mar4w.dubznetwork.com Open in urlscan Pro
172.67.148.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
Submission: On March 28 via manual (March 28th 2023, 5:34:14 am UTC) from AU — Scanned from AU

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 16 domains to perform 41 HTTP transactions. The main IP is 172.67.148.50, located in United States and belongs to CLOUDFLARENET, US. The main domain is mar4w.dubznetwork.com.

This is the only time mar4w.dubznetwork.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.67.148.50 172.67.148.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.130.95 74.125.130.95	15169 (GOOGLE) (GOOGLE)
1	104.16.88.20 104.16.88.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.139.233 172.67.139.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.251.12.157 142.251.12.157	15169 (GOOGLE) (GOOGLE)
3	142.251.12.154 142.251.12.154	15169 (GOOGLE) (GOOGLE)
2	142.251.10.101 142.251.10.101	15169 (GOOGLE) (GOOGLE)
3	172.217.194.95 172.217.194.95	15169 (GOOGLE) (GOOGLE)
1 1	13.226.122.11 13.226.122.11	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.114 151.101.2.114	54113 (FASTLY) (FASTLY)
1	172.217.194.148 172.217.194.148	15169 (GOOGLE) (GOOGLE)
1	172.217.194.156 172.217.194.156	15169 (GOOGLE) (GOOGLE)
1	104.21.13.2 104.21.13.2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
3	74.125.200.157 74.125.200.157	15169 (GOOGLE) (GOOGLE)
3	142.251.10.157 142.251.10.157	15169 (GOOGLE) (GOOGLE)
5	74.125.130.156 74.125.130.156	15169 (GOOGLE) (GOOGLE)
1	74.125.152.7 74.125.152.7	15169 (GOOGLE) (GOOGLE)
2	142.251.12.132 142.251.12.132	15169 (GOOGLE) (GOOGLE)
1	74.125.68.91 74.125.68.91	() ()
41	20

2 172.67.148.50 (United States)

ASN13335 (CLOUDFLARENET, US)

mar4w.dubznetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.130.95 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f95.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.139.233 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.157 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f101.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.122.11 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-122-11.hkg62.r.cloudfront.net

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.114 (United States)

ASN54113 (FASTLY, US)

videos-fms.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.148 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f148.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.13.2 (None, )

ASN13335 (CLOUDFLARENET, US)

mahimeta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.200.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f157.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.130.156 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.152.7 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s13-in-f7.1e100.net

rr2---sn-ntqe6nes.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.91 (None, )

ASN- ()

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 pubads.g.doubleclick.net — Cisco Umbrella Rank: 455 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	175 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	25 KB
5	gstatic.com csi.gstatic.com	450 B
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 309 imasdk.googleapis.com — Cisco Umbrella Rank: 465	381 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	17 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 36979	2 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 783	30 KB
2	dubznetwork.com mar4w.dubznetwork.com	15 KB
1	youtube.com www.youtube.com
1	googlevideo.com rr2---sn-ntqe6nes.googlevideo.com
1	mahimeta.com mahimeta.com — Cisco Umbrella Rank: 326190	1 KB
1	google.com adservice.google.com — Cisco Umbrella Rank: 68	456 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 283	17 KB
1	jwpsrv.com videos-fms.jwpsrv.com — Cisco Umbrella Rank: 5064
1	jwplayer.com 1 redirects cdn.jwplayer.com — Cisco Umbrella Rank: 2608	409 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 334	139 KB
41	16

	Domain	Requested by
5	googleads.g.doubleclick.net
5	csi.gstatic.com	imasdk.googleapis.com
4	securepubads.g.doubleclick.net	1 redirects mar4w.dubznetwork.com securepubads.g.doubleclick.net
3	pagead2.googlesyndication.com	imasdk.googleapis.com tpc.googlesyndication.com
3	pubads.g.doubleclick.net	imasdk.googleapis.com
3	imasdk.googleapis.com	mar4w.dubznetwork.com imasdk.googleapis.com
2	tpc.googlesyndication.com	imasdk.googleapis.com tpc.googlesyndication.com
2	www.google-analytics.com	mar4w.dubznetwork.com
2	player.adtcdn.com	mar4w.dubznetwork.com
2	maxcdn.bootstrapcdn.com	mar4w.dubznetwork.com
2	mar4w.dubznetwork.com	mar4w.dubznetwork.com
1	www.youtube.com
1	rr2---sn-ntqe6nes.googlevideo.com
1	mahimeta.com	imasdk.googleapis.com
1	adservice.google.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	videos-fms.jwpsrv.com	mar4w.dubznetwork.com
1	cdn.jwplayer.com	1 redirects
1	cdn.jsdelivr.net	mar4w.dubznetwork.com
1	ajax.googleapis.com	mar4w.dubznetwork.com
41	20

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-03-21` - `2023-05-30`	2 months	crt.sh

This page contains 3 frames:

Primary Page: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
Frame ID: 583B44AA40318733ABFD51D0DE32BB33
Requests: 19 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.565.0_en.html
Frame ID: 7570D91FA649DDA9FB7766804A9C2CE1
Requests: 20 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: C76CD0B038598E647DC6730807089062
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

41
Requests

63 %
HTTPS

0 %
IPv6

16
Domains

20
Subdomains

20
IPs

2
Countries

802 kB
Transfer

16060 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js HTTP 307
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Request Chain 6

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 302
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 8

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 10

https://cdn.jwplayer.com/videos/3PDoW5km-vuhTeads.mp4 HTTP 302
https://videos-fms.jwpsrv.com/6422a681_0x31f853c319a6d69d39503df55b724f22c91bdc32/content/conversions/pLhE9KGt/videos/LmEPJ2BC-31852320.mp4

Request Chain 11

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=577724795&utmhn=mar4w.dubznetwork.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=299941521&utmr=-&utmp=%2Fsticky.html%3Fautoplay%3D1%26loop%3D1%26autopause%3D0%26muted%3D1&utmht=1679981649021&utmac=UA-124289831-4&utmcc=__utma%3D102447517.629964354.1679981649.1679981649.1679981649.1%3B%2B__utmz%3D102447517.1679981649.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=237617777&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=577724795&utmhn=mar4w.dubznetwork.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=299941521&utmr=-&utmp=%2Fsticky.html%3Fautoplay%3D1%26loop%3D1%26autopause%3D0%26muted%3D1&utmht=1679981649021&utmac=UA-124289831-4&utmcc=__utma%3D102447517.629964354.1679981649.1679981649.1679981649.1%3B%2B__utmz%3D102447517.1679981649.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=237617777&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request sticky.html Show response
mar4w.dubznetwork.com/ 6 KB
3 KB 1211ms
727ms Document
text/html 172.67.148.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1

Protocol

HTTP/1.1

Server

172.67.148.50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc2fde0634105634de74d0dbb49db6958786dae86aeb98bc65c329bbf907a8fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7aed808b7b4ea95f-SYD
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 28 Mar 2023 05:34:07 GMT
GreyDedi: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Referrer-Policy: no-referrer-when-downgrade
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmU7BWoW6qyebLCzyR07Dg92SOGVTqozsus0Fnr3tOxIs%2F%2BM4AbkPEAS0GQ739i8F0q9sKr7BdLU8j3x%2B5%2BajcxV6dXHWmeeXtVtry%2Ffbnm36SKS6xnBXkB7jbcaeDbrola7PhFO7as%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 115 KB
19 KB 326ms
118ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: mar4w.dubznetwork.com
URL: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:34:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 495
age: 30785836
cdn-cachedat: 10/08/2021 02:25:03
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 104056a48772bac099fac16aea943270
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7aed80915faca7f9-SYD
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 585ms
195ms Script
text/javascript 74.125.130.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: mar4w.dubznetwork.com
URL: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.95 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f95.1e100.net

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Mar 2023 19:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Mar 2024 19:38:46 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 35 KB
10 KB 318ms
110ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js

Requested by

Host: mar4w.dubznetwork.com
URL: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:34:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 470
age: 30785836
cdn-cachedat: 10/13/2021 02:10:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0f413dd3c4e05168221d7f8a7bc246fd
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7aed80915faea7f9-SYD
cdn-requestpullsuccess: True

GET
H2

200

clappr.min.js Show response
cdn.jsdelivr.net/npm/clappr@latest/dist/
Redirect Chain

http://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

513 KB
139 KB

343ms
133ms

Script
application/javascript

104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js

Requested by

Host: mar4w.dubznetwork.com
URL: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1

Protocol

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:34:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 23720
x-jsd-version: 0.3.13
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA, cache-yyz4537-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKXZ7aNjpL2LTd3xySwn1FNdRskai%2Fx9eUUXpaq%2FSpOhZUZaYg8BryEn%2FYLdvGSzgwX4bGjYiq8glQKdjsNlfLJKnBvLD96dnyGi8qXg%2BZ9%2FOsCDsg3I0XT2z%2FviJqnsNNI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7aed80917edda965-SYD

Redirect headers

Location: https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK clappr-google-ima-html5-preroll-plugin.js Show response
mar4w.dubznetwork.com/vastad/ 45 KB
12 KB 111ms
110ms Script
application/javascript 172.67.148.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mar4w.dubznetwork.com/vastad/clappr-google-ima-html5-preroll-plugin.js?ver=1.1
Requested by: Host: mar4w.dubznetwork.com
URL: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
Protocol: HTTP/1.1
Server: 172.67.148.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0b0201debec1dd78fc17efda38e321609deb24f05b57d422a679ec8f790ceac

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 05:34:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 38347
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 15 May 2021 08:30:23 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2F1X9JgLKNucuui4UrJridQxToXjIBpyOayxRmf8y%2Ft3qOFus1tVFfwWL7twINrlcamTVeW2ELTivNuxT4%2FyaGktIeIStJHo2moBwsIozqztVy%2Bz%2FmOZBMyal%2FMyNb676MT1KTZ%2FsUM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: public, max-age=86400
x-turbo-charged-by: LiteSpeed
CF-RAY: 7aed809019a6a95f-SYD
expires: Mon, 03 Apr 2023 17:55:18 GMT

GET
H/1.1 200
OK hb_323303_10722.js Show response
player.adtcdn.com/prebidlink/466661/ 1 B
783 B 234ms
118ms Script
application/javascript 172.67.139.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://player.adtcdn.com/prebidlink/466661/hb_323303_10722.js
Requested by: Host: mar4w.dubznetwork.com
URL: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
Protocol: HTTP/1.1
Server: 172.67.139.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 05:34:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 773
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1
Last-Modified: Mon, 27 Mar 2023 12:48:11 GMT
Server: cloudflare
ETag: "6421908b-1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeKuglWzCDktG6av05oG8lw4V7tjjFFnAxmx42DVISg4CXiA3CDllOGicWvAujoofLCWaeQf2i7azqTa%2FBIBJdkUxSmAuQt6CY1x36psX9beyQGrnqLsUlI8Tj70xfwhapxpKA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
Accept-Ranges: bytes
CF-RAY: 7aed809619b9dfab-SYD
Expires: Tue, 28 Mar 2023 05:36:15 GMT

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

79 KB
26 KB

607ms
210ms

Script
text/javascript

142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mar4w.dubznetwork.com
URL: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1

Protocol

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

5460ea65423413a045deeecfc78a86efbd5e31c97269970fcc8764fea751a6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25917
x-xss-protection: 0
server: cafe
etag: 745 / 19444 / 31073371 / config-hash: 9982139876318747483
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 05:34:09 GMT

Redirect headers

Date: Tue, 28 Mar 2023 05:34:08 GMT
X-Content-Type-Options: nosniff
Server: cafe
Vary: Accept-Encoding
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Tue, 28 Mar 2023 05:34:08 GMT

GET
H/1.1 200
OK wrapper_hb_323303_10722.js Show response
player.adtcdn.com/prebidlink/466661/ 127 B
930 B 670ms
555ms Script
application/javascript 172.67.139.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://player.adtcdn.com/prebidlink/466661/wrapper_hb_323303_10722.js
Requested by: Host: mar4w.dubznetwork.com
URL: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
Protocol: HTTP/1.1
Server: 172.67.139.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ea995481d7dfddb5307f94aedabe955e8bdd9ba40b925007532997185cd35c6

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 05:34:08 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Mon, 27 Mar 2023 12:48:11 GMT
Server: cloudflare
ETag: W/"6421908b-7f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sirLcWwWa%2Bc1kkevh7uEph3EgfML0keZfurq3gyKmhTZ3sOItHfhk960iT4aaCLrYOof625VTezq%2FWmjn4%2Bw2ut6EE0n2Xsr0UaOkuUYIj%2FgrG5WuCKdbZRdnu2AOaWJVPnDFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=345600
CF-RAY: 7aed80961fa9aaf5-SYD
Expires: Tue, 28 Mar 2023 05:49:08 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

585ms
194ms

Script
text/javascript

142.251.10.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: mar4w.dubznetwork.com
URL: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1

Protocol

Server

142.251.10.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 03:41:41 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6747
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 28 Mar 2023 05:41:41 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 586ms
196ms Script
text/javascript 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: mar4w.dubznetwork.com
URL: http://mar4w.dubznetwork.com/vastad/clappr-google-ima-html5-preroll-plugin.js?ver=1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

sffe /

Resource Hash

81213f215c5c386c13ce408768284d753696c19697e34e4c31a9fe95a56b0557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123080
x-xss-protection: 0
expires: Tue, 28 Mar 2023 05:34:08 GMT

GET
H2

206

LmEPJ2BC-31852320.mp4
videos-fms.jwpsrv.com/6422a681_0x31f853c319a6d69d39503df55b724f22c91bdc32/content/conversions/pLhE9KGt/videos/
Redirect Chain

https://cdn.jwplayer.com/videos/3PDoW5km-vuhTeads.mp4
https://videos-fms.jwpsrv.com/6422a681_0x31f853c319a6d69d39503df55b724f22c91bdc32/content/conversions/pLhE9KGt/videos/LmEPJ2BC-31852320.mp4

10 MB
0

312ms
102ms

Media
video/mp4

151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://videos-fms.jwpsrv.com/6422a681_0x31f853c319a6d69d39503df55b724f22c91bdc32/content/conversions/pLhE9KGt/videos/LmEPJ2BC-31852320.mp4
Requested by: Host: mar4w.dubznetwork.com
URL: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
Protocol: H2
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: rwLV6HOe_N1eldhuY6FiPWXI0g3ARtBU
via: 1.1 varnish, 1.1 varnish
date: Tue, 28 Mar 2023 05:34:09 GMT
x-backend: 2bbpke26e9piHyfIxklTTy--F_S3
x-amz-request-id: J3FEY3JA0J6M8D5V
age: 1787793
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-storage-class: INTELLIGENT_TIERING
Content-Range: bytes 0-50200829/50200830
Content-Length: 50200830
x-amz-id-2: QA3iGe4LtYiYdgOyQpkftgKRaajvIL4OBMOjGVqMTX8vVGpQ8imEKMB26I0hsZxkbxvGtkYnpJg=
x-served-by: cache-iad-kcgs7200148-IAD, cache-syd10148-SYD
last-modified: Tue, 27 Jul 2021 11:35:08 GMT
server: AmazonS3
x-timer: S1679981650.982518,VS0,VE1
etag: "755bfa9de8d9586482b505736aa30be4"
content-type: video/mp4
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: accept-encoding, cache-control, origin, dnt
x-cache-hits: 1789, 1

Redirect headers

date: Tue, 28 Mar 2023 05:34:09 GMT
via: 1.1 7019d108ed76e032af7a0273104a07a2.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: HKG62-C1
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://videos-fms.jwpsrv.com/6422a681_0x31f853c319a6d69d39503df55b724f22c91bdc32/content/conversions/pLhE9KGt/videos/LmEPJ2BC-31852320.mp4
access-control-allow-origin: *
cache-control: max-age=10200
x-robots-tag: noindex, indexifembedded
content-length: 0
x-amz-cf-id: 4H4r5-zKy7vU6rMyVq_4RSQGl6aFDH2bfhvL9ZPNmUeYIpaf6rDJsA==

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=577724795&utmhn=mar4w.dubznetwork.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=577724795&utmhn=mar4w.dubznetwork.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhi...

35 B
197 B

196ms
195ms

Image
image/gif

142.251.10.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=577724795&utmhn=mar4w.dubznetwork.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=299941521&utmr=-&utmp=%2Fsticky.html%3Fautoplay%3D1%26loop%3D1%26autopause%3D0%26muted%3D1&utmht=1679981649021&utmac=UA-124289831-4&utmcc=__utma%3D102447517.629964354.1679981649.1679981649.1679981649.1%3B%2B__utmz%3D102447517.1679981649.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=237617777&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: mar4w.dubznetwork.com
URL: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1

Protocol

Server

142.251.10.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 05:34:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=577724795&utmhn=mar4w.dubznetwork.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=299941521&utmr=-&utmp=%2Fsticky.html%3Fautoplay%3D1%26loop%3D1%26autopause%3D0%26muted%3D1&utmht=1679981649021&utmac=UA-124289831-4&utmcc=__utma%3D102447517.629964354.1679981649.1679981649.1679981649.1%3B%2B__utmz%3D102447517.1679981649.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=237617777&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK bridge3.565.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7570 710 KB
226 KB 389ms
195ms Document
text/html 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.565.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

sffe /

Resource Hash

aa54fa500658b5ad7c37680e109aa1331df710351eb615bd605bc12fa443ff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 400477
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Content-Length: 230993
Content-Type: text/html
Cross-Origin-Opener-Policy: same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 23 Mar 2023 14:19:32 GMT
Expires: Fri, 22 Mar 2024 14:19:32 GMT
Last-Modified: Tue, 21 Mar 2023 21:02:25 GMT
Report-To: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server: sffe
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 586ms
196ms Script
text/javascript 172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Mar 2023 05:34:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 588ms
197ms Script
application/javascript 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mar4w.dubznetwork.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303230101/ 400 KB
124 KB 196ms
195ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303230101/pubads_impl.js?cb=31073371

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

f2e3715305bd5425639d63572dc1682bf820e68cc3991d19eda99755ddd5f34d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 17:28:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43525
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126968
x-xss-protection: 0
server: cafe
etag: 15124557694433444799
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 26 Mar 2024 17:28:44 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
1 KB 586ms
196ms XHR
application/json 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mar4w.dubznetwork.com

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

89893dbac8ca2e6fd5eeb0ee4c0ace5302fc01f15fe6c91d5d2867b5cf240500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 543
x-xss-protection: 0
expires: Tue, 28 Mar 2023 05:34:09 GMT

GET
H2 200 vast.php Show response
mahimeta.com/networks/ Frame 7570 2 KB
1 KB 627ms
412ms XHR
application/xml 104.21.13.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mahimeta.com/networks/vast.php?id=12002388&type=vast&adtype=video_text_image&duration=360000&domain=dubznetwork.com
Requested by: Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.565.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.13.2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7247abeb71f2723e5447cb0c99b9eda0485c48ff764fb7291355ca892ab1bbaa

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:34:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/xml; charset=utf-8
access-control-allow-origin: http://imasdk.googleapis.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Cd4VKfBb%2Ffo8v8L6mu1bcDBSWNWjHnYBJgfgCaoJ1Ud02ByX6BDAGtdbcEyfpoxdTgaUiWfb4kVD7h%2BAwye4RuyW9f60ONt6D8jH%2F6gfw%2BM6CZQOTABczTCw4ReuB4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 7aed80a659dcdfb9-SYD
access-control-allow-headers: origin, x-requested-with, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 csi
csi.gstatic.com/ Frame 7570 0
234 B 533ms
233ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~lfrtp5tq&c=4193300772484&slotId=2096650386242&eee=missing-element&bi=missing-id&vast_v=2.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.565.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 05:34:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7570 91 KB
22 KB 911ms
504ms XHR
text/xml 74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21857590943%2C22857717336%2FMahimeta_Dubznetwork.com%2Fvast&description_url=http%3A%2F%2Fdubznetwork.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=548366655498819&vpa=auto&vpmute=0&sdkv=h.3.565.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=3624090196&sdk_apis=7%2C8&omid_p=Google1%2Fh.3.565.0&media_url=https%3A%2F%2Fcdn.jwplayer.com%2Fvideos%2F3PDoW5km-vuhTeads.mp4&sid=7DAE1AA8-CB25-4EF7-B5E0-F574BC66E636&nel=0&eid=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782990&url=http%3A%2F%2Fmar4w.dubznetwork.com%2Fsticky.html%3Fautoplay%3D1%26loop%3D1%26autopause%3D0%26muted%3D1&dt=1679981651314&cookie_enabled=1&scor=432155800844192&fbidx=-1&ged=ve4_td4_tt1_pd4_la4000_er983.1240.1133.1540_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.565.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f157.1e100.net

Software

cafe /

Resource Hash

34180cda7bd45e60785d286635ecff2b1b2a2784ed2dc283d5eacaae90baa1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21694
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: http://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7570 0
54 B 233ms
233ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=2~lfrtp6cq&c=4193300772484&slotId=2096650386242&ghmsh_eids=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782990
Requested by: Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.565.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 05:34:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7570 0
54 B 233ms
233ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=3~lfrtp6ot&c=4193300772484&slotId=2096650386242&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1
Requested by: Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.565.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 05:34:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7570 0
54 B 237ms
237ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=4~lfrtp74e&c=4193300772484&slotId=2096650386242&qqid=CNnH2qzz_f0CFbyhZgIdcyAKSw&gqid=U3wiZLKXMt2TmsMP9NOH4AE&fb=ima_html5-lima&sdkv=h.3.565.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.lfrtp74h~ghmsh_s.lfrtp74i~ghmsh_s.lfrtp74i&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=cOKo0KQUwhIzHJ4L
Requested by: Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.565.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 05:34:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 7570 0
0 391ms
196ms Fetch
image/gif 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.565.0&e=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782990&id=ima_html5&c=519632565299994&domain=mar4w.dubznetwork.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.565.0_en.html

Protocol

HTTP/1.1

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 05:34:12 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: image/gif
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 7570 453 B
607 B 196ms
194ms Image
image/png 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-2205121062140812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 05:06:02 GMT
x-content-type-options: nosniff
age: 1690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Mar 2023 05:56:02 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7570 42 B
673 B 591ms
199ms Image
image/gif 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEhwuU3wiZJnSNLzDmsMP88Co2AT3wcvVb735g_yHEZSRxti0CRABIJ30qntgpYCAgJABoAGcr_uoAsgBBeACAKgDAZgEAKoEwAJP0N_bGRIU_6_Z8gNx7MRAx1E4hBQ_vG5jE1fWBEBbb1NZobI5kyLnoXilZ-KWp3Kxg7_ZbC2gLJs7r_KBH2My7w_xaGuskZdFPAoiYartGayxSOY5yaQEYnTimbHovzm3crPdbmggrrTk4zN0PSpD4YBKyZdFTT5vJg6ubEonL23LYeXnmwrL92akIKy70W3ArT7UN62e1Gsb1GNQKZcW4QiW7BAFU-g5h-EQWgPP5WRAlyFAP1CgFAnQuVirfjHFvsqzxjzOaGedu3tuMTZl3KZxWhpSnwpifWRVTEvzIeF3zcMnO0YeuHxxVzpkqEUcUdtcGw5Rdsx6QRKhSHdYQ3RK-UBBYJ_4SsNJKOdfWYi6-p6nkjiTSzVwhKYNZhdrUimhhA2vLlLmSEWyID-RnNIjO9RxalQLCdXI8aPuOcAEgq_2xaoE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQJoJLmh0dHBzOi8vd3d3Lmhlcm8td2Fycy5jb20vbGFuZGluZ3MvbG9vdDExZy9lbi-xCfLxQGkQTiDHgAoDyAsB0AsO4AsBuAwBmg0BDtgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=mkR9By9h_mY&label=show_ad&sdkv=h.3.565.0&vci=CiYIAhIMbWFoaW1ldGEuY29tGgxEUy1FQiAtIFZBU1QgAioBMUD2BAprCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1ODYyNTQ3MTE5OTcyDDY1MjA0NzczMzE2N0DXB1IjEA8lAAAGQygBOgtYeEh3bkt4M3ZMZ0IJZ29vZ2xlYWRzUAAYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.156 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 05:34:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
pubads.g.doubleclick.net/pagead/ Frame 7570 0
0 200ms
199ms Image
text/html 74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CS9QtU3wiZJnSNLzDmsMP88Co2AT3wcvVb735g_yHEZSRxti0CRABIJ30qntgpYCAgJABoAGcr_uoAsgBBeACAKgDAZgEAKoEvQJP0N_bGRIU_6_Z8gNx7MRAx1E4hBQ_vG5jE1fWBEBbb1NZobI5kyLnoXilZ-KWp3Kxg7_ZbC2gLJs7r_KBH2My7w_xaGuskZdFPAoiYartGayxSOY5yaQEYnTimbHovzm3crPdbmggrrTk4zN0PSpD4YBKyZdFTT5vJg6ubEonL23LYeXnmwrL92akIKy70W3ArT7UN62e1Gsb1GNQKZcW4QiW7BAFU-g5h-EQWgPP5WRAlyFAP1CgFAnQuVirfjHFvsqzxjzOaGedu3tuMTZl3KZxWhpSnwpifWRVTEvzIeF3zcMnO0YeuHxxVzpkqEUcUdtcGw5Rdsx6QRKhSHdYQ3RK-UBBYJ_4SsNJKOdfWYi6op9VhDn51x7iT32UOPjyJoksuJgKb3Ps1k6cONwiCe62lAtbRkzC91SWHsAEgq_2xaoE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQqFGoCAHSCA8IgGEQARgdMgKKAjoCgECACgPICwHCEwYYnK_7qALYEw3QFQGYFgHiFgIIAYAXAbIXHgocCAASFHB1Yi05NjU1ODI0NTkzMzE1NjI1GILzcg&sigh=uN6LFYdPoIQ&cmd=Ch1jYS12aWRlby1wdWItMjIwNTEyMTA2MjE0MDgxMhAAGAI&uach_m=[UACH]&cid=CAQSSwDUE5ymfNlRVh_05i-mEZwIoxjWXnLSj2euk-KWB69yHJSziTfCo8DQ2eV07sTIagDsoODc4rf2kbCiQiXKvSYLGfOsLQBYZgcd4hgB&vt=10&sdkv=h.3.565.0&vci=CiYIAhIMbWFoaW1ldGEuY29tGgxEUy1FQiAtIFZBU1QgAioBMUD2BAprCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1ODYyNTQ3MTE5OTcyDDY1MjA0NzczMzE2N0DXB1IjEA8lAAAGQygBOgtYeEh3bkt4M3ZMZ0IJZ29vZ2xlYWRzUAAYAQ..
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 233ms
233ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&top=1&puid=1~lfrtp4t0&c=4193300772484&slotId=2096650386242&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 05:34:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr2---sn-ntqe6nes.googlevideo.com/ 3 MB
0 321ms
103ms Media
video/mp4 74.125.152.7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-ntqe6nes.googlevideo.com/videoplayback?expire=1680010452&ei=VHwiZK6BBZej9fwPudmUgAQ&ip=173.245.209.28&id=5f11f09cac77bcb8&itag=22&source=youtube&requiressl=yes&mh=zj&mm=31&mn=sn-ntqe6nes&ms=au&mv=m&mvi=2&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=134.048&lmt=1675369038460249&mt=1679981341&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhALhiD_Z-SPqyooPbPhWvEh_YUEgBL2Pyswa02VRQ5dLZAiEA72ZPiYw5SoryJx-zaqa2LV0TSG9Us8S_Tp_w7NxPFYQ=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALsgEj1m7-PdcnEg0tYj8FclF_0DZuU_LoHo7mrZMHOuAiAW-VzD4GAHCZcCpsXyxdWYwm1I5iTVAjQqwBwVhd6YXw==&cpn=cOKo0KQUwhIzHJ4L

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.125.152.7 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s13-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://mar4w.dubznetwork.com/sticky.html?autoplay=1&loop=1&autopause=0&muted=1
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 28 Mar 2023 05:34:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Feb 2023 20:17:18 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-8430640/8430641
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 8430641
Expires: Tue, 28 Mar 2023 05:34:12 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7570 42 B
108 B 202ms
201ms Image
image/gif 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEhwuU3wiZJnSNLzDmsMP88Co2AT3wcvVb735g_yHEZSRxti0CRABIJ30qntgpYCAgJABoAGcr_uoAsgBBeACAKgDAZgEAKoEwAJP0N_bGRIU_6_Z8gNx7MRAx1E4hBQ_vG5jE1fWBEBbb1NZobI5kyLnoXilZ-KWp3Kxg7_ZbC2gLJs7r_KBH2My7w_xaGuskZdFPAoiYartGayxSOY5yaQEYnTimbHovzm3crPdbmggrrTk4zN0PSpD4YBKyZdFTT5vJg6ubEonL23LYeXnmwrL92akIKy70W3ArT7UN62e1Gsb1GNQKZcW4QiW7BAFU-g5h-EQWgPP5WRAlyFAP1CgFAnQuVirfjHFvsqzxjzOaGedu3tuMTZl3KZxWhpSnwpifWRVTEvzIeF3zcMnO0YeuHxxVzpkqEUcUdtcGw5Rdsx6QRKhSHdYQ3RK-UBBYJ_4SsNJKOdfWYi6-p6nkjiTSzVwhKYNZhdrUimhhA2vLlLmSEWyID-RnNIjO9RxalQLCdXI8aPuOcAEgq_2xaoE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQJoJLmh0dHBzOi8vd3d3Lmhlcm8td2Fycy5jb20vbGFuZGluZ3MvbG9vdDExZy9lbi-xCfLxQGkQTiDHgAoDyAsB0AsO4AsBuAwBmg0BDtgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=mkR9By9h_mY&label=video_ad_loaded&sdkv=h.3.565.0&vci=CiYIAhIMbWFoaW1ldGEuY29tGgxEUy1FQiAtIFZBU1QgAioBMUD2BAprCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1ODYyNTQ3MTE5OTcyDDY1MjA0NzczMzE2N0DXB1IjEA8lAAALQygBOgtYeEh3bkt4M3ZMZ0IJZ29vZ2xlYWRzUAAYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.156 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 05:34:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 7570 41 KB
16 KB 389ms
195ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.565.0_en.html

Protocol

HTTP/1.1

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 00:34:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 536378
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15406
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 20:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Vary: Accept-Encoding
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 21 Mar 2024 00:34:35 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 7570 0
0 196ms
195ms Fetch
image/gif 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.565.0&e=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782990&id=ima_html5&c=519632565299994&domain=mar4w.dubznetwork.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.565.0_en.html

Protocol

HTTP/1.1

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 05:34:13 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: image/gif
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 7570 0
0 206ms
206ms Image
text/html 74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CS9QtU3wiZJnSNLzDmsMP88Co2AT3wcvVb735g_yHEZSRxti0CRABIJ30qntgpYCAgJABoAGcr_uoAsgBBeACAKgDAZgEAKoEvQJP0N_bGRIU_6_Z8gNx7MRAx1E4hBQ_vG5jE1fWBEBbb1NZobI5kyLnoXilZ-KWp3Kxg7_ZbC2gLJs7r_KBH2My7w_xaGuskZdFPAoiYartGayxSOY5yaQEYnTimbHovzm3crPdbmggrrTk4zN0PSpD4YBKyZdFTT5vJg6ubEonL23LYeXnmwrL92akIKy70W3ArT7UN62e1Gsb1GNQKZcW4QiW7BAFU-g5h-EQWgPP5WRAlyFAP1CgFAnQuVirfjHFvsqzxjzOaGedu3tuMTZl3KZxWhpSnwpifWRVTEvzIeF3zcMnO0YeuHxxVzpkqEUcUdtcGw5Rdsx6QRKhSHdYQ3RK-UBBYJ_4SsNJKOdfWYi6op9VhDn51x7iT32UOPjyJoksuJgKb3Ps1k6cONwiCe62lAtbRkzC91SWHsAEgq_2xaoE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQqFGoCAHSCA8IgGEQARgdMgKKAjoCgECACgPICwHCEwYYnK_7qALYEw3QFQGYFgHiFgIIAYAXAbIXHgocCAASFHB1Yi05NjU1ODI0NTkzMzE1NjI1GILzcg&sigh=uN6LFYdPoIQ&cmd=Ch1jYS12aWRlby1wdWItMjIwNTEyMTA2MjE0MDgxMhAAGAI&uach_m=[UACH]&cid=CAQSSwDUE5ymfNlRVh_05i-mEZwIoxjWXnLSj2euk-KWB69yHJSziTfCo8DQ2eV07sTIagDsoODc4rf2kbCiQiXKvSYLGfOsLQBYZgcd4hgB&sdkv=h.3.565.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7570 42 B
108 B 201ms
200ms Image
image/gif 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_QXnU3wiZJnSNLzDmsMP88Co2AT3wcvVb735g_yHEZSRxti0CRABIJ30qntgpYCAgJABoAGcr_uoAsgBBeACAKgDAZgEAKoEvQJP0N_bGRIU_6_Z8gNx7MRAx1E4hBQ_vG5jE1fWBEBbb1NZobI5kyLnoXilZ-KWp3Kxg7_ZbC2gLJs7r_KBH2My7w_xaGuskZdFPAoiYartGayxSOY5yaQEYnTimbHovzm3crPdbmggrrTk4zN0PSpD4YBKyZdFTT5vJg6ubEonL23LYeXnmwrL92akIKy70W3ArT7UN62e1Gsb1GNQKZcW4QiW7BAFU-g5h-EQWgPP5WRAlyFAP1CgFAnQuVirfjHFvsqzxjzOaGedu3tuMTZl3KZxWhpSnwpifWRVTEvzIeF3zcMnO0YeuHxxVzpkqEUcUdtcGw5Rdsx6QRKhSHdYQ3RK-UBBYJ_4SsNJKOdfWYi6op9VhDn51x7iT32UOPjyJoksuJgKb3Ps1k6cONwiCe62lAtbRkzC91SWHsAEgq_2xaoE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=KkaIZ1mqdXA&cmd=Ch1jYS12aWRlby1wdWItMjIwNTEyMTA2MjE0MDgxMhAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D949%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D983,1240,1188,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D134002%26vmtime%3D-1%26is%3D33554707%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1732%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D480856035%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3613%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1679981652331&sdkv=h.3.565.0&vci=CiYIAhIMbWFoaW1ldGEuY29tGgxEUy1FQiAtIFZBU1QgAioBMUD2BApuCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1ODYyNTQ3MTE5OTcyDDY1MjA0NzczMzE2N0DXB1ImEA8lAAALQygBOgtYeEh3bkt4M3ZMZ0IJZ29vZ2xlYWRzSMYEUAAYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.156 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 05:34:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7570 42 B
404 B 589ms
198ms Image
image/gif 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVRb5bz6N_3fWB95zYd7bd10smysT9_2wtYVDLuWsvybpbViLgUP14TI47OaS1ill3ydKcAkyadlrMILblgyd4IuRvZgYQhF4CtiXBbuFhGu2w1r1BTz7q9MMndFXGdmoQA7OAAztVL0PxE1D5GbuRR-d8nj7PWQ&sai=AMfl-YRRMCpgT9oH3-oez9QtOxlutfZeJns7GPALHwnZ4fhoiHLgV_zNzSzCd0oipIAlwEMRdmyGaudRb6hCPGdeN0hdBoAy_-U_QRs_3Y7spwpQB-nAQyGNs-XuXsPJ432w3CXCOIqeX_bLXt-a&sig=Cg0ArKJSzDt9v8ZxiUc_EAE&cid=CAQSSwDUE5ymfNlRVh_05i-mEZwIoxjWXnLSj2euk-KWB69yHJSziTfCo8DQ2eV07sTIagDsoODc4rf2kbCiQiXKvSYLGfOsLQBYZgcd4hgB&id=lidarv&acvw=sv%3D949%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D983,1240,1188,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D134002%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26ic%3D33554706%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1732%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D480856035%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3615%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1679981652331&avm=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 05:34:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7570 42 B
108 B 200ms
199ms Image
image/gif 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_QXnU3wiZJnSNLzDmsMP88Co2AT3wcvVb735g_yHEZSRxti0CRABIJ30qntgpYCAgJABoAGcr_uoAsgBBeACAKgDAZgEAKoEvQJP0N_bGRIU_6_Z8gNx7MRAx1E4hBQ_vG5jE1fWBEBbb1NZobI5kyLnoXilZ-KWp3Kxg7_ZbC2gLJs7r_KBH2My7w_xaGuskZdFPAoiYartGayxSOY5yaQEYnTimbHovzm3crPdbmggrrTk4zN0PSpD4YBKyZdFTT5vJg6ubEonL23LYeXnmwrL92akIKy70W3ArT7UN62e1Gsb1GNQKZcW4QiW7BAFU-g5h-EQWgPP5WRAlyFAP1CgFAnQuVirfjHFvsqzxjzOaGedu3tuMTZl3KZxWhpSnwpifWRVTEvzIeF3zcMnO0YeuHxxVzpkqEUcUdtcGw5Rdsx6QRKhSHdYQ3RK-UBBYJ_4SsNJKOdfWYi6op9VhDn51x7iT32UOPjyJoksuJgKb3Ps1k6cONwiCe62lAtbRkzC91SWHsAEgq_2xaoE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=KkaIZ1mqdXA&cmd=Ch1jYS12aWRlby1wdWItMjIwNTEyMTA2MjE0MDgxMhAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D949%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D983,1240,1188,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D134002%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26i0%3D33554707%26ic%3D0%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1732%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D480856035%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3616%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1679981652331&sdkv=h.3.565.0&vci=CiYIAhIMbWFoaW1ldGEuY29tGgxEUy1FQiAtIFZBU1QgAioBMUD2BApuCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1ODYyNTQ3MTE5OTcyDDY1MjA0NzczMzE2N0DXB1ImEA8lAAALQygBOgtYeEh3bkt4M3ZMZ0IJZ29vZ2xlYWRzSMYEUAAYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.156 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 05:34:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7570 42 B
108 B 200ms
200ms Image
image/gif 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_QXnU3wiZJnSNLzDmsMP88Co2AT3wcvVb735g_yHEZSRxti0CRABIJ30qntgpYCAgJABoAGcr_uoAsgBBeACAKgDAZgEAKoEvQJP0N_bGRIU_6_Z8gNx7MRAx1E4hBQ_vG5jE1fWBEBbb1NZobI5kyLnoXilZ-KWp3Kxg7_ZbC2gLJs7r_KBH2My7w_xaGuskZdFPAoiYartGayxSOY5yaQEYnTimbHovzm3crPdbmggrrTk4zN0PSpD4YBKyZdFTT5vJg6ubEonL23LYeXnmwrL92akIKy70W3ArT7UN62e1Gsb1GNQKZcW4QiW7BAFU-g5h-EQWgPP5WRAlyFAP1CgFAnQuVirfjHFvsqzxjzOaGedu3tuMTZl3KZxWhpSnwpifWRVTEvzIeF3zcMnO0YeuHxxVzpkqEUcUdtcGw5Rdsx6QRKhSHdYQ3RK-UBBYJ_4SsNJKOdfWYi6op9VhDn51x7iT32UOPjyJoksuJgKb3Ps1k6cONwiCe62lAtbRkzC91SWHsAEgq_2xaoE4AQBoAZUgAfM0ITXAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAagIAdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=KkaIZ1mqdXA&cmd=Ch1jYS12aWRlby1wdWItMjIwNTEyMTA2MjE0MDgxMhAAGAI&label=admute&ad_mt=0&acvw=sv%3D949%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D983,1240,1188,1600%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D134002%26vmtime%3D-1%26dvs%3D11%26dfvs%3D11%26dvpt%3D11%26is%3D33554707%26i0%3D33554707%26ic%3D4096%26cs%3D33558802%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1732%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D480856035%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D3620%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1679981652331&sdkv=h.3.565.0&vci=CiYIAhIMbWFoaW1ldGEuY29tGgxEUy1FQiAtIFZBU1QgAioBMUD2BApuCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1ODYyNTQ3MTE5OTcyDDY1MjA0NzczMzE2N0DXB1ImEA8lAAALQygBOgtYeEh3bkt4M3ZMZ0IJZ29vZ2xlYWRzSMYEUAAYAQ..

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.156 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 05:34:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 playback
www.youtube.com/api/stats/ Frame 7570 0
0 589ms
197ms Image
text/html 74.125.68.91

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/api/stats/playback?ns=yt&fexp=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782990&el=adunit&cpn=cOKo0KQUwhIzHJ4L&docid=XxHwnKx3vLg&visitordata=CgtkSFhDYS1YY1JESQ%253D%253D&of=GnjoENph7VWO8T-PQcoh8g&ver=2&cmt=0.199&fmt=18&rt=0.000&adformat=2_2_1&euri=http%3A%2F%2Fmar4w.dubznetwork.com%2Fsticky.html%3Fautoplay%3D1%26loop%3D1%26autopause%3D0%26muted%3D1&len=134.002&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=111.0.5563.110&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.68.91 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H/1.1 200
OK hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame C76C 23 KB
9 KB 195ms
194ms Document
text/html 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

HTTP/1.1

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 86990
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Content-Length: 8727
Content-Type: text/html
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 27 Mar 2023 05:24:23 GMT
Expires: Tue, 26 Mar 2024 05:24:23 GMT
Last-Modified: Tue, 03 Mar 2020 20:15:00 GMT
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Server: sffe
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0

GET Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js
pagead2.googlesyndication.com/bg/ Frame C76C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mar4w.dubznetwork.com/	1970-01-20 20:15:41	Name: __utma Value: 102447517.629964354.1679981649.1679981649.1679981649.1
.mar4w.dubznetwork.com/	1969-12-31 23:59:59	Name: __utmc Value: 102447517
.mar4w.dubznetwork.com/	1970-01-20 15:02:29	Name: __utmz Value: 102447517.1679981649.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.mar4w.dubznetwork.com/	1970-01-20 10:39:42	Name: __utmt Value: 1
.mar4w.dubznetwork.com/	1970-01-20 10:39:43	Name: __utmb Value: 102447517.1.10.1679981649
.dubznetwork.com/	1970-01-20 20:01:17	Name: __gads Value: ID=695ad3f1ffb8b66d:T=1679981651:S=ALNI_MaX2hZuEszjrlnnH3Ah1cEHRwtbQw
.dubznetwork.com/	1970-01-20 20:01:17	Name: __gpi Value: UID=00000be24b9f20d7:T=1679981651:RT=1679981651:S=ALNI_MZCSwxRgOMDpq9v7T3LxDNmCL-Xyg
.doubleclick.net/	1970-01-20 20:15:41	Name: IDE Value: AHWqTUmGzlrCvpw8Y3awohvZTcQwBnLVPDNLl4Y_XBGMItCISIsqWGG_A5YEwG767zQ

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
other	error	URL: http://imasdk.googleapis.com/js/core/bridge3.565.0_en.html#goog_192755827 Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other	error	URL: http://tpc.googlesyndication.com/sodar/hhrtBw21.html Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
cdn.jsdelivr.net
cdn.jwplayer.com
csi.gstatic.com
googleads.g.doubleclick.net
imasdk.googleapis.com
mahimeta.com
mar4w.dubznetwork.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
player.adtcdn.com
pubads.g.doubleclick.net
rr2---sn-ntqe6nes.googlevideo.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
videos-fms.jwpsrv.com
www.google-analytics.com
www.youtube.com
pagead2.googlesyndication.com
104.16.88.20
104.18.10.207
104.21.13.2
13.226.122.11
142.251.10.101
142.251.10.157
142.251.12.132
142.251.12.154
142.251.12.157
151.101.2.114
172.217.194.148
172.217.194.156
172.217.194.95
172.67.139.233
172.67.148.50
216.239.32.3
74.125.130.156
74.125.130.95
74.125.152.7
74.125.200.157
74.125.68.91
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
34180cda7bd45e60785d286635ecff2b1b2a2784ed2dc283d5eacaae90baa1ce
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
5460ea65423413a045deeecfc78a86efbd5e31c97269970fcc8764fea751a6e4
5ea995481d7dfddb5307f94aedabe955e8bdd9ba40b925007532997185cd35c6
7247abeb71f2723e5447cb0c99b9eda0485c48ff764fb7291355ca892ab1bbaa
81213f215c5c386c13ce408768284d753696c19697e34e4c31a9fe95a56b0557
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
89893dbac8ca2e6fd5eeb0ee4c0ace5302fc01f15fe6c91d5d2867b5cf240500
a0b0201debec1dd78fc17efda38e321609deb24f05b57d422a679ec8f790ceac
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa54fa500658b5ad7c37680e109aa1331df710351eb615bd605bc12fa443ff4d
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f2e3715305bd5425639d63572dc1682bf820e68cc3991d19eda99755ddd5f34d
fc2fde0634105634de74d0dbb49db6958786dae86aeb98bc65c329bbf907a8fa

mar4w.dubznetwork.com Open in urlscan Pro 172.67.148.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

41 Requests

63 %HTTPS

0 %IPv6

16 Domains

20 Subdomains

20 IPs

2 Countries

802 kBTransfer

16060 kBSize

8 Cookies

0 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mar4w.dubznetwork.com Open in urlscan Pro
172.67.148.50 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

63 %
HTTPS

0 %
IPv6

16
Domains

20
Subdomains

20
IPs

2
Countries

802 kB
Transfer

16060 kB
Size

8
Cookies

41 HTTP transactions
0 data transactions