urlscan.io logo urlscan.io
SecurityTrails logo

pippaframe.site Open in urlscan Pro
162.144.14.33  Public Scan

Go To Rescan Add Verdict Report
URL: http://pippaframe.site/
Submission: On December 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 2 countries across 25 domains to perform 68 HTTP transactions. The main IP is 162.144.14.33, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is pippaframe.site.
This is the only time pippaframe.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 162.144.14.33 46606 (UNIFIEDLA...)
1 10 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
3 13.35.101.24 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
16 52.86.133.10 14618 (AMAZON-AES)
1 151.101.194.133 54113 (FASTLY)
3 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 2600:9000:251... 16509 (AMAZON-02)
1 108.139.50.211 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2620:116:800b... 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 1 2600:9000:21d... 16509 (AMAZON-02)
1 2600:9000:21d... 16509 (AMAZON-02)
2 141.95.98.64 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2620:116:800b... 14618 (AMAZON-AES)
8 12 162.19.138.117 16276 (OVH)
3 2607:f8b0:400... 15169 (GOOGLE)
1 1 34.233.108.47 14618 (AMAZON-AES)
2 2 15.197.193.217 16509 (AMAZON-02)
1 1 74.121.140.14 ()
3 3 209.191.163.210 ()
2 2 34.204.163.217 ()
2 2 104.36.115.113 ()
1 1 69.166.1.10 ()
1 2607:f8b0:400... ()
1 2 2620:100:a001::c ()
2 74.119.119.139 ()
68 28
7    162.144.14.33 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-144-14-33.unifiedlayer.com
pippaframe.site
10    2607:f8b0:4006:822::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
1    2606:4700:e6::ac40:cb05 (United States)

ASN13335 (CLOUDFLARENET, US)
go.ezodn.com
3    13.35.101.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-101-24.jfk50.r.cloudfront.net
c.amazon-adsystem.com
1    2607:f8b0:4006:809::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
16    52.86.133.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-133-10.compute-1.amazonaws.com
play2048.co
1    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
3    2606:4700:e4::ac40:a821 (United States)

ASN13335 (CLOUDFLARENET, US)
api.fouanalytics.com
1    2600:9000:2510:dc00:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)
go.ezoic.net
1    108.139.50.211 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-50-211.jfk50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
2    2607:f8b0:4006:80a::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)
edge.quantserve.com
1    2607:f8b0:4006:81d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2607:f8b0:4006:809::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
8b9497596f8c5b0ad6799d39f0c04ec2.safeframe.googlesyndication.com
1    2606:4700:e6::ac40:ca05 (United States)

ASN13335 (CLOUDFLARENET, US)
go.ezodn.com
1    2600:9000:21dd:fc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:21dd:9600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
1    2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
12    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
3    2607:f8b0:4006:81d::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    34.233.108.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-108-47.compute-1.amazonaws.com
sync.ipredictive.com
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    74.121.140.14 (None, )

ASN- ()
sync.mathtag.com
3    209.191.163.210 (None, )

ASN- ()
ce.lijit.com
2    34.204.163.217 (None, )

ASN- ()
match.prod.bidr.io
2    104.36.115.113 (None, )

ASN- ()
image6.pubmatic.com
1    69.166.1.10 (None, )

ASN- ()
sync.go.sonobi.com
1    2607:f8b0:4006:80b::2004 (None, )

ASN- ()
www.google.com
2    2620:100:a001::c (None, )

ASN- ()
gum.criteo.com
2    74.119.119.139 (None, )

ASN- ()
mug.criteo.com
Apex Domain
Subdomains		 Transfer
16 play2048.co
play2048.co — Cisco Umbrella Rank: 56748
121 KB
13 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 958
id5-sync.com — Cisco Umbrella Rank: 413
33 KB
8 googlesyndication.com
8b9497596f8c5b0ad6799d39f0c04ec2.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
42 KB
7 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
158 KB
7 pippaframe.site
pippaframe.site
33 KB
4 criteo.com
gum.criteo.com
mug.criteo.com
1 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
49 KB
3 lijit.com
ce.lijit.com
2 KB
3 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1122
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1332
1 KB
3 fouanalytics.com
api.fouanalytics.com — Cisco Umbrella Rank: 9949
7 KB
2 pubmatic.com
image6.pubmatic.com
574 B
2 bidr.io
match.prod.bidr.io
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
920 B
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 868
1 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com
2 KB
2 quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 15662
pixel.quantserve.com — Cisco Umbrella Rank: 666
10 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 897
57 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
2 ezodn.com
go.ezodn.com — Cisco Umbrella Rank: 8326
149 KB
1 sonobi.com
sync.go.sonobi.com
765 B
1 mathtag.com
sync.mathtag.com
656 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 846
485 B
1 ezoic.net
go.ezoic.net — Cisco Umbrella Rank: 10311
2 KB
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2008
437 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
43 KB
68 25
Domain Requested by
16 play2048.co pippaframe.site
play2048.co
12 id5-sync.com 8 redirects cdn.id5-sync.com
go.ezodn.com
7 pippaframe.site pippaframe.site
6 securepubads.g.doubleclick.net 1 redirects pippaframe.site
securepubads.g.doubleclick.net
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 ce.lijit.com 3 redirects
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 api.fouanalytics.com pippaframe.site
api.fouanalytics.com
3 c.amazon-adsystem.com pippaframe.site
c.amazon-adsystem.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 image6.pubmatic.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 match.adsrvr.org 2 redirects
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
go.ezodn.com
2 rules.quantcount.com 1 redirects pippaframe.site
2 btloader.com 1 redirects pippaframe.site
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 go.ezodn.com pippaframe.site
1 www.google.com tpc.googlesyndication.com
1 sync.go.sonobi.com 1 redirects
1 sync.mathtag.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 pixel.quantserve.com pippaframe.site
1 stats.g.doubleclick.net www.google-analytics.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 8b9497596f8c5b0ad6799d39f0c04ec2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 edge.quantserve.com play2048.co
1 cdn.id5-sync.com pippaframe.site
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 go.ezoic.net pippaframe.site
1 www.paypalobjects.com pippaframe.site
1 www.googletagmanager.com pippaframe.site
68 34

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
play2048.co
R3		 2022-12-01 -
2023-03-01		 3 months crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-13 -
2023-11-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-10-09 -
2023-10-09		 a year crt.sh
*.ezoic.net
Amazon		 2022-12-17 -
2024-01-15		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://pippaframe.site/
Frame ID: 25EC8EAF8F2E7925854CFAFFB4E533E6
Requests: 61 HTTP requests in this frame

Frame: https://8b9497596f8c5b0ad6799d39f0c04ec2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 480FA617068D0FCEC4E2768DDC2B5913
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 632C50DF7942EC9F5DCBB6DE9B1CAC25
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F35F65E7707A87FEABBA6F7D6AB110FD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

68
Requests

78 %
HTTPS

57 %
IPv6

25
Domains

34
Subdomains

28
IPs

2
Countries

716 kB
Transfer

2320 kB
Size

38
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
Request Chain 32
  • https://btloader.com/tag?aax_id=AAX65WOCF&upapi=true HTTP 302
  • https://btloader.com/tag?o=5112081056530432&upapi=true
Request Chain 42
  • http://rules.quantcount.com/rules-p-31iz6hfFutd16.js HTTP 301
  • https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Request Chain 53
  • https://id5-sync.com/i/457/8.gif?id5id=ID5*vj6OC9k2558qiFynwsPQKCilcSmTIT3PYoHhrWYl7tIxJTtvsrRYKbr5nM1X8RZ0&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F796%2F7%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/457/796/7/2.gif?puid=f54cf5b9-6347-4bff-ac43-8dc7b46e2ed2&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=a8fc6e5f-265f-48d6-8565-4653094efe91&ttl=%%TTL%% HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-16d9Vj4NraWAtpVNyzoap62bGxwp1_3tiQuf6S0E4A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/457/3/5/4.gif?puid=fd5f63a5-cfda-4900-8ec0-250147381dbd&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=a8fc6e5f-265f-48d6-8565-4653094efe91&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F1245%2F4%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=a8fc6e5f-265f-48d6-8565-4653094efe91&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F1245%2F4%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5&dnr=1 HTTP 302
  • https://id5-sync.com/c/457/1245/4/5.gif?puid=F3WdERZHfTdWPAJQRgqEN3i6&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AACyy07HS6AAACR0YFkXaQ HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AACyy07HS6AAACR0YFkXaQ&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F1241%2F2%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/457/1241/2/7.gif?puid=F3WdERZHfTdWPAJQRgqEN3i6&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0&rdf=1 HTTP 302
  • https://id5-sync.com/c/457/429/1/8.gif?puid=B726CBBA-43A1-4DC3-AC7F-CCD8B5C18F88&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F434%2F0%2F9.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/457/434/0/9.gif?puid=d3708463-5a54-4d00-8505-24d7a51a7deb&gdpr=0&gdpr_consent=
Request Chain 57
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fplay2048.co%2F&domain=pippaframe.site&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=T45zunxselcyaDNxMGREbS96NFAyL29iRTZDQnlZeGRZSy8yZTNQeUtCaExBRFBRaUNNR0FKUTV3NElZRFZ1ZndIcm90OUZLYU56ZDFCYU5Sa1FzZ01TZThMVXBCZXpFczhXdjVsYXUvaHQ4NXVoTWFBMDkyTnZhdWZzM0RmVit4bW83T1FSZS9TVHEvQlN1SHNzcWIxbkUrMWJ5MnNvS2dESXBReDY5MSt2TWlVaVU4WkkybVR1b1gxVkUwRlBxSEQ3RnFtZDVoUjBtY2QydG1KOW9aWHlRSkFXaUh6N0tzcXkyYWdRNCtiNmNyUjNucmlEZkhzajRoRy9vRjVrSjcybmY0fA&cppv=2

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pippaframe.site/ 		84 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pippaframe.site/
Protocol
HTTP/1.1
Server
162.144.14.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-14-33.unifiedlayer.com
Software
Apache /
Resource Hash
5deb0ab2a11739a6ff26e05ca87c57bad1d3159a2b6f058fa75c1265ddd40cba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 23 Dec 2022 15:57:04 GMT
Keep-Alive
timeout=5, max=75
Last-Modified
Sun, 21 Aug 2022 16:23:07 GMT
Server
Apache
Transfer-Encoding
chunked
Upgrade
h2,h2c
Vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/
Redirect Chain
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9e81efc856f66a33ff45c199b47b90901d3257c7fad177816870c892e7acc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27536
x-xss-protection
0
server
sffe
etag
"1429 / 188 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Dec 2022 15:57:06 GMT

Redirect headers

Date
Fri, 23 Dec 2022 15:40:04 GMT
X-Content-Type-Options
nosniff
Server
sffe
Age
1021
Content-Type
text/html; charset=UTF-8
Location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control
public, max-age=1800
Cross-Origin-Resource-Policy
cross-origin
Content-Length
249
X-XSS-Protection
0
Expires
Fri, 23 Dec 2022 16:10:04 GMT
dall.js
go.ezodn.com/hb/ 		236 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://go.ezodn.com/hb/dall.js?b=&cb=195-5-37
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
HTTP/1.1
Server
2606:4700:e6::ac40:cb05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5fc449647f3e112d03582a8ea0e845f4fa90d9942249be04055b4bd5483baf6

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 15:57:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 23 Dec 2022 15:57:05 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FVw2lRd0xj3VwYYLzP2Wl8ImUP10HR%2BA7G1ZBHurIDprMA6Nn6%2FZvhuwbIaFjGEpIckySpPbenjQI%2FmlyFW%2FHOdckV55%2Fp%2FEEYMLdsZBuQr541IQEQST9oPWUDNn2SY2dyzErCddRs5elg%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=31536000
Connection
keep-alive
CF-RAY
77e24a7d7bc518b8-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
HTTP/1.1
Server
13.35.101.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-101-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2db364591994c4fb2da18489bf8d4547fac6f633bcea1169e7c68519b47109ff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 15:30:54 GMT
Content-Encoding
gzip
Via
1.1 2b0c54ffe9876882253b010d44184bdc.cloudfront.net (CloudFront), 1.1 f512c993e98a951737226d483474a2dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-P2, JFK50-P8
Age
1572
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 22 Dec 2022 18:13:53 GMT
Server
AmazonS3
ETag
W/"b2496fcafcf1daf6223aefe99a0cf048"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
rIKc2j60eZxRxiYcDqK7iIXrIJKgh2ztaHwamgccfIfie07QvsHGuw==
banger.js
pippaframe.site/porpoiseant/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pippaframe.site/porpoiseant/banger.js?cb=195-5&bv=108&v=57&PageSpeed=off
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
HTTP/1.1
Server
162.144.14.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-14-33.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 15:57:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 May 2022 20:25:34 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/html
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
462
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-42620757-2
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
290cd873fad51c8af7d59545b2507277c6e63404183d9cf2e43696768dd1fb6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43654
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Dec 2022 15:57:05 GMT
index.js
pippaframe.site/dist/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pippaframe.site/dist/index.js
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
HTTP/1.1
Server
162.144.14.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-14-33.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 15:57:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 May 2022 20:25:34 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
462
ClearSans-Regular-webfont.woff
pippaframe.site/style/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://pippaframe.site/style/fonts/ClearSans-Regular-webfont.woff
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
HTTP/1.1
Server
162.144.14.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-14-33.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 15:57:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 May 2022 20:25:34 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/html
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
462
ClearSans-Bold-webfont.woff
pippaframe.site/style/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://pippaframe.site/style/fonts/ClearSans-Bold-webfont.woff
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
HTTP/1.1
Server
162.144.14.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-14-33.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 15:57:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 May 2022 20:25:34 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/html
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
462
clear-sans.css
pippaframe.site/style/fonts/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://pippaframe.site/style/fonts/clear-sans.css
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
HTTP/1.1
Server
162.144.14.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-14-33.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 15:57:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 May 2022 20:25:34 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/html
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
462
main.css
pippaframe.site/style/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://pippaframe.site/style/main.css
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
HTTP/1.1
Server
162.144.14.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-144-14-33.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 15:57:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 May 2022 20:25:34 GMT
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/html
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
462
cmbv2.js
play2048.co/detroitchicago/ 		168 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play2048.co/detroitchicago/cmbv2.js?gcb=195-5&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-2y36-23y55-1y59-21&cmbcb=39&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
4607719e4358074067b6f0eb236c54679dd0cdc166091bb0bde0ed9d5cb55a89

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:05 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=0, public
x-robots-tag
noindex
icon_pp.svg
play2048.co/meta/ 		768 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play2048.co/meta/icon_pp.svg
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
GitHub.com /
Resource Hash
e25edc55897dbee0133c37fddba6252d01cc71ab93bc60cb6353f0f17a1b8772

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-fastly-request-id
fbc65c26995acb4e85529a6853bd97d6b5c5eac1
date
Fri, 23 Dec 2022 15:57:05 UTC
content-encoding
br
via
1.1 varnish
x-cache-hits
0
age
0
display
staticcontent_sol
x-ezoic-cdn
Hit ds;mm;edea8eed2b12092711116094ee0671c2;2-218709-8;821f2d06-6958-46d7-6257-4c6dfc47d63f
x-cache
MISS
x-middleton-display
staticcontent_sol
x-middleton-response
200
content-length
458
x-served-by
cache-iad-kcgs7200112-IAD
response
200
last-modified
Fri, 16 Dec 2022 16:32:44 GMT
server
GitHub.com
x-github-request-id
9D2C:7D90:1A58402:258360A:6383C8C4
x-timer
S1669580996.358319,VS0,VE8
etag
W/"631dfc83-300-gzip"
x-origin-cache-control
max-age=600
vary
Accept-Encoding,User-Agent,Origin
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-proxy-cache
MISS
pixel.gif
www.paypalobjects.com/en_US/i/scr/ 		42 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:06 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
fastly-io-info
ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id
989945720929b
fastly-stats
io=1
dc
phx-origin-www-3.paypal.com
content-length
42
x-served-by
cache-dfw18670-DFW, cache-ewr18156-EWR
x-timer
S1671811026.129741,VS0,VE0
etag
"dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
content-type
image/gif
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
267, 32044
icon_bitcoin.svg
play2048.co/meta/ 		1 KB
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play2048.co/meta/icon_bitcoin.svg
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
GitHub.com /
Resource Hash
16596639aaf7c7f4ca870a71f5083ced88e25000ad6da72f9dfd69cd9ba080cf

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-fastly-request-id
f4908731ddaccf6ecf3ba9e9649a53705a43ea0a
date
Fri, 23 Dec 2022 15:57:06 UTC
content-encoding
br
via
1.1 varnish
x-cache-hits
0
age
0
display
staticcontent_sol
x-ezoic-cdn
Hit ds;mm;ad76e5548aa6ebaeff6a1318ea4ba042;2-218709-8;b38e0556-3190-4c55-5a68-2977970a5a9e
x-cache
MISS
x-middleton-display
staticcontent_sol
x-middleton-response
200
content-length
748
x-served-by
cache-iad-kcgs7200060-IAD
response
200
last-modified
Fri, 16 Dec 2022 16:32:44 GMT
server
GitHub.com
x-github-request-id
3C88:7CF6:18FB3C3:242378F:6383C7EA
x-timer
S1669580778.997958,VS0,VE13
etag
W/"631dfc83-58a-gzip"
x-origin-cache-control
max-age=600
vary
Accept-Encoding,User-Agent,Origin
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-proxy-cache
MISS
index.js
play2048.co/dist/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play2048.co/dist/index.js
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
GitHub.com /
Resource Hash
99590cf2d4be0ce982d1178d9f2877619670c4ecccd4dfd89fb50544a6b5a148

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-fastly-request-id
33a348631cdd23dd4651b7f16ad1df0a34d2de36
date
Fri, 23 Dec 2022 15:57:06 UTC
content-encoding
br
via
1.1 varnish
x-cache-hits
0
age
0
display
staticcontent_sol
x-ezoic-cdn
Hit ds;mm;a5107e0d211ab19fd340c2f86ea6078d;2-218709-8;05058523-45c6-4d06-585f-0a69f83167f9
x-cache
MISS
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-served-by
cache-iad-kcgs7200168-IAD
response
200
last-modified
Fri, 16 Dec 2022 16:32:44 GMT
server
GitHub.com
x-github-request-id
50EE:1F36:DC3063:13404AB:6383C964
x-timer
S1669581156.308403,VS0,VE20
etag
W/"631dfc83-3ab4-gzip"
x-origin-cache-control
max-age=600
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-proxy-cache
MISS
ClearSans-Regular-webfont.woff
play2048.co/style/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://play2048.co/style/fonts/ClearSans-Regular-webfont.woff
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
GitHub.com /
Resource Hash
8c94cd2fdc93f5a86f1761c0ce14bb695f20e16dc1a585ccad7f0289bd3dbc76

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-fastly-request-id
73a30f8da484c2ef6620d620d6b96dd0dee0b8aa
date
Fri, 23 Dec 2022 15:57:06 UTC
content-encoding
br
via
1.1 varnish
x-cache-hits
1
age
22
display
staticcontent_sol
x-ezoic-cdn
Hit ds;mm;1fe671e6a2390c5a928aa7e40ebdebd4;2-218709-8;2170f9cf-ebaa-463c-48cd-0029309abbbd
x-cache
HIT
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-served-by
cache-iad-kcgs7200072-IAD
response
200
last-modified
Fri, 16 Dec 2022 16:32:44 GMT
server
GitHub.com
x-github-request-id
0804:0B05:6C838F:990445:6327871E
x-timer
S1663534900.384029,VS0,VE5
etag
"631dfc83-688c-gzip"
x-origin-cache-control
max-age=600
vary
Accept-Encoding,User-Agent,Origin
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-proxy-cache
MISS
ClearSans-Bold-webfont.woff
play2048.co/style/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://play2048.co/style/fonts/ClearSans-Bold-webfont.woff
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
GitHub.com /
Resource Hash
b16e36cc53aa72023c67ab31c38290de77905dd2285f331189b2236100b8f849

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-fastly-request-id
94ad989d4d1e10e1f2dc9caf4c22def3e36e69c3
date
Fri, 23 Dec 2022 15:57:06 UTC
content-encoding
br
via
1.1 varnish
x-cache-hits
1
age
13
display
staticcontent_sol
x-ezoic-cdn
Hit ds;mm;86780ce4282732576073abe11e26ff11;2-218709-8;85b4c703-f7f5-43f2-5395-e41bc9eb20f1
x-cache
HIT
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-served-by
cache-iad-kcgs7200068-IAD
response
200
last-modified
Fri, 16 Dec 2022 16:32:44 GMT
server
GitHub.com
x-github-request-id
C3E2:1576:F427E0:14F19DF:63278719
x-timer
S1663534886.459768,VS0,VE3
etag
"631dfc83-69f0-gzip"
x-origin-cache-control
max-age=600
vary
Accept-Encoding,User-Agent,Origin
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-origin-cache
HIT
x-proxy-cache
MISS
clear-sans.css
play2048.co/style/fonts/ 		1 KB
723 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play2048.co/style/fonts/clear-sans.css
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
GitHub.com /
Resource Hash
63521ee4dd7f5f42d2474dd5eefb3793739674c81a5d508f9be216688d3ff0e0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-fastly-request-id
3e34426618c5cffb0237ee9b95a97c23c500bf95
date
Fri, 23 Dec 2022 15:57:06 UTC
content-encoding
br
via
1.1 varnish
x-cache-hits
0
x-sol
orig
age
0
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;mm;29d73da5a023437d8a8b94a349a69842;2-218709-8;b302430f-a6bb-4c52-76b3-7b112bc16d3b
x-cache
MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
content-length
234
x-served-by
cache-iad-kcgs7200046-IAD
response
200
last-modified
Fri, 16 Dec 2022 16:32:44 GMT
server
GitHub.com
x-github-request-id
6C36:97EF:193EA32:22560EA:6383C8C4
x-timer
S1669580996.357164,VS0,VE7
etag
W/"631dfc83-43b-gzip"
x-origin-cache-control
max-age=600
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-proxy-cache
MISS
main.css
play2048.co/style/ 		31 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play2048.co/style/main.css
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
GitHub.com /
Resource Hash
0743c1f900776fbc658d2c5115123a7ae1ba5fb23ed5d759804c029cd5c6425f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-fastly-request-id
299306405bfcfad811ff44bf8ba1a310b4359818
date
Fri, 23 Dec 2022 15:57:06 UTC
content-encoding
br
via
1.1 varnish
x-cache-hits
0
x-sol
orig
age
0
display
staticcontent_sol, orig_site_sol
x-ezoic-cdn
Hit ds;mm;9e2e4a8266f3da10360bf7b5c4b110eb;2-218709-8;77ebd909-cf7e-43f8-4bff-cee22bd552e2
x-cache
MISS
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
x-served-by
cache-iad-kcgs7200134-IAD
response
200
last-modified
Fri, 16 Dec 2022 16:32:44 GMT
server
GitHub.com
x-github-request-id
4FA6:72A4:E86C07:1402DA6:6383C7B2
x-timer
S1669580722.415054,VS0,VE10
etag
W/"631dfc83-7bb8-gzip"
x-origin-cache-control
max-age=600
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-proxy-cache
MISS
init-1632lqsy2s4fklqsvsii.js
api.fouanalytics.com/api/ 		459 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/api/init-1632lqsy2s4fklqsvsii.js
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a821 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76428a7b34b4a9fe1b49a89ce3b6303efe18eaf7215b6370118a70590234d26

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 15:57:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkVKxzEVxQJfK3dkdGiv9Tv51Dkd4pxR3aCi7g6ysrpFr3t2yH9B%2FhZfgWc%2FBCqc36LchE%2BlX4d8PPmeD2v%2BJPgbE8icY2j1ZMRq42gl38BcdqZdjK3BeNmQuMzE%2BZl3ed5xGOc6c7kyPZUupntv4meC9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
77e24a82bb1a197c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
ezoic.png
go.ezoic.net/utilcave_com/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:dc00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:39:31 GMT
via
1.1 eb2e4893b47f0d155cd51b82c2a8d596.cloudfront.net (CloudFront)
x-sol
middleton
display
staticcontent_sol
x-amz-cf-pop
JFK50-P5
age
224255
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
content-length
1181
last-modified
Thu, 01 Dec 2022 00:14:50 GMT
server
Apache/2.4.39 (Ubuntu)
etag
"49d-5d9576f862e00-gzip-gzip"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
x-amz-cf-id
l-LUArwjcw1K-GknWvjbssAHN0XHoanzB33Bnhq6OzywOiB8sbsuzg==
expires
Wed, 28 Dec 2022 01:39:31 GMT
houston.js
play2048.co/detroitchicago/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play2048.co/detroitchicago/houston.js?gcb=5&cb=16
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
cda3688d66efcd9227d4bdc04472b134e614d6609c362875370ba4fb52104a2a

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:07 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
config
c.amazon-adsystem.com/cdn/prod/ 		825 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fpippaframe.site&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.101.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-101-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
8a22eb57594c8ae9cda85eea283246ef0acf4e1ebee49ce2cabff2969c9e5951

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:08 GMT
via
1.1 c456cd1dcda544d97e59ee05afbea4a2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P8
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://pippaframe.site
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
825
x-amz-cf-id
irrbmAJLs70bsOSTM-E9EAbSAMstcWBMZZ9efkaaoaw9Z5ZX_mThOQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fpippaframe.site%2F&pid=DvPFnBDjrzfDN&cb=0&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-play2048_co-banner-2-0%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F1254144%2C22600954320%2Fplay2048_co-banner-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-play2048_co-box-1-0%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F1254144%2C22600954320%2Fplay2048_co-box-1%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A2%7D%2C%7B%22sd%22%3A%22div-gpt-ad-play2048_co-medrectangle-2-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C22600954320%2Fplay2048_co-medrectangle-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-play2048_co-box-4-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C22600954320%2Fplay2048_co-box-4%22%7D%5D&schain=1.0%2C1!ezoic.ai%2C32e0dc0952ac2f3cfc030c89802314ca%2C1%2C%2C%2C&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.50.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-50-211.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:08 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e60ffc5cb1078c77d0ecabfc06b14cd0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P1
x-amz-rid
AEHJK1Q13N5CJTVT7DJB
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://pippaframe.site
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
xCbbvW27Jb1oP7MiWcTMV87Xzllo1TjJf2Lh47jNrtuABQ_6E5M3oQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.101.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-101-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:09 GMT
x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 cea4663e4864185add284e6e883e90f2.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
x-cache
Miss from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
fhnBhYyxLwaMdK92IzK2u7ti1n704iWzh3q4GpC4IyP3W_U6DIC8Dg==
imp.gif
play2048.co/detroitchicago/ 		43 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play2048.co/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A2%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%2231%2C0%2C5%2C3%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A1%2C%22city%22%3A%22Da%20Nang%22%2C%22country%22%3A%22VN%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A3%2C%22domain_id%22%3A218709%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A3%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%221649249835808%22%2C%22last_pageview_id%22%3A%22bd2ad075-59bb-4032-572d-9162c61eb6c6%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A2%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221138%2C1139%2C1141%2C1145%22%2C%22page_view_count%22%3A1%2C%22page_view_id%22%3A%228ba86898-1d87-4d76-4783-dc28ece5a65e%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A11056%2C%22response_time_orig%22%3A2%2C%22serverid%22%3A%2254.251.3.241%3A17526%22%2C%22state%22%3A%22DN%22%2C%22sub_page_ad_positions%22%3A%221138%2C1139%2C1141%2C1145%22%2C%22t_epoch%22%3A1649249854%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A19%2C%22url%22%3A%22https%3A%2F%2Fplay2048.co%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A125%2C%22worst_bad_word_level%22%3A0%7D
Requested by
Host: play2048.co
URL: https://play2048.co/detroitchicago/cmbv2.js?gcb=195-5&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-2y36-23y55-1y59-21&cmbcb=39&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:07 GMT
content-encoding
br
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
http://pippaframe.site
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
access-control-allow-headers
Content-Type
content-length
47
expires
Thu, 22 Dec 2022 15:57:07 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/webp
cmbdv2.js
play2048.co/detroitchicago/ 		45 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play2048.co/detroitchicago/cmbdv2.js?gcb=195-5&cb=03-5y0c-5y18-4y37-23y5a-21&cmbcb=39&sj=x03x0cx18x37x5a
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
7f30f101e9c54f1f2ea28ee28eb181bce3461165b595631b212b5cd63d054dda

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:07 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=0, public
x-robots-tag
noindex
pp.js
api.fouanalytics.com/s/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/s/pp.js
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a821 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a9f3c83892833387d92f857563b6f3cfdee0277cbc648a932a2718e000e9e42

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 14:09:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2040
etag
W/"634eb38a-3bc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwFgPRMjm8CPKjDWq%2F19za%2BvlmRyGM4luCngTtcq6b7dUpnbG6KnYd%2Bi01bJYJB%2Fkh7%2F2nrWkeIjAxvRpddDlCfIziGxo2ybaR26r65LJRLkscBXkrLMqYwZmFS0biiB1dx1tVPEd%2Fw6wCE3EdGUEDV01w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
77e24a8c4bc4197c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-42620757-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 15:11:08 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2760
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 23 Dec 2022 17:11:08 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 21:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65746
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 21:41:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		37 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=pippaframe.site
Requested by
Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a949a8bd438328185a17d9cb2250e8644f4dbfcfba00d88d6898bbed1dd412f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40
x-xss-protection
0
expires
Fri, 23 Dec 2022 15:57:07 GMT
tag
btloader.com/
Redirect Chain
  • https://btloader.com/tag?aax_id=AAX65WOCF&upapi=true
  • https://btloader.com/tag?o=5112081056530432&upapi=true
447 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5112081056530432&upapi=true
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4519fe034201cde5e41e3c91f141eb7b8487073c9739c6d68c39b765ba52f067

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Dec 2022 15:52:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
302
etag
W/"af7e51b6eb7ac25f4c4c6073f0f2387f"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAx9b1UnmLI2ZMpuPKZdNs3Lp0qul4mG46SJOIn%2BBpQZ2PyFIAJZdTU6YDOz91KFq6k44ZVWjgtUzzWYKItxkpdRBOcE9xh90fh8kCDIdN3zupBmt7DCzOpCO5GCtGO6xNASXf9V9oFM%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
77e24a96dcf1c338-EWR

Redirect headers

date
Fri, 23 Dec 2022 15:57:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQCUckwBkPhEJ%2BKoR7dx25QaS1r0uq1K7%2BLJVbnnH%2FrLKSiHbmL%2BnqcHUvp2bm%2FvJTb6sm%2BiYRNlgS%2BU7gN3tqSH5bO5FNpuM5dEt7AAAGiMfmqe82%2FKaYD3bqOcgcl%2BK0LuUCMT%2BRDbkw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?o=5112081056530432&upapi=true
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
77e24a931f88c338-EWR
expires
Thu, 01 Jan 1970 00:00:01 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
4YB35TJ1S6DGY03M
age
3416
etag
W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77e24a946fa88c47-EWR
x-amz-id-2
Ca7/gY7nGjerHHMxID702WeOCBgzbBWBCy7Z3nLwEvZS4dHQqBi1/IictEoAmB6qZl+JwSIKWaY=
quant.js
edge.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: play2048.co
URL: https://play2048.co/detroitchicago/cmbdv2.js?gcb=195-5&cb=03-5y0c-5y18-4y37-23y5a-21&cmbcb=39&sj=x03x0cx18x37x5a
Protocol
HTTP/1.1
Server
2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 15:57:08 GMT
Content-Encoding
gzip
Etag
"StHfV9prSwQMxjKWocWEFw=="
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Expires
Fri, 30 Dec 2022 15:57:08 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pippaframe.site
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1243515249&t=pageview&_s=1&dl=http%3A%2F%2Fpippaframe.site%2F&ul=en-us&de=UTF-8&dt=2048&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1727750283&gjid=1300997314&cid=310764543.1671811029&tid=UA-42620757-2&_gid=1614395517.1671811029&_r=1&gtm=2oubu0&z=1324622177
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pippaframe.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 15:57:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://pippaframe.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
x
api.fouanalytics.com/api/ 		0
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/api/x?7Iu84E6dYTcpeT5W$dXJsJDAkaHR0cDovL3BpcHBhZnJhbWUuc2l0ZS8iLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDEkMTYwMHgxMjAweDI0IiwiZnJhbWUkMSQwIiwiaGlkZGVuJDEkMCIsInZpc2liaWxpdHlTdGF0ZSQxJHZpc2libGUiLCJoYXNGb2N1cyQxJDEiLCJ3aW5kb3ckMSQxNjAweDEyMDAiLCJwaXhlbHJhdGlvJDEkMSIsImlubmVyJDEkMTYwMHgxMjAwIiwib3V0ZXIkMSQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMiQxIiwic2Vzc2lvblN0b3JhZ2UkMyQxIiwiYXBwQ29kZU5hbWUkNCRNb3ppbGxhIiwiYXBwTmFtZSQ0JE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQ0JDUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkNCR0cnVlIiwiZG9Ob3RUcmFjayQ0JCIsImhhcmR3YXJlQ29uY3VycmVuY3kkNCQ0IiwibGFuZ3VhZ2UkNCRlbi1VUyIsInBsYXRmb3JtJDQkV2luMzIiLCJwcm9kdWN0JDQkR2Vja28iLCJwcm9kdWN0U3ViJDQkMjAwMzAxMDciLCJ1c2VyQWdlbnQkNCRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQ0JEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDQkIiwid2ViZHJpdmVyJDQkZmFsc2UiLCJuYXZpZ2F0b3ItaGFzaCQxNCRmNTU5N2QyYSIsIm5hdmlnYXRvci10aW1lJDE0JDEwLjIiLCJzZW5kQmVhY29uJDE0JDEiLCJmb250cmVuZGVyJDkwJDEiLCJ0aW1lJDkxJDE2NzE4MTEwMjgyNTgiLCJ0aW1lem9uZSQ5MSQwIiwicGx1Z2lucy10aW1lJDkzJDAuMyIsInBsdWdpbnMkOTMkYjZkMDU1NTgiLCJtZW0tdG90YWxKU0hlYXBTaXplJDk0JDEwIiwibWVtLXVzZWRKU0hlYXBTaXplJDk0JDEwIiwibWVtLWpzSGVhcFNpemVMaW1pdCQ5NCQzNzYwIiwidGltZS1kb21haW5Mb29rdXBTdGFydCQ5NCQzIiwidGltZS1kb21haW5Mb29rdXBFbmQkOTQkNzciLCJ0aW1lLWNvbm5lY3RTdGFydCQ5NCQ3NyIsInRpbWUtY29ubmVjdEVuZCQ5NCQyMDgiLCJ0aW1lLXJlcXVlc3RTdGFydCQ5NCQyNTAiLCJ0aW1lLXJlc3BvbnNlU3RhcnQkOTQkMzMyIiwidGltZS1yZXNwb25zZUVuZCQ5NCQ2NjAiLCJ0aW1lLWRvbUxvYWRpbmckOTQkMzU5IiwidGltZS1kb21JbnRlcmFjdGl2ZSQ5NCQyMTU3IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQ5NCQyMTU3IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRFbmQkOTQkMjE1OCIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQ5NSQwIiwibmF2aWdhdGlvbi10eXBlJDk1JG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDMwOSQxMi44IiwiZ2xvYmFscyQzMjMkNjNkZTZjYjIiLCJkb2N1bWVudC10aW1lJDM5NSQwLjIiLCJkb2N1bWVudCQzOTYkNDdjMDc0NGQiLCJiYXR0ZXJ5JDM5NiRuL2EiLCJjb25uZWN0aW9uJDM5NiQiLCJkb3dubGlua01heCQzOTckIiwiZ2V0VXNlck1lZGlhJDM5NyQwIiwicGFnZS1mcmFtZS1jb3VudCQzOTgkMCIsInBhZ2UtaGFzaC10aW1lJDQwMSQyLjkiLCJwYWdlLWhhc2gkNDAxJDc5NzA1MWU2IiwiZm9udCQ0NjYkMTAwMDAwMCIsInN0eWxlLWhhc2gkNDY3JDhjYjZiMmNjIiwic3R5bGUtdGltZSQ0NjckMS40IiwiYXVkaW8tY29kZWMkNDY4JDIyMjEyIiwidmlkZW8tY29kZWMkNDY4JDIyMjAwMCIsInBlcm1pc3Npb24tbm90aWZpY2F0aW9ucyQ0NzEkZGVuaWVkIiwiY2xvY2skNTA0JDU2MSIsInNvcnQkNTI2JDIxLjgiLCJzdGFjayQ1MjkkMTM5NTciLCJzdGFjay1lcnJvciQ1MjkkUmFuZ2VFcnJvcjogTWF4aW11bSBjYWxsIHN0YWNrIHNpemUgZXhjZWVkZWQiLCJzdGFjay10aW1lJDUyOSQyLjgiLCJ3ZWJnbCQ1ODUkMSIsIndlYmdsMiQ1ODUkMSIsIndlYmdsLXZlbmRvciQ1ODYkSW50ZWwgSW5jLiIsIndlYmdsLXJlbmRlcmVyJDU4NyRJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJ3ZWJnbC1leHRlbnNpb25zJDU4NyQ0NDk1Mzk2NSIsIndlYmdsLXRpbWUkNTg3JDU3LjUiLCJwZXJtaXNzaW9uLWdlb2xvY2F0aW9uJDY0NiRwcm9tcHQiLCJhdWRpb2NvbnRleHQkNjgxJGY3ZTcxMmQ5IiwiYXVkaW9jb250ZXh0LXRpbWUkNjgxJDIwOC40IiwiaW50ZXJzZWN0aW9uLXNpemUkNjgyJDE2MDB4MTIwMCIsImludGVyc2VjdGlvbi1lbnRlciQ2ODIkMHgwIDE2MDB4MTIwMCIsImludGVyc2VjdGlvbiQ2ODIkNjkiLCJhZGJsb2NrJDY4MiQwIiwiZnJhbWVyYXRlJDY5NSQyMCIsInBlcm1pc3Npb24tY2FtZXJhJDEyNDYkcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDEyNDckcHJvbXB0IiwicGVybWlzc2lvbi1wZXJzaXN0ZW50LXN0b3JhZ2UkMTI0NyRwcm9tcHQ~
Requested by
Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:a821 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXEvsXwq1nUT%2Fgq1wfK4SkFW8Q2hLJU1CzIGIN%2BO8irSCcR3VOjcrqtyx5l14ROoIHNz4StHhFajrfILJoIrWYa4y34dwpVIQXh8YAM%2Fq4XWJ9Sn8yTLUBOxvFiFOjz4IZd67VJfqeqz2fShDTFG2unLZw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
77e24a986aaec475-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3743218095734115&correlator=880142176618985&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22600954320%2Cplay2048_co-box-4%2Cplay2048_co-banner-2%2Cplay2048_co-box-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=336x280%7C300x250%7C250x250%7C468x60%2C320x50%7C160x600%7C120x600%7C120x240%7C125x125%2C160x600&fluid=0%2Cheight%2C0&ifi=1&adks=2314797904%2C2603765601%2C3725411308&sfv=1-0-40&prev_scp=a%3D%257C10000%257C%26iid1%3D7320288660590977%26eid%3D7320288660590977%26t%3D134%26d%3D218709%26t1%3D134%26pvc%3D1%26ap%3D1141%26sap%3D1141%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dplay2048_co-box-4-7320288660590977%26eb_br%3De66c30deca31b19eda212eeca1258584%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11307%26asau%3D7867745567%26bv%3D0%26bvm%3D1%26bvr%3D1%26shp%3D1%26ftsn%3D3%26br1%3D24%26br2%3D12%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D84%2C168%2C0%2C4%2C0%2C193%2C88%2C20%2C26%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1428%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C2164%2C774%2C2172%2C2171%2C2689%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C2%257C%26iid1%3D6380001934657579%26eid%3D6380001934657579%26t%3D134%26d%3D218709%26t1%3D134%26pvc%3D1%26ap%3D1138%26sap%3D1138%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D31%26al%3D1031%26compid%3D0%26tap%3Dplay2048_co-banner-2-6380001934657579%26eb_br%3Dfe5b0c99ab7ba15f050582be1301303f%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11307%26asau%3D7867745567%26bv%3D12%26bvm%3D0%26bvr%3D2%26shp%3D2%26ftsn%3D3%26br1%3D46%26br2%3D24%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C168%2C0%2C67%2C0%2C193%2C192%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C2164%2C774%2C2172%2C2171%2C2689%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C3%257C%26iid1%3D6872541050642741%26eid%3D6872541050642741%26t%3D134%26d%3D218709%26t1%3D134%26pvc%3D1%26ap%3D1145%26sap%3D1145%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dplay2048_co-box-1-6872541050642741%26eb_br%3Ddfa60cee6e1053fc0c9e607c8047bd28%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11307%26asau%3D7867745567%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D3%26acptad%3D1%26br1%3D80%26br2%3D38%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C192%2C0%2C168%2C20%2C192%2C192%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2761%2C2763%2C2764%2C2765%2C2164%2C774%2C2172%2C2171%2C2689%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1671811029846&lmt=1661098987&dlt=1671811024863&idt=4054&adxs=550%2C1430%2C10&adys=760%2C291%2C291&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpippaframe.site%2F&frm=20&vis=1&psz=500x315%7C160x-1%7C160x-1&msz=500x0%7C160x-1%7C160x-1&fws=0%2C512%2C512&ohw=0%2C0%2C0&ga_vid=310764543.1671811029&ga_sid=1671811030&ga_hid=1243515249&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fbe16f15a6683220c91a2e61180c71f3c5089ac3db7d7a6850019c43673319d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
672
x-xss-protection
0
google-lineitem-id
-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://pippaframe.site
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8b9497596f8c5b0ad6799d39f0c04ec2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 480F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8b9497596f8c5b0ad6799d39f0c04ec2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pippaframe.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 15:57:10 GMT
expires
Sat, 23 Dec 2023 15:57:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3743218095734115&correlator=2308813102254749&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22600954320%2Cplay2048_co-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&adks=1691072581&sfv=1-0-40&prev_scp=a%3D%257C2%257C%26iid1%3D5716251624587079%26eid%3D5716251624587079%26t%3D134%26d%3D218709%26t1%3D134%26pvc%3D1%26ap%3D1139%26sap%3D1139%26as%3Drevenue%26plat%3D1%26bra%3Dmod1-c%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dplay2048_co-medrectangle-2-5716251624587079%26eb_br%3D57914c3716312cb7e954090f0717ea25%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C10063%2C11307%26asau%3D7867745567%26bv%3D21%26bvm%3D0%26bvr%3D7%26shp%3D1%26ftsn%3D3%26br1%3D260%26br2%3D120%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C206%2C0%2C67%2C0%2C193%2C192%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2526%2C2527%2C2764%2C2765%2C2164%2C774%2C2172%2C2171%2C2689%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1671811030059&lmt=1661098987&dlt=1671811024863&idt=4054&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpippaframe.site%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=310764543.1671811029&ga_sid=1671811030&ga_hid=1243515249&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
109df6c433ca8db661b7892b511360ab8371ef13082bcc0405804561f1ed1181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
572
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://pippaframe.site
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dall.js
go.ezodn.com/hb/ 		236 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/hb/dall.js?b=&cb=195-5-37
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5fc449647f3e112d03582a8ea0e845f4fa90d9942249be04055b4bd5483baf6

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Dec 2022 15:57:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGON7VnzSssmIIum7eiGCB2TfQ2Xo1No60xStczQ9A1nh8%2BurS1Po6rc1XnMB7bR%2FGyX9w37yGP5mA8czbQjUhcFl%2BBTCzhmQdMnoVqZOXK8NEAx25djO%2BGg8VRMXePb0CUX1h3nkXrLseM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
77e24a9baad8c41b-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rules-p-31iz6hfFutd16.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-31iz6hfFutd16.js
  • https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Server
2600:9000:21dd:9600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:18:17 GMT
via
1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2333
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:41:49 GMT
server
AmazonS3
etag
"af15ecfe46737cb2a37226fd060f23a6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
--jmygG_9ZIld4gV3XxiXpKsPzHSLjon8IwLata6fKACL9Y0F2VB8g==

Redirect headers

Date
Fri, 23 Dec 2022 15:57:10 GMT
Via
1.1 ba636ce43f1cebcb0c172b8070a33b14.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
EWR53-C2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
73uualH4kjl_q1I5-GKh1ucCyeI82uZWr6cjP1XgZZiyZOEO_4OOVQ==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
480720b09587576115146f868da9364a94f650e00b513f95a84f46a424eca0f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://pippaframe.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://pippaframe.site
date
Fri, 23 Dec 2022 15:57:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		74 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
487ac086695bed211be6e371cde44484af1315bf65e56437084e4b2c0b5cdafd

Request headers

Referer
http://pippaframe.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://pippaframe.site
date
Fri, 23 Dec 2022 15:57:10 GMT
content-length
74
vary
Origin
content-type
application/json
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-42620757-2&cid=310764543.1671811029&jid=1727750283&gjid=1300997314&_gid=1614395517.1671811029&_u=YEBAAUAAAAAAACAAI~&z=1061199400
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://pippaframe.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 23 Dec 2022 15:57:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://pippaframe.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1134638354;labels=Domain.play2048_co%2CDomainId.218709;rf=0;a=p-31iz6hfFutd16;url=http%3A%2F%2Fpippaframe.site%2F;uht=2;fpan=1;fpa=P0-537863699-1671811030254;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1134638354;labels=Domain.play2048_co%2CDomainId.218709;rf=0;a=p-31iz6hfFutd16;url=http%3A%2F%2Fpippaframe.site%2F;uht=2;fpan=1;fpa=P0-537863699-1671811030254;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;us_privacy=1---;ref=;d=pippaframe.site;dst=0;et=1671811030941;tzo=0;ogl=title.2048%2Csite_name.2048%2Cdescription.Join%20the%20numbers%20and%20get%20to%20the%202048%20tile!%20Careful%3A%20this%20game%20is%20extremely%20addic%2Cimage.http%3A%2F%2Fgabrielecirulli%252Egithub%252Eio%2F2048%2Fmeta%2Fog_image%252Epng;ses=62ea860b-f5c8-4ca5-b46d-e0a431ff3927
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 15:57:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
457.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/457.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
f48e4475a7f454b20229e6a76804195582f63b4b47147455403fd45cdd472247
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://pippaframe.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Dec 2022 15:57:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://pippaframe.site
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
greenoaks.gif
play2048.co/detroitchicago/ 		0
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play2048.co/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4YmE4Njg5OC0xZDg3LTRkNzYtNDc4My1kYzI4ZWNlNWE2NWUiLCJkb21haW5faWQiOiIyMTg3MDkiLCJ0X2Vwb2NoIjoxNjQ5MjQ5ODU0LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOGJhODY4OTgtMWQ4Ny00ZDc2LTQ3ODMtZGMyOGVjZTVhNjVlIiwiZG9tYWluX2lkIjoiMjE4NzA5IiwidF9lcG9jaCI6MTY0OTI0OTg1NCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMTItMjMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4YmE4Njg5OC0xZDg3LTRkNzYtNDc4My1kYzI4ZWNlNWE2NWUiLCJkb21haW5faWQiOiIyMTg3MDkiLCJ0X2Vwb2NoIjoxNjQ5MjQ5ODU0LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4YmE4Njg5OC0xZDg3LTRkNzYtNDc4My1kYzI4ZWNlNWE2NWUiLCJkb21haW5faWQiOiIyMTg3MDkiLCJ0X2Vwb2NoIjoxNjQ5MjQ5ODU0LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhiYTg2ODk4LTFkODctNGQ3Ni00NzgzLWRjMjhlY2U1YTY1ZSIsImRvbWFpbl9pZCI6IjIxODcwOSIsInRfZXBvY2giOjE2NDkyNDk4NTQsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfV0=
Requested by
Host: play2048.co
URL: https://play2048.co/detroitchicago/cmbv2.js?gcb=195-5&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-2y36-23y55-1y59-21&cmbcb=39&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
http://pippaframe.site
x-middleton-display
ezp_sol
date
Fri, 23 Dec 2022 15:57:11 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 22 Dec 2022 15:57:11 GMT
greenoaks.gif
play2048.co/detroitchicago/ 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://play2048.co/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4YmE4Njg5OC0xZDg3LTRkNzYtNDc4My1kYzI4ZWNlNWE2NWUiLCJkb21haW5faWQiOiIyMTg3MDkiLCJ0X2Vwb2NoIjoxNjQ5MjQ5ODU0LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIyMDgifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjMzMiJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMzI4In0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjE0OTYifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIxNDk4In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjYyMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4YmE4Njg5OC0xZDg3LTRkNzYtNDc4My1kYzI4ZWNlNWE2NWUiLCJkb21haW5faWQiOiIyMTg3MDkiLCJ0X2Vwb2NoIjoxNjQ5MjQ5ODU0LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiIxMTI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOGJhODY4OTgtMWQ4Ny00ZDc2LTQ3ODMtZGMyOGVjZTVhNjVlIiwiZG9tYWluX2lkIjoiMjE4NzA5IiwidF9lcG9jaCI6MTY0OTI0OTg1NCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiIxMTI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOGJhODY4OTgtMWQ4Ny00ZDc2LTQ3ODMtZGMyOGVjZTVhNjVlIiwiZG9tYWluX2lkIjoiMjE4NzA5IiwidF9lcG9jaCI6MTY0OTI0OTg1NCwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZWZmZWN0aXZlX3R5cGUiLCJ2YWwiOiI0ZyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhiYTg2ODk4LTFkODctNGQ3Ni00NzgzLWRjMjhlY2U1YTY1ZSIsImRvbWFpbl9pZCI6IjIxODcwOSIsInRfZXBvY2giOjE2NDkyNDk4NTQsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2Rvd25saW5rIiwidmFsIjoiMTAifV19XQ==
Requested by
Host: play2048.co
URL: https://play2048.co/detroitchicago/cmbv2.js?gcb=195-5&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-2y36-23y55-1y59-21&cmbcb=39&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
http://pippaframe.site
x-middleton-display
ezp_sol
date
Fri, 23 Dec 2022 15:57:14 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 22 Dec 2022 15:57:14 GMT
greenoaks.gif
play2048.co/detroitchicago/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play2048.co/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4YmE4Njg5OC0xZDg3LTRkNzYtNDc4My1kYzI4ZWNlNWE2NWUiLCJkb21haW5faWQiOiIyMTg3MDkiLCJ0X2Vwb2NoIjoxNjQ5MjQ5ODU0LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOGJhODY4OTgtMWQ4Ny00ZDc2LTQ3ODMtZGMyOGVjZTVhNjVlIiwiZG9tYWluX2lkIjoiMjE4NzA5IiwidF9lcG9jaCI6MTY0OTI0OTg1NCwiZGF0YSI6W3sibmFtZSI6ImlzX2FkX2Jsb2NrZWQiLCJ2YWwiOiJmYWxzZSJ9XX1d
Requested by
Host: play2048.co
URL: https://play2048.co/detroitchicago/cmbv2.js?gcb=195-5&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-2y36-23y55-1y59-21&cmbcb=39&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
http://pippaframe.site
x-middleton-display
ezp_sol
date
Fri, 23 Dec 2022 15:57:11 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 22 Dec 2022 15:57:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28d1f90a7e8a781528ba4125e74cba711c96b2aa1aa3b06c40df1899a66832db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11043
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 15:57:13 GMT
9.gif
id5-sync.com/c/457/434/0/
Redirect Chain
  • https://id5-sync.com/i/457/8.gif?id5id=ID5*vj6OC9k2558qiFynwsPQKCilcSmTIT3PYoHhrWYl7tIxJTtvsrRYKbr5nM1X8RZ0&o=api&gdpr_consent=undefined&gdpr=false
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F796%2F7%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/457/796/7/2.gif?puid=f54cf5b9-6347-4bff-ac43-8dc7b46e2ed2&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=a8fc6e5f-265f-48d6-8565-4653094efe91&ttl=%%TTL%%
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-16d9Vj4NraWAtpVNyzoap62bGxwp1_3tiQuf6S0E4A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F3%2F5%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/457/3/5/4.gif?puid=fd5f63a5-cfda-4900-8ec0-250147381dbd&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=a8fc6e5f-265f-48d6-8565-4653094efe91&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F1245%2F4%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://ce.lijit.com/merge?pid=27&3pid=a8fc6e5f-265f-48d6-8565-4653094efe91&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F1245%2F4%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/457/1245/4/5.gif?puid=F3WdERZHfTdWPAJQRgqEN3i6&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
  • https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AACyy07HS6AAACR0YFkXaQ
  • https://ce.lijit.com/merge?pid=85&3pid=AACyy07HS6AAACR0YFkXaQ&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F1241%2F2%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/457/1241/2/7.gif?puid=F3WdERZHfTdWPAJQRgqEN3i6&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F429%2F1%2F8.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0&rdf=1
  • https://id5-sync.com/c/457/429/1/8.gif?puid=B726CBBA-43A1-4DC3-AC7F-CCD8B5C18F88&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F457%2F434%2F0%2F9.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/457/434/0/9.gif?puid=d3708463-5a54-4d00-8505-24d7a51a7deb&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/457/434/0/9.gif?puid=d3708463-5a54-4d00-8505-24d7a51a7deb&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 23 Dec 2022 15:57:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Fri, 23 Dec 2022 15:57:16 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-185
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://id5-sync.com/c/457/434/0/9.gif?puid=d3708463-5a54-4d00-8505-24d7a51a7deb&gdpr=0&gdpr_consent=
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 632C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://pippaframe.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
65679
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 21:42:35 GMT
expires
Fri, 22 Dec 2023 21:42:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F35F 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Se6Ul_aI795cy0rAl3lvyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://pippaframe.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-Se6Ul_aI795cy0rAl3lvyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 15:57:14 GMT
expires
Fri, 23 Dec 2022 15:57:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
lcpel.go
play2048.co/cheetah/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play2048.co/cheetah/lcpel.go
Requested by
Host: pippaframe.site
URL: http://pippaframe.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash

Request headers

Referer
http://pippaframe.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Dec 2022 15:57:13 GMT
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://pippaframe.site
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Thu, 22 Dec 2022 15:57:13 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fplay2048.co%2F&domain=pippaframe.site&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=T45zunxselcyaDNxMGREbS96NFAyL29iRTZDQnlZeGRZSy8yZTNQeUtCaExBRFBRaUNNR0FKUTV3NElZRFZ1ZndIcm90OUZLYU56ZDFCYU5Sa1FzZ01TZThMVXBCZXpFczhXdjVsYXUvaHQ4NXVoTWFBMDkyTnZhdWZzM0...
357 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=T45zunxselcyaDNxMGREbS96NFAyL29iRTZDQnlZeGRZSy8yZTNQeUtCaExBRFBRaUNNR0FKUTV3NElZRFZ1ZndIcm90OUZLYU56ZDFCYU5Sa1FzZ01TZThMVXBCZXpFczhXdjVsYXUvaHQ4NXVoTWFBMDkyTnZhdWZzM0RmVit4bW83T1FSZS9TVHEvQlN1SHNzcWIxbkUrMWJ5MnNvS2dESXBReDY5MSt2TWlVaVU4WkkybVR1b1gxVkUwRlBxSEQ3RnFtZDVoUjBtY2QydG1KOW9aWHlRSkFXaUh6N0tzcXkyYWdRNCtiNmNyUjNucmlEZkhzajRoRy9vRjVrSjcybmY0fA&cppv=2
Protocol
H2
Server
74.119.119.139 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 15:57:14 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
675861
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Dec 2022 15:57:14 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=T45zunxselcyaDNxMGREbS96NFAyL29iRTZDQnlZeGRZSy8yZTNQeUtCaExBRFBRaUNNR0FKUTV3NElZRFZ1ZndIcm90OUZLYU56ZDFCYU5Sa1FzZ01TZThMVXBCZXpFczhXdjVsYXUvaHQ4NXVoTWFBMDkyTnZhdWZzM0RmVit4bW83T1FSZS9TVHEvQlN1SHNzcWIxbkUrMWJ5MnNvS2dESXBReDY5MSt2TWlVaVU4WkkybVR1b1gxVkUwRlBxSEQ3RnFtZDVoUjBtY2QydG1KOW9aWHlRSkFXaUh6N0tzcXkyYWdRNCtiNmNyUjNucmlEZkhzajRoRy9vRjVrSjcybmY0fA&cppv=2
access-control-allow-origin
http://pippaframe.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
646375
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=&cb=195-5-37
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://pippaframe.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://pippaframe.site
date
Fri, 23 Dec 2022 15:57:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fplay2048.co%2F&domain=pippaframe.site&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://pippaframe.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://pippaframe.site
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 23 Dec 2022 15:57:13 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
545946
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=&cb=195-5-37
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://pippaframe.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://pippaframe.site
date
Fri, 23 Dec 2022 15:57:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=T45zunxselcyaDNxMGREbS96NFAyL29iRTZDQnlZeGRZSy8yZTNQeUtCaExBRFBRaUNNR0FKUTV3NElZRFZ1ZndIcm90OUZLYU56ZDFCYU5Sa1FzZ01TZThMVXBCZXpFczhXdjVsYXUvaHQ4NXVoTWFBMDkyTnZhdWZzM0RmVit4bW83T1FSZS9TVHEvQlN1SHNzcWIxbkUrMWJ5MnNvS2dESXBReDY5MSt2TWlVaVU4WkkybVR1b1gxVkUwRlBxSEQ3RnFtZDVoUjBtY2QydG1KOW9aWHlRSkFXaUh6N0tzcXkyYWdRNCtiNmNyUjNucmlEZkhzajRoRy9vRjVrSjcybmY0fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 23 Dec 2022 15:57:14 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
337589
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
457.json
id5-sync.com/g/v2/ 		455 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/457.json
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=&cb=195-5-37
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://pippaframe.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Dec 2022 15:57:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://pippaframe.site
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/pagead/ Frame F35F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=3743218095734115&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 632C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 14:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Dec 2023 14:39:30 GMT
generate_204
tpc.googlesyndication.com/ Frame 632C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OEwx3Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 15:57:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=3743218095734115&bg=!wcKlwobNAAYgquz3AKo7ACkAdvg8Wo82cFKKuLJjWntwcGs61Nf-hqniCg1wJwlinsq400qKmEo9PQIAAAI0UgAAAARoAQeZAt--ZAZhWBYqTWF0wsF2YNazBGgQ1gF9Ag4oe6ynqTpYe2HUm-enMkSPnaaOMfj5OXUhfTrRzrh6q1q_XEyTRd2fSS5j5wwK2ELRBg02CXD5cbOOGN1e7ydntm3yY24piOzJDq4-A57T-1MZPnnZoAsFVpzoBmDihWI7C2iwIO7dwTS1DghW995IA5KnFAOrA1Yqgakkq3vWpKFzaGSCeojZtUfF43pyVCshpwjIABj8Ya3OBM2WhaRbEzMQLSLaD7NBGmSFYxwKFIMcur7I0TG1JyzoOEkRF2U__xC4Cgdoluv6KLGu8bV_92zCe9p57TMqZzos-jVoE304mT9FofIdOpuMgLHjGEoY9guW1Cj_7thI9qjG6gWMP4aoao53XnCHkZ79Uncel56S7a_whrqThYU9Z00-kHNRZ3AgjYEXJTKZPxlYqNmvIdlJ-eKvfOXw0ux4PJEE_TdjKrMGz5iYbnpS_D0rGtC6mM70KMs1TGasDtBtOJVtrNaRJ16A5Mq-pfk5JbRK3uPEhPwPGkIRpyq19Za47KWuvHWADQKaJaIGgyDsuvcxtnDNL2VhMqaeeiCMa7qrWd9pm1dkBgGnxK5S9hJJGn0OztyeYdn2KJ442HliCE9u-PFlhBkpPL6jdy6Au3FHVuI8IqeifwGWmqt2GsmTrtXYWNJ-IdhZkJb3NsorDxWHraWyA2z_2beoCR_FHMiDdXDI4UrKlzGSAxleiIV_zIc00R6LVi08OEuB_2Vv1SBFrS-STt3rX9X7AMsQyEtYpyXJZCsYjFTSigyIyuCEMK4mVDN9l9T8XNuh-eBRZCS-zI4AdexkDL4VWDy9dxkEH3hRaXdoQld9-mX4dmQHFGp4Df-9HWn6sllSpMCu4xlC0M9P5ZWipeMalys78tP3blfSXblB8QCs4G9usI3YqOIbsdPhKgCFKzjDWhlux8GGcd0iD9BcJMqenX3-D-qS6d1pdwlJ1bM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
greenoaks.gif
play2048.co/detroitchicago/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play2048.co/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4YmE4Njg5OC0xZDg3LTRkNzYtNDc4My1kYzI4ZWNlNWE2NWUiLCJkb21haW5faWQiOiIyMTg3MDkiLCJ0X2Vwb2NoIjoxNjQ5MjQ5ODU0LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjE5MjAwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIzIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjI1NzUyMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiMyJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiMjgwMTYwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIxNzUxIn1dfV0=
Requested by
Host: play2048.co
URL: https://play2048.co/detroitchicago/cmbv2.js?gcb=195-5&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1d-1y20-2y1f-5y21-3y2d-2y36-23y55-1y59-21&cmbcb=39&sj=x04x02x06x07x19x0bx0dx13x17x1cx1dx20x1fx21x2dx36x55x59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.86.133.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-133-10.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pippaframe.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
http://pippaframe.site
x-middleton-display
ezp_sol
date
Fri, 23 Dec 2022 15:57:16 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 22 Dec 2022 15:57:16 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Domain/Path Name / Value
pippaframe.site/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
pippaframe.site/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
.pippaframe.site/ Name: _ga
Value: GA1.2.310764543.1671811029
.pippaframe.site/ Name: _gid
Value: GA1.2.1614395517.1671811029
.pippaframe.site/ Name: _gat_gtag_UA_42620757_2
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.pippaframe.site/ Name: __gads
Value: ID=727c902ce0b92086:T=1671811030:S=ALNI_MbgeqrEUFhxIW0nSh6tIBlAs8Snsw
.pippaframe.site/ Name: __gpi
Value: UID=000008e2dee3a425:T=1671811030:RT=1671811030:S=ALNI_MbfF2-joTQz8VDYARx6S3i-WkIHFQ
pippaframe.site/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.quantserve.com/ Name: mc
Value: 63a5cfd7-1c1a8-b78a0-d83ea
.pippaframe.site/ Name: __qca
Value: P0-537863699-1671811030254
pippaframe.site/ Name: ezux_lpl_218709
Value: 1671811031389|8ba86898-1d87-4d76-4783-dc28ece5a65e|false
.id5-sync.com/ Name: callback
Value:
.ipredictive.com/ Name: cu
Value: f54cf5b9-6347-4bff-ac43-8dc7b46e2ed2|1671811032130
.adsrvr.org/ Name: TDID
Value: a8fc6e5f-265f-48d6-8565-4653094efe91
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjst4XfosKyOxAFOAE.
.mathtag.com/ Name: uuid
Value: fd5f63a5-cfda-4900-8ec0-250147381dbd
.id5-sync.com/ Name: id5
Value: 91d96a51-a676-7ec7-932d-42045ed9f9d9#1671811031830#3
.pippaframe.site/ Name: cto_bundle
Value: eexNXl9OdndsVmV6d3RKa0d5Z29zTk1aUmVSZ2w4QWRrbFpGdVM4TFdNM2RQTWVQekxNeHI1NGZrQzlRNXRRbjNrR0Y3WUZsRWVQVjJkWThFWGRCNWQlMkZCJTJGaE56Nm8xMTFkbEhreDlQYmhHOGp0b1FHZEdmMkNBZXpKeU9iSm91TWd2Z2M
.pippaframe.site/ Name: cto_bidid
Value: zRdw219EckRZaDF1bHV2UVFjVmNKMXdRQVVKdCUyRmtzOXR5bFRQbGMwc3BtRzNHV2k2JTJGNkdyZk11emx6amRJemN2NVNOU0NVd0xnTjBKU0YlMkZNWnVVZWI4WU40USUzRCUzRA
pippaframe.site/ Name: id5id.1st
Value: %7B%22created_at%22%3A%222022-12-23T15%3A57%3A11.83Z%22%2C%22id5_consent%22%3Atrue%2C%22original_uid%22%3A%22ID5*EY_qbuEADNOzgDf4dlN6TeTzeVV4rdMDaqJJPfbHXvcxJX6iR5QRLXtK92qtuM5u%22%2C%22universal_uid%22%3A%22ID5*07scgLSzdRRHDc4sr0ZCo0Ug46L-pK9EDwRzJgugfFkxJZDZmflvpXKrhcn8t53H%22%2C%22signature%22%3A%22ID5_AhHWziIKXW4bAC8AzXmlhAOHAdEB6TFAreCadeTBmMO0CNzizKKeTQf2W7wVYmwk-oi_62KzNH3kuhy1RzQPWSvXYCWK%22%2C%22link_type%22%3A2%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22other%22%2C%22id5_consent%22%3Atrue%7D%7D
pippaframe.site/ Name: id5id.1st_last
Value: Fri%2C%2023%20Dec%202022%2015%3A57%3A15%20GMT
.lijit.com/ Name: ljt_reader
Value: F3WdERZHfTdWPAJQRgqEN3i6
.lijit.com/ Name: _ljtrtb_27
Value: a8fc6e5f-265f-48d6-8565-4653094efe91
.bidr.io/ Name: bito
Value: AACyy07HS6AAACR0YFkXaQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.lijit.com/ Name: ljtrtb
Value: eJyrVjIyV7JSSrRISzZLNU3TNTIDEiYWKWa6FqZmpromZqbGBpYmqWmploZKtQAEggta
.lijit.com/ Name: _ljtrtb_85
Value: AACyy07HS6AAACR0YFkXaQ
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B726CBBA-43A1-4DC3-AC7F-CCD8B5C18F88
.go.sonobi.com/ Name: __uis
Value: d3708463-5a54-4d00-8505-24d7a51a7deb
.go.sonobi.com/ Name: HAPLB8S
Value: s85185|Y6XP3
.id5-sync.com/ Name: 3pi
Value: 434#1671811036293#-467840249|3#1671811034694#241912780#fd5f63a5-cfda-4900-8ec0-250147381dbd|264#1671811032396#284374794#a8fc6e5f-265f-48d6-8565-4653094efe91|1241#1671811035789#587693289|155#1671811035607#-486134901#AACyy07HS6AAACR0YFkXaQ|796#1671811032197#-2003062285|1245#1671811035343#587693289|429#1671811035998#1079463994#B726CBBA-43A1-4DC3-AC7F-CCD8B5C18F88

27 Console Messages

Source Level URL
Text
rendering warning URL: http://pippaframe.site/(Line 129)
Message:
The value "160dpi" for key "target-densitydpi" was truncated to its numeric prefix.
rendering warning URL: http://pippaframe.site/(Line 129)
Message:
The key "target-densitydpi" is not supported.
network error URL: http://pippaframe.site/dist/index.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://pippaframe.site/style/main.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://pippaframe.site/style/fonts/clear-sans.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://pippaframe.site/style/fonts/ClearSans-Regular-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://pippaframe.site/style/fonts/ClearSans-Bold-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://pippaframe.site/porpoiseant/banger.js?cb=195-5&bv=108&v=57&PageSpeed=off
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: http://pippaframe.site/
Message:
The resource https://play2048.co/style/fonts/clear-sans.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource http://go.ezodn.com/hb/dall.js?b=&cb=195-5-37 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource http://pippaframe.site/style/fonts/ClearSans-Regular-webfont.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource https://play2048.co/style/fonts/ClearSans-Bold-webfont.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource http://pippaframe.site/style/fonts/ClearSans-Bold-webfont.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource http://pippaframe.site/style/main.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource https://play2048.co/style/fonts/ClearSans-Regular-webfont.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource https://play2048.co/style/main.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource http://pippaframe.site/style/fonts/clear-sans.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource http://pippaframe.site/dist/index.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource https://play2048.co/style/fonts/clear-sans.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource http://go.ezodn.com/hb/dall.js?b=&cb=195-5-37 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource http://pippaframe.site/style/fonts/ClearSans-Regular-webfont.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource https://play2048.co/style/fonts/ClearSans-Bold-webfont.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource http://pippaframe.site/style/fonts/ClearSans-Bold-webfont.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource http://pippaframe.site/style/main.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource https://play2048.co/style/fonts/ClearSans-Regular-webfont.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource https://play2048.co/style/main.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://pippaframe.site/
Message:
The resource http://pippaframe.site/style/fonts/clear-sans.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8b9497596f8c5b0ad6799d39f0c04ec2.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
adservice.google.com
api.fouanalytics.com
btloader.com
c.amazon-adsystem.com
cdn.id5-sync.com
ce.lijit.com
edge.quantserve.com
go.ezodn.com
go.ezoic.net
gum.criteo.com
id5-sync.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
pagead2.googlesyndication.com
pippaframe.site
pixel.quantserve.com
play2048.co
rules.quantcount.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.paypalobjects.com
104.36.115.113
108.139.50.211
13.35.101.24
141.95.98.64
15.197.193.217
151.101.194.133
162.144.14.33
162.19.138.117
2001:41d0:701:1000::96f
209.191.163.210
2600:9000:21dd:9600:6:44e3:f8c0:93a1
2600:9000:21dd:fc00:6:44e3:f8c0:93a1
2600:9000:2510:dc00:2:cb38:840:93a1
2606:4700:10::6816:3556
2606:4700:20::ac43:4686
2606:4700:e4::ac40:a821
2606:4700:e6::ac40:ca05
2606:4700:e6::ac40:cb05
2607:f8b0:4004:c08::9d
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2008
2607:f8b0:4006:80a::200e
2607:f8b0:4006:80b::2004
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:822::2002
2620:100:a001::c
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:116:800b:21:f059:4f7e:28a9:1588
34.204.163.217
34.233.108.47
52.86.133.10
69.166.1.10
74.119.119.139
74.121.140.14
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0743c1f900776fbc658d2c5115123a7ae1ba5fb23ed5d759804c029cd5c6425f
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
109df6c433ca8db661b7892b511360ab8371ef13082bcc0405804561f1ed1181
16596639aaf7c7f4ca870a71f5083ced88e25000ad6da72f9dfd69cd9ba080cf
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
28d1f90a7e8a781528ba4125e74cba711c96b2aa1aa3b06c40df1899a66832db
290cd873fad51c8af7d59545b2507277c6e63404183d9cf2e43696768dd1fb6f
2db364591994c4fb2da18489bf8d4547fac6f633bcea1169e7c68519b47109ff
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
4519fe034201cde5e41e3c91f141eb7b8487073c9739c6d68c39b765ba52f067
4607719e4358074067b6f0eb236c54679dd0cdc166091bb0bde0ed9d5cb55a89
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
480720b09587576115146f868da9364a94f650e00b513f95a84f46a424eca0f0
487ac086695bed211be6e371cde44484af1315bf65e56437084e4b2c0b5cdafd
5deb0ab2a11739a6ff26e05ca87c57bad1d3159a2b6f058fa75c1265ddd40cba
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63521ee4dd7f5f42d2474dd5eefb3793739674c81a5d508f9be216688d3ff0e0
6a9f3c83892833387d92f857563b6f3cfdee0277cbc648a932a2718e000e9e42
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fbe16f15a6683220c91a2e61180c71f3c5089ac3db7d7a6850019c43673319d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7f30f101e9c54f1f2ea28ee28eb181bce3461165b595631b212b5cd63d054dda
8a22eb57594c8ae9cda85eea283246ef0acf4e1ebee49ce2cabff2969c9e5951
8c94cd2fdc93f5a86f1761c0ce14bb695f20e16dc1a585ccad7f0289bd3dbc76
99590cf2d4be0ce982d1178d9f2877619670c4ecccd4dfd89fb50544a6b5a148
9a949a8bd438328185a17d9cb2250e8644f4dbfcfba00d88d6898bbed1dd412f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b16e36cc53aa72023c67ab31c38290de77905dd2285f331189b2236100b8f849
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cda3688d66efcd9227d4bdc04472b134e614d6609c362875370ba4fb52104a2a
d76428a7b34b4a9fe1b49a89ce3b6303efe18eaf7215b6370118a70590234d26
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e25edc55897dbee0133c37fddba6252d01cc71ab93bc60cb6353f0f17a1b8772
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fc449647f3e112d03582a8ea0e845f4fa90d9942249be04055b4bd5483baf6
e9e81efc856f66a33ff45c199b47b90901d3257c7fad177816870c892e7acc1a
f48e4475a7f454b20229e6a76804195582f63b4b47147455403fd45cdd472247