 GMT

GET
H2 200 Crypto-Creative_1200x90_EN.gif
s0.2mdn.net/9944765/ Frame 5191 97 KB
97 KB 22ms
18ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9944765/Crypto-Creative_1200x90_EN.gif

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N1224350.1921203NEWSBTC/B24082269.279526477;dc_ver=76.220;dc_eid=40004000;sz=1200x90;u_sd=1;nel=1;dc_adk=1633536228;ord=2ug1l2;dc_rfl=1,http%3A%2F%2Fbitcoinist.com%2Fxrptipbot-gets-banned-on-twitter-over-impersonation-claims%2Fautoload%2F%3Flang%3Den_US$0;xdt=0;crlt=Py9Ya!(Zkf;sttr=12;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32b57810f375fd41cc2d7c529197f06475370a24a8f95d3fd08051e6ce04de33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 09:12:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Jun 2021 08:56:54 GMT
server: sffe
age: 36864
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Fri, 02 Jul 2021 09:12:34 GMT

GET
H3-29 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/xfa/ Frame 5191 10 KB
4 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/xfa/sodar_loader.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5317781d9e780e3f322cba012aca14f5b55b533c0a125f06271d09b33a9974d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 16:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4286
x-xss-protection: 0
server: cafe
etag: 12837953992469573683
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 16:55:24 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame 5191 8 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 19:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Jul 2021 19:25:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5191 125 KB
38 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 19:26:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Thu, 01 Jul 2021 19:26:58 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5191 0
51 B 116ms
48ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskKnzaE6CxRqq6I7M7lO4bPa5qHpiVZyfh5R8_8mHV_LcW0beWLYneiOoZiYwXq3CbIQECu-yXGfgPL1smbDXmrjTTRAVtZtSyYKFMAqfyNitN9fu6zDOsZyKnHTLLzwU&sig=Cg0ArKJSzOPM8-oeRQ7aEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210624.30591&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 19:26:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5191 41 KB
15 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 15:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 15:53:59 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D77E 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 01 Jul 2021 15:53:59 GMT
expires: Fri, 01 Jul 2022 15:53:59 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5191 6 KB
4 KB 15ms
15ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62a0c8f5d44874fa29d9a251225f3f17ef551b1a9755d900b4735b1c0444685d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 19:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4323
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 677A 0
60 B 49ms
47ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 19:26:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B495 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 01 Jul 2021 15:53:59 GMT
expires: Fri, 01 Jul 2022 15:53:59 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5191 0
60 B 46ms
46ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 19:26:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 677A 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 19:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 01 Jul 2021 19:26:58 GMT

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame D77E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 16:17:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 16:17:39 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5191 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 19:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 01 Jul 2021 19:26:58 GMT

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame B495 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 16:17:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 16:17:39 GMT

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame D35A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 15:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 15:53:59 GMT

GET
H3-29 200 DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BDA 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 15:53:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5767
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 15:53:59 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D77E 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsJ0OAhfeYOT6Ko2t3gPF1qXADAAAAAA4AeAEAg&bg=!UFOlUxfNAAYo4NJEKOA7ACkAdvg8Wn71fhwCy5ueOT6taQZxDPaYbq9ko33cxdXxfx5p2UaQqdYuCwIAAADyUgAAACBoAQcKAGQ7uw63ugQdJC8QTwCF8vDTmuRW16LXJOvODh8eY8-6mUZHMVB_Pex3cpp2KaSJ-IydFvVi79hmADNgU1LFTIvjIn3o3Zrz7_ji013MdIzp6ciUcvetJt5ALtRv1CV4E2_P6vFJmQKyfcCIknZd2mVGbe5Hxb4tj5sdjp5gLTz4LSdl-tJmKWjSwNFiLV1jPjtyt9MhU7WyHgkIzaD15TU-ujUtHIwj0ExZPkS3FJdpx5E7Z2_z4hO2e2rIwGNmjlyeiKaE_hhHx1zbFXyEPl077bae91dm58tAOeyBBRAL4G9Af5UEF37xbGqeJgZR9IGNIqj-wYQBkea1P1pIoMXOZ2vLMrxhUimcguvNyBBlfDsg_RD0rA8q8jM2K9XMGhI4hAE2ADVmbMOj1bPcItxx5itAE8Y-yUrXTmBsN_XF9CyyM_njvRXJtWhbWsWM-YcJLYXC4MiyHtHLXH1N79ohbYbeuV3h3pqPMiLPduYlrex_WKdGE_YiYZSc27dmO9jkpGVD9SbYqrxtJrDowIdrUtkrz_YcWKtLXzStT3nMAiCYEx3Efy6H2zHRU-KE5855ZlZFCKHTG0KLzRvGnSxXc_kK2RdfgkaoCN5quXCyVc8MupOnGFoyX85nztEFXOcf_vRVw1k5U0zpBo9bBnHJJK0ZGBbPRqGR-fP0feTFO4sV4aFi2-94kAGPAE-HtMVtn8TQ6VG8qD1Y2oHGnhYrMlfkljIQLEt6sHo2GPnkoQ7JkG0j-0yXdTCO41oXOCHe2VP791pE0qijVUYZ9_Hkb2Q2IfmUhTTiiJKBX89A4xpIUM9a42OAhRRxswOv0YvnGu4yBd5Wcjk4KO1kbUFK2f1hX8abymv0damv76XGp6tkMQ-J7VFJegazYuLi6861hFghSMW1egx2XxXvO9XDmmwZIxyx5ohlQpLftaCfrG_BxCuJi7RP6nmNEWW3f0EJ63I_MreitEEppz0C_RyJ5EWE7CQIvsFbdaJTEmnpkxCzabTMdEjW2L4hudJvGmQNGkaWCYSn5nBSgNazDoryKg8uEoTGSgwJ

Requested by

Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 19:26:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B495 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2OPfAhfeYLH5KqPl7_UPi8SC6AEAAAAAOAHgBAI&bg=!JSalJmLNAAYo4NJEKOA7ACkAdvg8WvaMefsZjI3kU-VMtdiyKgbaFC7ovi8k31CDn9ZKHf622BqAcgIAAADYUgAAACFoAQeZApuIB5nagi0N1G3636PwGC9WWOPyoyEoUiaPNxQA1PzbgKnw59TlnrtXTTm67FCcMHwIGnJkaYAz_3q9sgV1Hbl1BHLY96Vkv4QqByhoYsIqhJMrC5qIC4NFNsEcMrPAySx6y_3DQGh37wVx1cYItepA32c7UixknEN-TROxwvnbhKKZmLvD1IsqKL1aJ0leg2C_fMa6Zt9R1dZ5-0xAc2FiNGiOd8BhJWBgSHm4yc80mD6yrPD9B8Jp7ZrBlgaIsHowS-W_wSYuuFXCl0qjEtF2HDNGcm9niHl4djx-IqWQU7QEpFJgERhQm9mO4zJebXIRYKL0uC_nx-omcV2MZG77-tM8__8wmsZY8-B98cA-VqZsEGQyO1LCoRVubIAEOnsnB5Js9fqVWBJDyw0JIb5_FIndBpPmAFP3sHneRmli48eUy8kvwKLhAirY9a9-_7nP97j4qSRNaLuD1PYdRrTwRbcD6t-0YTAZBt7fRfP5tpSL3c1y73iY9b2wcvwo5Yqg0nYMdecuHY55kfiJGq61BL1E0fr9sPvktlsKHB6UMId__F1jGn_2dx2H97KmWXx2SwJ4vz5xGyMtn92byx5F5fNebFkXqxARYwQ-cxxYCzlPXFR-zXNhMg9yBNo-8kJ_XWV1fOomhWnJ6KDCpcm3e4tfmLV54r5P1xHKKSXr0KpKGYX5XiecaOgo8-QVEya-R1Q-wnlfXgGukJk68KAEYnS3iLGrllOM3kDEnWDFAtqFvKjTVF6IDphUT4t1nAr4Z3ewoeDwe0LImhApwBzO8hhF31z5aAsKlmMO514XA8Giw1b-bC1wKuHJfYZz1XK9qpi-hkKwJDwiYGVIZ4AAlarciFPpbg9mgQkE0UW7XS8exKm3m8_McHkD

Requested by

Host: bitcoinist.com
URL: http://bitcoinist.com/xrptipbot-gets-banned-on-twitter-over-impersonation-claims/autoload/?lang=en_US

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 19:26:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 19:26:08	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
bitcoinist.com
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
servedbyadbutler.com
tpc.googlesyndication.com
www.googletagservices.com
104.156.49.28
142.250.186.162
172.217.18.102
195.201.242.21
2a00:1450:4001:800::2002
2a00:1450:4001:808::2006
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
09bb147e75327a61027dc2b01cd54cc68d0ef914da9e71af5c955b9e6a210207
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
0dbea9391db9677a9962767b109679b8bb16781bfa3f1d23eff5fa77f3d20d1f
0e421d58840625b972c93ae3dc5047dd3d56e400fc3703d31e0feb484393445c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
257b97a3baebe358dea67dea13627e1d9924322334552be65dbd91c8e4359986
26f219a8becb7fd1313ab91f3312d31e18e8f14b19aca1999df681f66359e5c4
26f92113099692b169821cb4fd863ce89bf3c71b160767cdaaf5689d04b647ed
2dfabdb0555a9562e23ef2256eaf39e2e65ab625e00ce518882bb7e87b331208
32b57810f375fd41cc2d7c529197f06475370a24a8f95d3fd08051e6ce04de33
42f18cb448b7b8f10b8b10452f13050ec21194b2d2dd97bb53de42c4be4e2b8a
44f888ae6dad46f5d92ae1b6bd52429d9ceaba5eaecae9eb7423c26fdd061d3f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f980015365578391a3307b613e9f4ab32922042fc072203b2b21706b2c74c1
5295fb6deb834257369c4c58038378e5d5f3138262555cca88c17e13b9f0eb80
5317781d9e780e3f322cba012aca14f5b55b533c0a125f06271d09b33a9974d3
54a8af2d0f318f84ce4f888b1c0361e459c3fbd82ebad658f41061f1bd02e572
5b83e4194ff2345b21b28c8140cfcb986145b5ae5e2fa6700169464ab123a961
62a0c8f5d44874fa29d9a251225f3f17ef551b1a9755d900b4735b1c0444685d
66cadcb65465a321c302fd638e1f74e0485141280f91cd6f9e3c101435121f2f
83efbcd6f28f92a8fffed5ec42a6230ea6a17dd3e7494f6978095dea9df935ab
887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1
9309dc2813e5ecd713b0fbd0c6cf5cf00f41d69d3ea9428624ed531387e1986e
9358f994e5431fbdb7dd6c8a00c322e9c7d9338bdddca6b60210a5e0455b6e25
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
9c7b4d1e933b2fb7650b5c3a7f9242b462d5c389496f32a9f5eb0b6108db8793
a52ca2e2e7d32a9f2da8dd0c0d0affb3f93cb1dc1445b59518e2256c96c69127
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b57e1ce8499a3020cf33ad88a467d754ab5a55eae3d17931dfdf41eeca503a4f
ca2cad8a6212c944c9a26173d7b6a935a4b9025dd74e2a6e7ea9308a6f9b4233
d51c28086329649d34bb0e47ac05c6ceb4b300a22795e76d0776e8e179c302a3
d9202dd7b519bff3a0e44943c6400a59edeec70222ba3be680e44ebdc04be53c
daa4b902fa60f18d58775eaf59f1646f81f6db9600a3d88229785f0d3e0588c5
e26333b07b19d3ff6998539d8c44943c0f6c9bdb0dd01e17e7bc1e2c2b842e94
e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ba112baafd707084b9eac1e87c5e02f7f696b8ed91d0d750118c324c6ebe84
e94a4ffe8f92e41c3d79836d2aef56457ab8fb74eb258462987af0215a512e6d
ec0390081f4b5fe029e8023fac93e5cfe578db9efa628fe73cb49c85d37757a4
ecfb29d6073cd301be561de178b186cb39ea90593ba86860d4470017d7516e85

bitcoinist.com Open in urlscan Pro 104.156.49.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

56 Requests

66 %HTTPS

56 %IPv6

6 Domains

8 Subdomains

9 IPs

2 Countries

2224 kBTransfer

2690 kBSize

1 Cookies

23 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bitcoinist.com Open in urlscan Pro
104.156.49.28 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

66 %
HTTPS

56 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

2224 kB
Transfer

2690 kB
Size

1
Cookies

56 HTTP transactions
0 data transactions