Submitted URL: https://login3.bot-captcha-verify.online/?ref=ZXlKamJHbGxiblJKWkNJNklqazROelEzTWpJNU16azFOVFV4T0RVME5DSXNJbWQxYVd4a1NXUWlPaUkzTXpBNU5EWTF...
Effective URL: https://captcha.bot/
Submission: On November 16 via api from US — Scanned from US

Summary

This website contacted 73 IPs in 5 countries across 64 domains to perform 271 HTTP transactions. The main IP is 2606:4700:20::681a:66e, located in United States and belongs to CLOUDFLARENET, US. The main domain is captcha.bot.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 25th 2023. Valid for: a year.
This is the only time captcha.bot was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 26 2606:4700:20:... 13335 (CLOUDFLAR...)
9 18.238.4.47 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 2607:f8b0:402... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2 2600:9000:220... 16509 (AMAZON-02)
4 2600:9000:25c... 16509 (AMAZON-02)
1 26 2607:f8b0:402... 15169 (GOOGLE)
2 13.224.214.86 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.80.102 15169 (GOOGLE)
7 104.19.218.90 13335 (CLOUDFLAR...)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 54.230.163.124 16509 (AMAZON-02)
25 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:402... 15169 (GOOGLE)
1 107.23.92.235 14618 (AMAZON-AES)
1 2620:100:a001... 19750 (AS-CRITEO)
5 34.149.20.76 15169 (GOOGLE)
5 147.135.94.209 16276 (OVH)
6 2602:803:c002... 26667 (RUBICONPR...)
3 68.67.181.211 29990 (ASN-APPNEX)
1 104.36.115.111 62713 (AS-PUBMATIC)
2 147.28.129.37 54825 (PACKET)
1 107.20.214.81 14618 (AMAZON-AES)
21 2607:f8b0:402... 15169 (GOOGLE)
2 3 2607:f8b0:400... 15169 (GOOGLE)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 74.119.119.139 19750 (AS-CRITEO)
4 2607:f8b0:402... 15169 (GOOGLE)
11 2607:f8b0:402... 15169 (GOOGLE)
4 2607:f8b0:402... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
2 2607:f8b0:402... 15169 (GOOGLE)
1 54.172.84.140 14618 (AMAZON-AES)
2 23.203.105.107 16625 (AKAMAI-AS)
1 52.3.191.242 14618 (AMAZON-AES)
1 2602:803:c002... 26667 (RUBICONPR...)
3 2600:9000:20e... 16509 (AMAZON-02)
5 6 8.43.72.97 26667 (RUBICONPR...)
8 23.44.111.54 20940 (AKAMAI-ASN1)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2620:116:800b... 14618 (AMAZON-AES)
1 1 151.101.2.49 54113 (FASTLY)
3 13 172.217.13.194 15169 (GOOGLE)
1 202.233.84.1 131957 (MICROAD M...)
1 1 69.166.1.35 27630 (AS-XFERNET)
2 3 63.251.86.50 10913 (INTERNAP-BLK)
1 1 35.71.139.29 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
2 142.251.40.226 15169 (GOOGLE)
1 1 52.23.71.199 14618 (AMAZON-AES)
1 52.45.78.169 14618 (AMAZON-AES)
1 23.62.105.110 16625 (AKAMAI-AS)
1 2 172.64.151.101 13335 (CLOUDFLAR...)
2 2 35.190.60.146 15169 (GOOGLE)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
8 14 8.43.72.98 26667 (RUBICONPR...)
1 34.111.113.62 396982 (GOOGLE-CL...)
3 4 3.225.218.10 14618 (AMAZON-AES)
1 2 54.88.23.27 14618 (AMAZON-AES)
1 52.205.7.147 14618 (AMAZON-AES)
1 63.251.28.133 26558 (FREEWHEEL)
1 108.139.29.114 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
2 2 35.71.131.137 16509 (AMAZON-02)
2 4 52.46.155.104 16509 (AMAZON-02)
2 3 67.220.228.202 16509 (AMAZON-02)
1 1 2600:1f18:4e9... 14618 (AMAZON-AES)
2 2 54.146.35.112 14618 (AMAZON-AES)
1 1 52.70.105.17 14618 (AMAZON-AES)
1 23.55.235.176 20940 (AKAMAI-ASN1)
1 1 2600:9000:251... 16509 (AMAZON-02)
1 1 2600:9000:207... 16509 (AMAZON-02)
1 13.224.214.10 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
3 34.117.228.201 396982 (GOOGLE-CL...)
1 107.22.177.112 14618 (AMAZON-AES)
271 73
Apex Domain
Subdomains
Transfer
52 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
820 KB
42 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
ad.doubleclick.net — Cisco Umbrella Rank: 154
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
377 KB
29 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
eus.rubiconproject.com — Cisco Umbrella Rank: 602
beacon-iad3.rubiconproject.com — Cisco Umbrella Rank: 2400
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
33 KB
26 captcha.bot
captcha.bot
824 KB
11 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
587 KB
10 fuseplatform.net
cdn.fuseplatform.net — Cisco Umbrella Rank: 13713
139 KB
9 chargebee.com
js.chargebee.com — Cisco Umbrella Rank: 21310
182 KB
8 evidon.com
c.evidon.com — Cisco Umbrella Rank: 1673
18 KB
7 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
5 KB
7 w55c.net
cdn.w55c.net — Cisco Umbrella Rank: 16011
i.w55c.net — Cisco Umbrella Rank: 1952
cti.w55c.net — Cisco Umbrella Rank: 2945
pm.w55c.net — Cisco Umbrella Rank: 912
tags.w55c.net — Cisco Umbrella Rank: 4016
20 KB
7 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 10111
newassets.hcaptcha.com — Cisco Umbrella Rank: 9862
api.hcaptcha.com — Cisco Umbrella Rank: 81978
499 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
99 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
2 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
104 KB
5 smartadserver.com
prg8.smartadserver.com — Cisco Umbrella Rank: 19490
10 KB
5 33across.com
ssc.33across.com — Cisco Umbrella Rank: 3592
1 KB
5 google.com
analytics.google.com — Cisco Umbrella Rank: 157
www.google.com — Cisco Umbrella Rank: 2
mts0.google.com — Cisco Umbrella Rank: 3807
2 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 496
rtb0.doubleverify.com — Cisco Umbrella Rank: 761
tps.doubleverify.com — Cisco Umbrella Rank: 515
rtbc-ue1.doubleverify.com
104 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
5 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
7 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 877
api.btloader.com — Cisco Umbrella Rank: 948
30 KB
4 inmobi.com
cmp.inmobi.com
49 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
1 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
2 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
3 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 886
sync1.intentiq.com — Cisco Umbrella Rank: 2801
2 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
696 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
1 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
811 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
1 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
559 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
1 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
12 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
41 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 946
1 KB
2 chargebeestaticv2.com
privygg.chargebeestaticv2.com
1 KB
2 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3190
1 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6439
12 KB
1 betrad.com
l.betrad.com — Cisco Umbrella Rank: 1985
122 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
72 KB
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
555 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
648 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
500 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1279
175 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 560
533 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
636 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 758
337 B
1 tapad.com
tapestry.tapad.com — Cisco Umbrella Rank: 1686
532 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 988
633 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 685
426 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 6637
622 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
757 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 7594
641 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
540 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
463 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
10 KB
1 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
113 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
77 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 899
7 KB
1 bot-captcha-verify.online
login3.bot-captcha-verify.online
474 B
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 britepool.com Failed
px.britepool.com Failed
271 64
Domain Requested by
26 captcha.bot 1 redirects captcha.bot
static.cloudflareinsights.com
25 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.googletagservices.com
captcha.bot
ad.doubleclick.net
22 securepubads.g.doubleclick.net 1 redirects cdn.fuseplatform.net
securepubads.g.doubleclick.net
captcha.bot
www.googletagservices.com
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
21 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
captcha.bot
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
ad.doubleclick.net
pagead2.googlesyndication.com
14 pixel.rubiconproject.com 8 redirects cti.w55c.net
captcha.bot
11 cm.g.doubleclick.net 3 redirects 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
captcha.bot
11 www.googletagservices.com captcha.bot
securepubads.g.doubleclick.net
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
cdn.w55c.net
www.googletagservices.com
ad.doubleclick.net
10 cdn.fuseplatform.net captcha.bot
cdn.fuseplatform.net
9 js.chargebee.com captcha.bot
js.chargebee.com
8 c.evidon.com cti.w55c.net
c.evidon.com
cdn.w55c.net
captcha.bot
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 fastlane.rubiconproject.com cdn.fuseplatform.net
6 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 prg8.smartadserver.com cdn.fuseplatform.net
5 ssc.33across.com cdn.fuseplatform.net
5 newassets.hcaptcha.com js.hcaptcha.com
newassets.hcaptcha.com
4 s.amazon-adsystem.com 2 redirects captcha.bot
4 ups.analytics.yahoo.com 3 redirects cti.w55c.net
4 www.gstatic.com captcha.bot
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
4 googleads.g.doubleclick.net captcha.bot
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
pagead2.googlesyndication.com
4 fonts.googleapis.com 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
captcha.bot
securepubads.g.doubleclick.net
4 cmp.inmobi.com captcha.bot
cmp.quantcast.com
cmp.inmobi.com
3 aax-eu.amazon-adsystem.com 2 redirects captcha.bot
3 px.ads.linkedin.com 1 redirects cti.w55c.net
captcha.bot
3 cti.w55c.net cdn.w55c.net
cti.w55c.net
3 www.google.com 2 redirects tpc.googlesyndication.com
3 ib.adnxs.com cdn.fuseplatform.net
cti.w55c.net
captcha.bot
3 api.btloader.com btloader.com
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 match.prod.bidr.io 2 redirects
2 match.adsrvr.org 2 redirects
2 dpm.demdex.net 1 redirects cti.w55c.net
2 idsync.rlcdn.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects cti.w55c.net
2 www.googleadservices.com
2 ap.lijit.com 2 redirects
2 eus.rubiconproject.com captcha.bot
eus.rubiconproject.com
2 fonts.gstatic.com fonts.googleapis.com
2 gum.criteo.com 1 redirects static.criteo.net
2 prebid.a-mo.net cdn.fuseplatform.net
captcha.bot
2 static.criteo.net securepubads.g.doubleclick.net
cdn.fuseplatform.net
2 ad.doubleclick.net captcha.bot
www.googletagservices.com
2 ad-delivery.net captcha.bot
2 privygg.chargebeestaticv2.com js.chargebee.com
2 cmp.quantcast.com 2 redirects
2 challenges.cloudflare.com 1 redirects captcha.bot
1 rtbc-ue1.doubleverify.com cdn.doubleverify.com
1 l.betrad.com captcha.bot
1 tps.doubleverify.com cdn.doubleverify.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 cdn.doubleverify.com ad.doubleclick.net
1 s0.2mdn.net ad.doubleclick.net
1 ce.lijit.com captcha.bot
1 sync1.intentiq.com captcha.bot
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 hb.yahoo.net captcha.bot
1 sync.ipredictive.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 partners.tremorhub.com cti.w55c.net
1 aa.agkn.com cti.w55c.net
1 ads.stickyadstv.com cti.w55c.net
1 beacon.krxd.net cti.w55c.net
1 tapestry.tapad.com cti.w55c.net
1 pippio.com 1 redirects
1 tags.bluekai.com cti.w55c.net
1 tags.w55c.net cti.w55c.net
1 pm.w55c.net 1 redirects
1 ius.ctnsnet.com 1 redirects
1 eb2.3lift.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 aid.send.microad.jp 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 cms.quantserve.com 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
1 mts0.google.com 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
1 beacon-iad3.rubiconproject.com captcha.bot
1 i.w55c.net captcha.bot
1 cdn.w55c.net captcha.bot
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 mug.criteo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 hbopenbid.pubmatic.com cdn.fuseplatform.net
1 bidder.criteo.com cdn.fuseplatform.net
1 tlx.3lift.com cdn.fuseplatform.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 api.hcaptcha.com newassets.hcaptcha.com
1 js.hcaptcha.com js.chargebee.com
1 btloader.com cdn.fuseplatform.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.googletagmanager.com captcha.bot
1 static.cloudflareinsights.com captcha.bot
1 login3.bot-captcha-verify.online 1 redirects
0 sync.search.spotxchange.com Failed cti.w55c.net
0 px.britepool.com Failed cti.w55c.net
271 96

This site contains links to these domains. Also see Links.

Domain
docs.captcha.bot
privy.gg
discord.com
arcane.bot
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-06-25 -
2024-06-24
a year crt.sh
js.chargebee.com
Amazon RSA 2048 M01
2023-03-14 -
2024-04-11
a year crt.sh
cdn.fuseplatform.net
R3
2023-10-11 -
2024-01-09
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.chargebeestaticv2.com
Amazon RSA 2048 M01
2023-04-30 -
2024-05-29
a year crt.sh
btloader.com
GTS CA 1P5
2023-10-19 -
2024-01-17
3 months crt.sh
api.btloader.com
GTS CA 1D4
2023-10-10 -
2024-01-08
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA
2023-08-18 -
2024-08-17
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
ssc.33across.com
GTS CA 1D4
2023-10-28 -
2024-01-26
3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.a-mo.net
R3
2023-11-07 -
2024-02-05
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
*.w55c.net
Amazon RSA 2048 M02
2023-05-29 -
2024-06-25
a year crt.sh
betrad.com
R3
2023-11-10 -
2024-02-08
3 months crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018
2023-10-03 -
2024-11-03
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-18 -
2024-09-17
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-12
a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-05-19
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01
2023-02-22 -
2024-03-23
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-07 -
2024-05-07
a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2023-09-29 -
2024-09-28
a year crt.sh
*.betrad.com
Amazon RSA 2048 M01
2023-04-13 -
2024-05-11
a year crt.sh

This page contains 30 frames:

Primary Page: https://captcha.bot/
Frame ID: 606F25C17242A62AEFA3C57F36B13A63
Requests: 89 HTTP requests in this frame

Frame: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
Frame ID: DB44E036321B71799B372BE01A239856
Requests: 8 HTTP requests in this frame

Frame: https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: F3036090F5E1DFA57B4C6CFA8B6BC00A
Requests: 2 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
Frame ID: C15F83A2B374EAEFB11B99C69E084F4B
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
Frame ID: EA6EC9E92D50012AAC84ADE569E5D925
Requests: 3 HTTP requests in this frame

Frame: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DD238E3F8DA159046EA8B2DAD9DA90D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C1EFDDF747B600B2E4D52FC81B9484BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4AB992A02335D35E8E02D834ED767E60
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=captcha.bot&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 8DB4C3F4958ED5FF5D1D43E19954C447
Requests: 2 HTTP requests in this frame

Frame: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DAA62EF72DD710B34303535CCEBB9966
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 9229786F3B25AD58924F2844F8529527
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2E35F6637AD080FE5ED4855628C0F379
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 7F94BCF9249DF48FE7E3B1DCD2663BC9
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyo5moOtaXhlwZUDtm3TWXHTRQnuNwcSA6JR2X4C2Mjzz59dZncUe7ND5v0n3YzmG6QfD4-kDQGnzr__bhxE4z0vLKa_ZjUguJq1cXqvdziIrHb3nyLLTkxpuO0E9KCGjQj56k-qD3pSn283bkNBSf6neFsFCOaMLNtyONjBJPWfsNJnQNb-ffKrbYfDC8sdSPvzP2_QCLw8QUl_SGra7A4VIwC0qlt2Plq0gagBeb5xr1_EWZemv05wwHGv-kcDGiW1LwK5JrZf_pKxk9vLMIemGsJn8YzF2q08h6-BfCwvnFjd6NIdh3LbXx15Bl7gehGfqZwwM_WxdWV6FAhQPB4l19MgXeyY4wLtSoOuQ_b3XfjuMb6VEQVEx2pzdDzVhE&sai=AMfl-YRA4ix0M5ZHovKS-LAgBqjGtKiFH1VVjnjX2xmDfA4pI02EUUbBsmIdUD1yIT4R_b9ad-I2jHNJvGFwUWpBm07okduXP02FIU7DfEQODFNkyB-YXxiOKyqu_T0nOi467VhERJvcyMTp_9rk9qfP2Xw&sig=Cg0ArKJSzPfp9pQ11lq-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 702EA16CED51E773BC55193EA96ABAA3
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuc1srfwV83ZScSpgnMOWiqYgPZ66BfDyoawqBnL8DjN3ibWs7GmEMnvTLiG7WjwSQUhUAElJqF0j4eFPKwfxCwxp2CK8zOPZkINprQKFLy8LAH7rj8xXp60EVM3pqO-QGtgkA9z5BRuXBCVWvk1PDodcDbV6x6iS-xk2NpsWTMssGowIEjTWIGeQiiHPPA7zedZwuXvACgavMjNwZ7Ex7pa7oPIfBN01N260f8GBQPs9B7J65QiZCWChVSGVMZDHQbDa7NgOOBQMT6uqP6p8mYzO-ys8LUYDYgF93s3K7YxZfqpW-hytSv2iDHkVptksx_c6QDkPjDvWigizaj0QFixlW7cjzGPbt0GLyKDMcVfTuUg_RD7CKmcyxjiMZ3YqASKjUjJLs8jtU&sai=AMfl-YQSZzc-SUzaS7714nMVU266W7owoqXr16cmKfi8XSML2j6AJ7G-Hqbm7Da0H-Dgi-I8vnPa2dzb2oJdHRapCzLOQh3hYa14nJ7rRdEs6b49QTg23ilCI-PZrUzCbVZeZzu2AFEvXKUN77ZuWgaWUZ0&sig=Cg0ArKJSzLBA3753GXnkEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F4B6D08CAE2B2AA5AB075EA4D35BC74D
Requests: 4 HTTP requests in this frame

Frame: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C4968C47F69FED64F1DB8B947E9BB5F9
Requests: 9 HTTP requests in this frame

Frame: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3505640D7107FBF3B3CCE37332BD4AA0
Requests: 9 HTTP requests in this frame

Frame: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 019DAFD3AB4494FF2C01B6B9E1A1FB00
Requests: 9 HTTP requests in this frame

Frame: https://cdn.w55c.net/i/s_XRf87ByLeD_XctsjabcveBG_1696965932533.html?&rtbhost=conf01-us-east4.rtb.roku.com&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&ei=RUBICON&wp_exchange=NWP&ac=WFNXOXFyT2xxRzpYUzQ1S0VoZjBzfDB8MHxVU0Q7&js=0&ob=1&ccw=SUFCMjQjMS4w&ci=XmbvfiH6oH&fiu=WG01RHFwcXVhTA&fid=Xm5DqpquaL&sd=captcha.bot&s=https%3A%2F%2Fcaptcha.bot%2F&ts=1700148208613&dvdp=i.w55c.net/dv.jpg&ai=0DkbXg17JP&tpce=&c=US&r=NY&m=501&pc=10013&rnd=2830509275131764&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=WGNv&dm=MU1ocWFxcHZ5RQ&l=fGVufA&ri=2ravM8&alg=TGcwMDA4&v=0&euid=NDNmZGY0OWJkN2I2YzQ3MTA1ODFiNmFkNzBiZjA0OWJiMWVhYWIyZg&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=QW1lcmljYS9OZXdfWW9yaw&sg=ckbgDtUkhQvEnRK0f7Gl9w&buid=Xdb4S64gzq5&bs=XiosL1mBqIPx&dv=MUxWSXJn&az=us-east4-c&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif
Frame ID: F9FD014A5B5D944B6E9595275362497C
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=na&co=us
Frame ID: DBD8E9411DA2CBB3B450ABEE457C5C43
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoCYccFChhsFs-Z9xJn6CAFwpErgirliVsxIMV0UkiehRynuFPzd2QeM7gdJLQT1eIXdf4rly7mjE0dpdCqyCEFd2VEAjR9On4NNvCtMR_0VecznsXUmf6ggfLd-CewSRoMJ2jkxrePFl2ZLUoGFL9_b9wRVIXyC6zV47wJ4_d1UQKYXsoqEo6uHsTxd_cfS3gwh9Yx2U-wA4hNPMaAcbIFa-KiDsy2ELjA8ROi6ofdR_BbF94r9RnFqi-Au-ilbDS9NXfObPmZXOVDXJUqBhpH4wBWeu5TRb0qtEUQ_kHYdzcXk6Ri08HSbWj7M0XJeI2CGcCL0iiEtkMdnuJHGrSlFLIiojwEKpNtRtXYj3a4MGu4Vaqfo-WPb0M3w8jNP8jVkmmbKe5FSI&sai=AMfl-YShPu0DxRcM4Zrw_MKfGRk7Tto-TGQwEWRwZ0pRNMUuU94_Ogu2jQCoZeeG1s4U2Z9fVkL-18hmw32w58y5wqWi9-3YMn5ai0cRkdFGHzX_kbgJlRyC7AYRyasGMw&sig=Cg0ArKJSzFOxiw4MOZQOEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6DACC3B9C53B83F801C66538C79A64AF
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: E98AFE0CCBDD1F5EC90FF93D89CEFFA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: A645E184FF9DC20107A3C3AC14E7E424
Requests: 1 HTTP requests in this frame

Frame: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5D703E183E83839DE84831C99612584F
Requests: 16 HTTP requests in this frame

Frame: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Frame ID: 8967F550D2406C6DCB83E2003C55A00F
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 44BB78CCA0D516BE40DAC4416D4BCB2E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 08B80469164B023753B6C504073BA7F7
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Frame ID: BD442846EEF05465E0A8D06A38B72E9A
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C0825CD0D17689D567C8655D21FD19CC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Frame ID: BF9E5B277C266398F8F1E24A970C023D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Captcha.bot - Verification done right

Page URL History Show full URLs

  1. https://login3.bot-captcha-verify.online/?ref=ZXlKamJHbGxiblJKWkNJNklqazROelEzTWpJNU16azFOVFV4T0RVME5DSXNJbWQxYVd4a1N... HTTP 302
    https://captcha.bot/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.chargebee\.com/v([\d.]+)

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • c\.evidon\.com

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

271
Requests

86 %
HTTPS

44 %
IPv6

64
Domains

96
Subdomains

73
IPs

5
Countries

4147 kB
Transfer

11155 kB
Size

96
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login3.bot-captcha-verify.online/?ref=ZXlKamJHbGxiblJKWkNJNklqazROelEzTWpJNU16azFOVFV4T0RVME5DSXNJbWQxYVd4a1NXUWlPaUkzTXpBNU5EWTFOalU0TXpJNU5qWXhPRFFpTENKbGVIQnBjbVZ6SWpveE56QXdNRFkwTmpjeE1qSTBmUT09 HTTP 302
    https://captcha.bot/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback
Request Chain 13
  • https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Request Chain 35
  • https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2 HTTP 301
  • https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Request Chain 61
  • https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2 HTTP 301
  • https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Request Chain 101
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=captcha.bot&sn=ChromeSyncframe&so=0&topUrl=captcha.bot&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=pSLJmHxJNktXbGVET1UwZFkvU0RzcFpNbExMVUtTVHB2R05ha3VjM1ZUZ2hnNzBiaXgyVTliYUY1YmxSZHU4MnQ3djYxems0d0pxMEl4MXRzL28xZmdTdVlQVmlnL1RMT0kwb0VZVmhoTUR6b1E5MFhiTmw0VGhvRHNIM2Zib3BXNGtRMW02YnpFSHBpNU5IcUU1ZUQ5ZWFpaXJHd09scVNpWFRkbWdyWGxZWVdFM0syVnFJU3BZeTkvRDJLS0IzQVVNL3N3T3ZyZVdhenVWYWRZREdJWlJjVVVDU0hucDVOWm5KaUNrQ0xBRXBtQmJodWpxMEpPUnlVUlc4NkJZWWFpOUQraHVVblFLYm1oMHdTZ0kyR2RCWVV3UT09fA&cppv=2
Request Chain 159
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 161
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 209
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHWGe4BEFuoy6BXFYT1DPHk&google_cver=1&google_push=AXcoOmTKAS0v09fLIqm2lR8dy08IKeIqDOT51W6kIWewsc4WnmAVb_BDEPZJii8yChSbInxI7Z6aSjYPk9qlItdv0O8cA7utU5FGNQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHWGe4BEFuoy6BXFYT1DPHk&google_push=AXcoOmTKAS0v09fLIqm2lR8dy08IKeIqDOT51W6kIWewsc4WnmAVb_BDEPZJii8yChSbInxI7Z6aSjYPk9qlItdv0O8cA7utU5FGNQ
Request Chain 211
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQiFQmvNJ-09NNaQ6TAqF-jCM3-auyAYW8x4uJt2Z_QaYhKryvs3wsYMWrgYqdimajJZSLvi19rjRsQZwavMK_Y01bX6x8%26google_hm%3D%5BUID%5D&google_gid=CAESENJcef7WmgcjNzvboAUYE7o&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQiFQmvNJ-09NNaQ6TAqF-jCM3-auyAYW8x4uJt2Z_QaYhKryvs3wsYMWrgYqdimajJZSLvi19rjRsQZwavMK_Y01bX6x8&google_hm=5338f273-4bc0-4612-a525-3b8fad1e3d4e
Request Chain 212
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL_9E0aS4784q8-JnwC7zBY&google_cver=1&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5gyY05wkFy7jLA HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL_9E0aS4784q8-JnwC7zBY&google_cver=1&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5gyY05wkFy7jLA&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5gyY05wkFy7jLA&google_hm=Hqp7iGZHKQ-vjOoIRYWZs8mP
Request Chain 213
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMGNNs6_kk_Bt6hoQexm2vM&google_cver=1&google_push=AXcoOmQlO0aQQsrV1P_Leh58cnJnTCUsde8sX6iK4RGRZ8BSaHdUO4qtoa3dmX8NpHn0lYYlm_A0QATKgzLeda1o1ny3ygy--B7J HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQzNDEwOTgzOTYwMDQxMTA5NjYyMQ%3D%3D&google_push=AXcoOmQlO0aQQsrV1P_Leh58cnJnTCUsde8sX6iK4RGRZ8BSaHdUO4qtoa3dmX8NpHn0lYYlm_A0QATKgzLeda1o1ny3ygy--B7J
Request Chain 214
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELw4bpZz7t5KjIBnm1cfcH4&google_cver=1&google_push=AXcoOmRl2u6dQYqWYu7qXQ7cxfFThF4FBJSHDolXPl2jR-V_JR8KFPEnmPPxtQURgqIoKrt0MLj5GySRF-23tam9mscEie9hMIK_dw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRl2u6dQYqWYu7qXQ7cxfFThF4FBJSHDolXPl2jR-V_JR8KFPEnmPPxtQURgqIoKrt0MLj5GySRF-23tam9mscEie9hMIK_dw&google_hm=ePUJvIu4RDih7t-G-ODOVYQ
Request Chain 219
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CdvQ18jNWZZbKGdXFjvQP77GT8AWZmIuHdPnb6ZWDEmQQASDTy84wYMnGqYvApNgPoAGc9uDKA8gBCeACAKgDAcgDywSqBLoCT9D0DaTJy4aFrh-9xGHc-SbRW7nSIngvyfPE-eYJe7DBssFUZdq1bkYDzbo9VOG2RC-3KT9y1j34OOJdpuhtqi-JQRnX1Mcu3GN4sIH2hgGo2BKlKv4r8RG7qd4qg2APydOgYqRa-imE1q9Kaa5bjgXu9qU03zyE6gdAQobbCXCDQFGE0UIorHkzLsI3AHjxlJ6H1Q5PjSpcFtyHFJD8HhFjE_ieFZN4Veo5SFKuUVE8RC2O35q90GA7MngDGq7ANxWoDQbRu9hsMcA9-rfG0aV1s8HGq3vEuRraknZr7szTPZ36_-jRk31KNrtLhU4MdPz_Ep_i-LsldwdFFhZ2hR4vMAxEHyhOX02KSQUHbQaSuvCgLEtdGm_voeOEkhLu2OxtJXYDuSkvAi4TFeSICM78sQN31jnn9XzABJGAn4DOBOAEAYgFvpfng02SBQQIBBgBkgUECAUYBKAGLoAHzImfNagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEI7wA9IIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkTaHR0cHM6Ly9wcmVzc2VkLmNvbYAKA8gLAZgM9KnA5cYE2gwQCgoQwNCRl-KrrsgfEgIBA-INEwj_npXR6ciCAxXVooMIHe_YBF64E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=A27w3mE-LRY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNqeMK65r53D-41zrzhfB14uhgprVqfT_Z8vOo6lz6W7cFLzzzMwnDZiOBbsm9TGC_JZ2KxbPvGAE&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc909f52672c1a4800000000000000000%22,%222%22:%220x5233a0dbd4b9caa20000000000000000%22,%223%22:%220x27e157624c0fdb150000000000000000%22,%224%22:%220xda2ae78fab0a4e670000000000000000%22,%225%22:%220xdd2202203ef37c850000000000000000%22},%22debug_key%22:%222876871645714610428%22,%22debug_reporting%22:true,%22destination%22:%22https://pressed.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22962083612%22],%224%22:[%2211-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215129133991070806385%22}&andc=true
Request Chain 221
  • https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cHNMRlN1Z1kxUjNFZGs1&google_cm HTTP 302
  • https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEKLUgMa9XVAbL-k1ONyZ4k0&google_cver=1
Request Chain 223
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=47&external_user_id=psLFSugY1R3Edk5&gdpr=0&gdpr_consent=&expiration=1702740211 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=47&external_user_id=psLFSugY1R3Edk5&gdpr=0&gdpr_consent=&expiration=1702740211&C=1
Request Chain 224
  • https://idsync.rlcdn.com/385636.gif?partner_uid=psLFSugY1R3Edk5 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=COTEFxIaChYIARCTEBoPcHNMRlN1Z1kxUjNFZGs1EAAaDQjz59iqBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&rand=02707617 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&rand=02707617&expected_cookie=95a5f5b1-9e1e-49c1-9f32-dfb37c48377d
Request Chain 227
  • https://ups.analytics.yahoo.com/ups/56554/sync?uid=psLFSugY1R3Edk5&_origin=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/56554/sync?uid=psLFSugY1R3Edk5&_origin=1&gdpr=0&gdpr_consent=&verify=true
Request Chain 229
  • https://dpm.demdex.net/ibs:dpid=359&dpuuid=psLFSugY1R3Edk5 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=359&dpuuid=psLFSugY1R3Edk5
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBSJKKMS9_gU3r86yDwpxo4&google_cver=1
Request Chain 240
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5b2d22ff-3381-4f15-a7fa-f78470f9c0fd&gdpr=0&gdpr_consent=&expires=30
Request Chain 241
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dcQGNUMtSh6xuD1ho4zF8w&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dcQGNUMtSh6xuD1ho4zF8w&gdpr=0
Request Chain 242
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LP1CCHJE-1H-17CQ&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 243
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP1CCHJE-1H-17CQ&gdpr=0
Request Chain 244
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=r_Ka9CfwRJCpT9szpt5R-g&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=r_Ka9CfwRJCpT9szpt5R-g&gdpr=0
Request Chain 245
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM5YWUxMGI4Y2U3ODYwYzgyNzY3YWFhNTg5M2FmMGUyYTBmZjE2ZQ&gdpr=0
Request Chain 246
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OV06eFtKmJ0WQ6R_Z2hXr8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bgEY1XRE2oLcr4P_Ee48T0wAR7DWHHNQYt7uUA--~A
Request Chain 247
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAxQ0NISkUtMUgtMTdDUQ==&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEAALe76x01_jyo8flqHpSuA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxQ0NISkUtMUgtMTdDUQ==&google_push=&gdpr=0
Request Chain 248
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABja07KrGgAABOLtnH04g&expires=30&gdpr=0
Request Chain 249
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0 HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LP1CCHJE-1H-17CQ&gdpr=0
Request Chain 250
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0 HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP1CCHJE-1H-17CQ&gdpr=0
Request Chain 251
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=dc5e457b-d108-4ca1-82ba-6772903d3ba7&expires=30&gdpr=0
Request Chain 252
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP1CCHJE-1H-17CQ&redir=true&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP1CCHJE-1H-17CQ&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wRE9rVUc5RTJ1RXpTbTh5YkpsclFTSmY5SjlFRjFuSX5B&gdpr=0&ovsid=LP1CCHJE-1H-17CQ&dpid=58160
Request Chain 253
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP1CCHJE-1H-17CQ&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP1CCHJE-1H-17CQ HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP1CCHJE-1H-17CQ&ckls=true&ci=7Ql6xOGvbT&nc=false&trid=599680559
Request Chain 254
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LP1CCHJE-1H-17CQ&gdpr=0

271 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
captcha.bot/
Redirect Chain
  • https://login3.bot-captcha-verify.online/?ref=ZXlKamJHbGxiblJKWkNJNklqazROelEzTWpJNU16azFOVFV4T0RVME5DSXNJbWQxYVd4a1NXUWlPaUkzTXpBNU5EWTFOalU0TXpJNU5qWXhPRFFpTENKbGVIQnBjbVZ6SWpveE56QXdNRFkwTmpjeE1...
  • https://captcha.bot/
2 KB
2 KB
Document
General
Full URL
https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06483d1af09fe201d80ff4fc8f93895e3898b5b3e2629af9bc9d85fcd30f57a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8270bc2f6e098c95-EWR
content-encoding
br
content-type
text/html
date
Thu, 16 Nov 2023 15:23:26 GMT
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJAW9U%2Fr0YlHYEJQNHqp%2FPH5nxP5CmnEMFXwKYmc5LlaQjSNZ1UfV5L80eDtCtkog5yKAZqg3lvHt2JGijwvkuj%2BFuRaG2tS5%2FK68CiboxBtrhs7iO1%2FDcpF5NBLnqWvOSdQHvj9ZBmb"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8270bc2dfa734414-EWR
content-type
text/html; charset=utf-8
date
Thu, 16 Nov 2023 15:23:25 GMT
location
https://captcha.bot
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kiOBss8VxP848Mw%2Bn2IWYRuxNFNqhTIRt7RsfUNnyuf5R5ckfa4gBYZ7U%2Bfesw7FlI92OG%2BzStYNKZoxMm8XzAsbjdEXEHRxq%2BpCAtKZ8DL3NjOP4dWMQ8GnXURP%2FLjMUIz8zG6yfuQwJ5pjMWaiNLXa%2F66cHKz4SoPMkDQkA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept
chargebee.js
js.chargebee.com/v2/
261 KB
77 KB
Script
General
Full URL
https://js.chargebee.com/v2/chargebee.js
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-47.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92ca1736ee4a07da4aec1bf75f1cf294129e25ba87ea6198627837448e9b1f5e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
Sk8aaRJ6QerEkOi1zVDX5WBct6FjSfiA
strict-transport-security
max-age=300; includeSubdomains; preload
content-encoding
gzip
date
Thu, 16 Nov 2023 15:20:08 GMT
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
198
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 10:27:18 GMT
server
AmazonS3
etag
W/"b7d4f680946f47f8afc2f1e9e725de76"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300,public
x-amz-cf-id
pTTqKKuzwWRLfbwSTbZF3qg_BWj5-ZU_xZ3WiH_-I_l-vgzTXq4kcQ==
api.js
challenges.cloudflare.com/turnstile/v0/g/9914b343/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback
33 KB
11 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8270bc318afd4352-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 16 Nov 2023 15:23:26 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/g/9914b343/api.js?onload=onloadTurnstileCallback
cache-control
max-age=300, public
cf-ray
8270bc316aea4352-EWR
alt-svc
h3=":443"; ma=86400
chunk-vendors.bfc7157a.js
captcha.bot/js/
150 KB
53 KB
Script
General
Full URL
https://captcha.bot/js/chunk-vendors.bfc7157a.js
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6026b5e35c99959ff49bb57e086263c3145cf10054c10448b944348d7a3d2ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=153350
etag
W/"654f00e0-25706"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gq8IuOqLebxa%2F%2Bq7W9P8gyHQey95GgjMEXXl%2BC7mD3Z%2Fz0rpj%2FFOI%2FFvfZVACshyGmoxiuh7ktjBy71%2BGnV9lRnyUyLdMbSght9lST0moshi2xzEdLKwMqLG6vXfri2qsX3bh5wtRFhK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=120
cf-ray
8270bc31c96542be-EWR
alt-svc
h3=":443"; ma=86400
app.3afd2610.js
captcha.bot/js/
13 KB
6 KB
Script
General
Full URL
https://captcha.bot/js/app.3afd2610.js
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad4e421119302e89d2ef10d7461de4fd4d6318c1529c36ee973c4c17ea3e31d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=13054
etag
W/"654f00e0-32fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovP%2BCSvoNGKnNE%2FlBMR4CDrEx5VXutORNVmE95QidcRQOnYqR7%2BGvaPf6kCjBs16dRsyqEkKe2Q58dhKXnwoJ3jOEAply3PN%2FQDc3%2Fg0QdMZ3TBEZ06BDak6TWE57BUWBQ3vYOnlwe%2Bg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=120
cf-ray
8270bc31d97c42be-EWR
alt-svc
h3=":443"; ma=86400
app.6a462042.css
captcha.bot/css/
44 KB
9 KB
Stylesheet
General
Full URL
https://captcha.bot/css/app.6a462042.css
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a33ebf73afc5f7a6cdee51f0d2f70c15a844e424a74c5fcc25e425bd9a4dc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
age
3231
etag
W/"654f00e0-b059"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgRamRqnpYCLOMJp51QUEmnIt58nnpRErumsePXSdnUfX0d4SW9%2FbgbjPjswiEah0L8tFCkKKXaC%2BUS3PRJ08TGdXIs5fDSj1gVrof8L7igGoGYWmJFm18ly%2FyV23dqH4M9FQ93oovFs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=120
cf-ray
8270bc3158128c95-EWR
alt-svc
h3=":443"; ma=86400
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://captcha.bot/
Origin
https://captcha.bot
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8270bc32395ec33d-EWR
188-71f6f5b28fc43206de3c.js
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/
17 KB
5 KB
Script
General
Full URL
https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/188-71f6f5b28fc43206de3c.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-47.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98174e30b9f1468b96f8d317978ded9f514e77d8903f5c1a95463bc43c51f298
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
QwSETViOhdWrgkryR5qcYZJZNzydiwnb
strict-transport-security
max-age=300; includeSubdomains; preload
content-encoding
gzip
date
Thu, 16 Nov 2023 15:20:25 GMT
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
206
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 10:27:18 GMT
server
AmazonS3
etag
W/"ae4a65a4f8bf8ec41db974f49cae0098"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300,public
x-amz-cf-id
OzNEfHU7jT32acXJw7sFF4EgLIW8g9EvbYcl4HYJ3GaNLtIGpGSmRA==
fuse.js
cdn.fuseplatform.net/publift/tags/2/2874/
244 KB
56 KB
Script
General
Full URL
https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Requested by
Host: captcha.bot
URL: https://captcha.bot/js/app.3afd2610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bf690803e1fc3c3d03595643914712996adb559fb7846cf6c69b8f83275d47b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
content-encoding
gzip
last-modified
Fri, 24 Feb 2023 00:40:47 GMT
server
AkamaiNetStorage
etag
"c43b788e3884f4ebc21e0b82c92cfa3f:1677199247.347819"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
57145
expires
Thu, 16 Nov 2023 15:53:26 GMT
js
www.googletagmanager.com/gtag/
216 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer
Requested by
Host: captcha.bot
URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9be1ff5169a3fc6334c134a96df76938723501a00fe5ad2d152f10a573595d7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78891
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 Nov 2023 15:23:26 GMT
609.7460785c.css
captcha.bot/css/
128 KB
52 KB
Stylesheet
General
Full URL
https://captcha.bot/css/609.7460785c.css
Requested by
Host: captcha.bot
URL: https://captcha.bot/js/app.3afd2610.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32b756bfa32d3c2a0a584ebaa8d5050f9db464fe5a7c7ca25bd54ebfea5b15fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
age
3574
etag
W/"654f00e0-1801d"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtiMDSrr3W4nq8eLnqswrjtfKZ3soyUYv4JR2afZ1VmXWVMv9hzlNV4yrjnKzi81%2BYFEwJSBKWMQDP1ekuvPOKcq9KgyE8gHnffWEZinLKk7BwEUM%2BYpyPLqibaNdnXxrWEwRgH%2FD%2Fly"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=120
cf-ray
8270bc344cfe42be-EWR
alt-svc
h3=":443"; ma=86400
609.05c519c2.js
captcha.bot/js/
18 KB
6 KB
Script
General
Full URL
https://captcha.bot/js/609.05c519c2.js
Requested by
Host: captcha.bot
URL: https://captcha.bot/js/app.3afd2610.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f60b8ba8974945a0ffcd6f2e93258cdac42a785b9d478ec3786881e2abcbee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3574
cf-polished
origSize=18933
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
etag
W/"654f00e0-49f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMjIiqnBoUw3zWB0mnoMBmLJcC8TDBDKAaOm5M2aq4hEqmU51LFN8lfpyOpRAUAnPgYA0BmwxYZU7RDj9mnAZgdku12%2FUdtgydoearbc8HxjYmGhVJ5Nz7773AoR2aTekwIIP2RfD2wK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=120
cf-ray
8270bc344d0042be-EWR
animation.css
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/
722 B
1 KB
Stylesheet
General
Full URL
https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/animation.css
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-47.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
AtBGTgkO6TCW7b0GECZ0kAFPTX.8dE0B
strict-transport-security
max-age=300; includeSubdomains; preload
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
date
Thu, 16 Nov 2023 15:23:26 GMT
x-amz-cf-pop
PHL51-P1
age
224
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
722
last-modified
Wed, 15 Nov 2023 10:27:19 GMT
server
AmazonS3
etag
"520016f3fad41f77bb889758ac030aaf"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=300,public
accept-ranges
bytes
x-amz-cf-id
X8NHIYAWFQEfmAtotXKFPHzUf1-uNLD3I-hB98j08c7fj8cGvKvjsw==
master.html
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ Frame DB44
234 B
719 B
Document
General
Full URL
https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/188-71f6f5b28fc43206de3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-47.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6778aac1a3b22c7997c1b8d951e2fe5224a2b45f3133294e908d43e6d84e394
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

Referer
https://captcha.bot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
271
cache-control
max-age=300,public
content-length
234
content-type
text/html
date
Thu, 16 Nov 2023 15:19:03 GMT
etag
"c54fd877114edb03d86a632f5e5a5c29"
last-modified
Wed, 15 Nov 2023 10:27:19 GMT
server
AmazonS3
strict-transport-security
max-age=300; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-id
AdC9livjwm5aCZgzO_wa2OU0G9y1Jl8lzWPfYdcjhH6-Tm7j4pwkRg==
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
D9zsd7tgwQ39QmBHCAgoXi_VgHMQQX7T
x-cache
Hit from cloudfront
main.js
captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame F303
Redirect Chain
  • https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB
Script
General
Full URL
https://captcha.bot/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8109cf8ec5546bd1865b1850b83ce3ee5cc358cc0bfdc14d52b5f5cb59a93d71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dC2mILWDnx%2FwjuSx6EoHkenO5oskxl7oARk7so5y08je0aUSRsnsO1yRturuMbIzTJm%2FgsRLc4moQlDsrGf%2FE98B3LGutwU%2B8Ib6FI%2FkjZNlUrwVefQAqJ4Rl5WQQAThpvMKCSeT%2Fkbb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8270bc350e5142be-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 16 Nov 2023 15:23:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVzMm0GlBGE4PlMuNXUqCXH31IF3vGnvPLOyFGsBud2YeSpl3MGH4Fp5GSSxIJuLut46L9NHcEfp%2Fo65U08%2BCAAmHD4Zmuplhcw5cTOZBHkMjixaqJlWAYyPkbV9yP83Qnt717gvOwmE"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8270bc347d6842be-EWR
alt-svc
h3=":443"; ma=86400
truncated
/
89 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62d056f363b8b39fd0f85690a31012fcb6f1f0cef642bb247fc8ae627e33ac6d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4383437e4c7973582c6fa37a8693ce3d30e4026a462995671533ef885b0a130a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
logo.0d11fe46.png
captcha.bot/img/
15 KB
15 KB
Image
General
Full URL
https://captcha.bot/img/logo.0d11fe46.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6227e69f1c3711825b5166ddcbd07539e556ce7068917ad7701a5af5b4814f33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=34020
content-disposition
inline; filename="logo.webp"
alt-svc
h3=":443"; ma=86400
content-length
14910
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
etag
"654f00e0-84e4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEYAvDqffFBHpLMz0GH7EUH3Mg3xetFyW%2BgKIvubYKvC2em%2BpAx4vqkgrEpEaVBfX5xPP%2F5osjwl4Gt0x9RqjbNJqheeb7kfNd6Zs%2BnVENrTObJYTgkoXFkrr%2FeM1mU5bXSzKrs2EJIR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe2942be-EWR
landing-promo.423c8618.png
captcha.bot/img/
8 KB
9 KB
Image
General
Full URL
https://captcha.bot/img/landing-promo.423c8618.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a87310dacb8e83018f2cbb037552a79868dafb9214613d442581b3f3eeea914

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3573
cf-polished
origFmt=png, origSize=16963
content-disposition
inline; filename="landing-promo.webp"
alt-svc
h3=":443"; ma=86400
content-length
8702
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
etag
"654f00e0-4243"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUKpX%2F0RQ43U8oBqEss4FSq042yVmig90GE1TJ0mhenVQNg90sVm7avorpNHW%2BrpPOglsO9gk4aJ5ScHK9YOSGfYDn9%2FWAxopNU8HYtso%2F%2F2m6sQSNq2lhb6Q3nIwIicrpjwH%2BTLrsmg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe2d42be-EWR
bitcoin.png
captcha.bot/promo/crypto/
8 KB
9 KB
Image
General
Full URL
https://captcha.bot/promo/crypto/bitcoin.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9eab613f27dc9efb747630f963208741cc088b586edfbfdaaebf7d733dc2d63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3573
cf-polished
origFmt=png, origSize=14655
content-disposition
inline; filename="bitcoin.webp"
alt-svc
h3=":443"; ma=86400
content-length
8608
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
etag
"654f00e0-393f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dWg3ImGaWSO5y5QELm2GP8uwVt95UJtUASAyruqWdnPhaSYgH6tCRBr4CTXIWTctzDeqk2vKj6zVRqkNoIvMw6cZHBd6ub49nvuyd7Ki48eOy2FvlZMgm2Uq8cMLpHPjfX5hNCiERPm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe2f42be-EWR
doge.png
captcha.bot/promo/crypto/
190 KB
190 KB
Image
General
Full URL
https://captcha.bot/promo/crypto/doge.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08a184bb8e17a3028350b402628040f572e5e6b2a57a5959c5acd78bfb1f5f9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3573
cf-polished
origFmt=png, origSize=332322
content-disposition
inline; filename="doge.webp"
alt-svc
h3=":443"; ma=86400
content-length
194348
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
etag
"654f00e0-51222"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDMvmiAUAovyGP6A8MVwFr8Zg2acfAuE%2FA9ZIxl4ZeVibMDJyHGtGSMARoCQR4e%2Fm92UG5pA9vNaFS4C%2FlM4iD2FQZA54f4ChlGj8k%2B75dAga%2FLINllqFEsMpbYWcQK5lzr2qw1fmv%2BA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe3242be-EWR
eth.png
captcha.bot/promo/crypto/
84 KB
85 KB
Image
General
Full URL
https://captcha.bot/promo/crypto/eth.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba3a253608d50cff0174ea1102b3ff4e93993be25d07c0e0223f20f19c37382

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3573
cf-polished
origSize=86443, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
86302
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
etag
"654f00e0-151ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ffdlq78sirrWp%2Bz8OxOgDEeK0IhfuxFZhKeepwckVdUOUH%2FN2TNw151Gp5BYeYUnPYukmafw2JWhpdjsdmIMfN3wi9Qtpw3EAuQZj42nhbZvJWLyjflvAytgAzFoxbEnOMimTX%2BmxlI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe3342be-EWR
ape.webp
captcha.bot/promo/crypto/
153 KB
153 KB
Image
General
Full URL
https://captcha.bot/promo/crypto/ape.webp
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e424ab30e57e903c77ed203fd48b8e240c9333d18eada751c7a5744ad5ac5f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status
HIT
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3573
etag
"654f00e0-2639a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQCvBHHVKVMgWlyGYtiNEtMeSQPs2RZoXAvjT7rlA6azAH37hqV6mrvu6cIaH8yNTtm4RX5j7xjtI7LG910ZiQ6oN22RLGiMMHIzt4tsxCfcV8ijtHTdcqCkTLJoYm9eGDKjLEAvPLjN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe3542be-EWR
alt-svc
h3=":443"; ma=86400
content-length
156570
boost.png
captcha.bot/promo/discord/
29 KB
29 KB
Image
General
Full URL
https://captcha.bot/promo/discord/boost.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6800d363cb5a534231c868a110cc4762d636d4df062c41a407c1c091e959e96f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3573
cf-polished
origFmt=png, origSize=67807
content-disposition
inline; filename="boost.webp"
alt-svc
h3=":443"; ma=86400
content-length
29300
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
etag
"654f00e0-108df"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbH5j9tCYU6d4CKIrGo56UcLTiYJfh7ChVqG8vDmk7s47%2FG3S8OUJ9GW3GjXdZHCjkUyGLAVow4N3FTPPCvxFiMRPgWudfPy2SAnpscBGHJy9qKNan1YDnDnnNnuH%2BrOoxtdLz%2FedzXc"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe3642be-EWR
badge.png
captcha.bot/promo/discord/
4 KB
5 KB
Image
General
Full URL
https://captcha.bot/promo/discord/badge.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45081b381b2448cac81c3cc81ed427d216719a54890a2242e691ab7608a0ada8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3573
cf-polished
origFmt=png, origSize=8231
content-disposition
inline; filename="badge.webp"
alt-svc
h3=":443"; ma=86400
content-length
4252
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
etag
"654f00e0-2027"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlkJl30Mf5kATAMy9AhgsRdm0EQYZ8mwgD58WFP21Zms%2BIwvWsdzBQATqq2CB1X2kksniJsp6h%2FGwuoN0umGi0VbjxAG4yvtvVT6ib2Ejnm2P0VD8RNs8d99bwFiONYP7y48IR%2BHzaSW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe3842be-EWR
nitro.webp
captcha.bot/promo/discord/
14 KB
14 KB
Image
General
Full URL
https://captcha.bot/promo/discord/nitro.webp
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a0ebb4c1e2bfeb215c6d41bb6c4fb0fac5a228fddf6a4bc77ef08e7f2e7477

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status
HIT
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3573
etag
"654f00e0-361c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5EARH21NBDc4tFoWQBb3C272SGxWWm7s2Gf8blNZeegaEHyael%2BH4btVV1XLTJPLf7QEjD0aL%2BmqnT8Slysl76ShTQ4fY%2BP5MNj0hMUhU4UmVZt%2B65b9C63qgu2wuflfPoXO84RwMqY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe3a42be-EWR
alt-svc
h3=":443"; ma=86400
content-length
13852
phishing.png
captcha.bot/promo/
9 KB
9 KB
Image
General
Full URL
https://captcha.bot/promo/phishing.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93dc5afee0d7c64a418ee3804bb76f9855e7ff5a501a26ed29cd544f066bb6d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3573
cf-polished
origFmt=png, origSize=13769
content-disposition
inline; filename="phishing.webp"
alt-svc
h3=":443"; ma=86400
content-length
8860
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
etag
"654f00e0-35c9"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVxrtgI1NowtyvrxnAfUjlWn%2FGFhlXk9xNsnJm3X92eVNHz0Ll17Dfozp7UlHW5tJDn5pKYaBYbWLC1LwRxmajCCZ9dBEBjUMhEkxPEenfUL1xFFa7PqAKurxquFb5L6PcmvcfiGpDMP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe3d42be-EWR
sus.png
captcha.bot/promo/
7 KB
7 KB
Image
General
Full URL
https://captcha.bot/promo/sus.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a71902890d932247a4c1a8f83c6f0b8dd7a6e7a12d64524559aa158c9a19f1db

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3573
cf-polished
origFmt=png, origSize=23982
content-disposition
inline; filename="sus.webp"
alt-svc
h3=":443"; ma=86400
content-length
7104
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
etag
"654f00e0-5dae"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOwcmww1k5Hl5CPc31A%2BZC8MAJ8Z1g8wTr7TwPU637VeoxZm%2BNxPZTkrE5gUOvHKSoL7lJHVnQ9XF5Xp8UM1MNhKZycsGZUKz7Ooq2P5UEsQKH0fr7FgSmwU1f4nkLkENT4Z9X%2BxpM%2Bt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe3f42be-EWR
accessible.png
captcha.bot/promo/
16 KB
16 KB
Image
General
Full URL
https://captcha.bot/promo/accessible.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a929bcd8cce2585ea3be49e84b6735c35debe93e48f62f5dd7e4fc4b33825e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3573
cf-polished
origFmt=png, origSize=27419
content-disposition
inline; filename="accessible.webp"
alt-svc
h3=":443"; ma=86400
content-length
16334
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
etag
"654f00e0-6b1b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCPO00YXE4N8NW1yhEcTfWhREo9KYrjffyHUKu7dFH7KnxTark5%2FHz3Pn5mIATOm4%2FlCWp3UEOF6MjMVSLaGp2oj%2FOLELCHuO2uK%2FLEZY5kirw3CnxOKrwFJCTgNZO4t8Ry9RUleTubd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe4042be-EWR
time-limit.png
captcha.bot/promo/
6 KB
7 KB
Image
General
Full URL
https://captcha.bot/promo/time-limit.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
950487041eb8b857d86436c10b487f194b9b97a4205366978d9b945de8164ccb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3573
cf-polished
origFmt=png, origSize=11864
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_Fwow7QEkiu_Lfx06VwWzVRpX6GfxbDyRkS1.y3f5MA-1700148206-0-AfW-X3AaIJy1fbKnxcFRHroZrOhOCyvRaP0cy-ugBpiKtzw49DLIhV38QCQ_6_ZzQdRE-nleETt_EBe93e2gQ5LfQQaomV1m5XD1KirAwp96cNppuwUIZS0Zsk120M3im44H_wozFN7_4urJTsLwZnE; report-to cf-csp-endpoint
content-disposition
inline; filename="time-limit.webp"
alt-svc
h3=":443"; ma=86400
content-length
5896
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
etag
"654f00e0-2e58"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rn017B%2BFZA65YfqrMWo%2BKYZF0cbwHs%2FPTCEL%2Fy68lM%2FYMH%2F3BwDxDaSsEpWkWUyIH6UdMMQjGHAj7e2%2FWJQf9ciFIiPy1MHL3SYb4SIcYcCJr%2BmqgJB3EbmJ%2BGtM52ZdC7DiT7WJUEKC"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=_Fwow7QEkiu_Lfx06VwWzVRpX6GfxbDyRkS1.y3f5MA-1700148206-0-AfW-X3AaIJy1fbKnxcFRHroZrOhOCyvRaP0cy-ugBpiKtzw49DLIhV38QCQ_6_ZzQdRE-nleETt_EBe93e2gQ5LfQQaomV1m5XD1KirAwp96cNppuwUIZS0Zsk120M3im44H_wozFN7_4urJTsLwZnE"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/webp
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe4242be-EWR
analytics.png
captcha.bot/promo/
139 KB
140 KB
Image
General
Full URL
https://captcha.bot/promo/analytics.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd6334bbbdabc6a816851f5c2c4a71193190a0569359d4f8834e45b57e10dfb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3573
cf-polished
origFmt=png, origSize=382343
content-disposition
inline; filename="analytics.webp"
alt-svc
h3=":443"; ma=86400
content-length
142700
cf-bgj
imgq:100,h2pri
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
server
cloudflare
etag
"654f00e0-5d587"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfkezlfvLKuoChfEoTow6KhLVNxuaMiycn29HxYRqlcmQh871Rdig26%2Fk0kDL3gRJ9FEJweQ%2FdB26rETh3pvTG0S1KS4S5W8n2HVkUf6gN%2BwMIujZBoVd0vyvAAfKImbqMllwZyC869L"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=120
accept-ranges
bytes
cf-ray
8270bc34fe4442be-EWR
discord-logo.1bf7c650.svg
captcha.bot/img/
2 KB
1 KB
Image
General
Full URL
https://captcha.bot/img/discord-logo.1bf7c650.svg
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 11 Nov 2023 04:19:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3573
etag
W/"654f00e0-82e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Zi777Ig13YznR2sbgvsK5IqdvIzoiXMglT7wK4JrZ%2FHHI4zGg8gXlmdGPH%2Fbwmn%2BHSSQFWD7b2bKjEDUq%2F3c3uNwonQhn4E15xGgIQUssezt3ExIuE0eEwsTT5jT78JDkI46r6q%2FkbT"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=120
cf-ray
8270bc34fe4742be-EWR
alt-svc
h3=":443"; ma=86400
statistics
captcha.bot/api/v1/
17 B
443 B
XHR
General
Full URL
https://captcha.bot/api/v1/statistics
Requested by
Host: captcha.bot
URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b489849f86636e88d98772735af2416b3c3e85076f7135b4ca14a08764e4774

Request headers

Accept
application/json, text/plain, */*
Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
Authorization
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTWWS1DsoDQxpbdJXfTFNZ1EBoN2pxFDdc0PZDBNQaSyzOvZ7Urz%2BLPxXOhXowzHBa%2FYOniwIgMZn5EJN%2Fver09%2FWGWlsQOj6%2BSbOTX73RfnyO2LRyk3fgJEyXcgwE7AFppfOrH%2FnEJ1"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
8270bc34fe4842be-EWR
alt-svc
h3=":443"; ma=86400
content-length
17
master-41a5b5a55a6af09d04bf.js
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ Frame DB44
240 KB
68 KB
Script
General
Full URL
https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master-41a5b5a55a6af09d04bf.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-47.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
017e92684f9301c6edc3504af22d04183982c21b1b3ae04221140b6746baaba8
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
VEYuS1fiFhJ4MXXtdlamOn8YGZ9ppcJ6
strict-transport-security
max-age=300; includeSubdomains; preload
content-encoding
gzip
date
Thu, 16 Nov 2023 15:19:03 GMT
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
270
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 10:27:18 GMT
server
AmazonS3
etag
W/"443c8d148a64032f9697c24bfcb54497"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300,public
x-amz-cf-id
iZfdUfTrp8sfUEzTtXjg2CDFoydASC502yIyzP6JbWSUpsLSYhLn_w==
collect
analytics.google.com/g/
0
251 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VT1JT14S09&gtm=45je3b81v9119558076&_p=1700148206715&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1030093738.1700148207&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Home&dp=%2F&dl=https%3A%2F%2Fcaptcha.bot%2F&sid=1700148207&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2068
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://captcha.bot
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
251 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VT1JT14S09&cid=1030093738.1700148207&gtm=45je3b81v9119558076&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://captcha.bot
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
choice.js
cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/
Redirect Chain
  • https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
  • https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
10 KB
4 KB
XHR
General
Full URL
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Server
2600:9000:25c8:4800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
beea121e5188b863d6e08e80e8b9744ecebf9cdd37f201a9b2b4000fd6af900f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
br
via
1.1 ca0fc43bc87ea655f66615a99ef77b4e.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 15 Nov 2023 19:39:46 GMT
server
AmazonS3
etag
W/"68a808c955fa55b5689765c1870de09c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id
kargrAB0jSXFsM9CgBrlTtMd53NSzNDXptkvCKY0vSE-jsXDRLHG_Q==

Redirect headers

x-amz-website-redirect-location
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
date
Thu, 16 Nov 2023 15:23:28 GMT
via
1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
0
last-modified
Wed, 15 Nov 2023 19:47:35 GMT
server
AmazonS3
etag
"997985d66f999e7c0034a8915419c2cf"
access-control-max-age
3000
access-control-allow-methods
GET
location
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
access-control-allow-origin
https://captcha.bot
cache-control
max-age=3600
access-control-allow-credentials
true
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
O7pKcvjP3v4LC8en_Ftxr6K4mpzvEUOUHFpLdBKGV28b3mQ93h2XFw==
prebid-407496646b648e67be5f557efe0c7641.js
cdn.fuseplatform.net/prebid/
261 KB
81 KB
Script
General
Full URL
https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ac029ed357e9abcb27b7afb2c5e3ffd7b0877924f8707c32c0a094e9a2027b2d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
content-encoding
gzip
last-modified
Fri, 03 Mar 2023 02:21:08 GMT
server
AkamaiNetStorage
etag
"84cb2005d5697b835da43944b24c79f2:1677810068.706101"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400000
accept-ranges
bytes
content-length
82396
expires
Wed, 12 Aug 2026 15:23:27 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
101 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c305b7ad1d78bd67cd5af248ce383aa062d4d09e779b2add0c732469d32badb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31501
x-xss-protection
0
server
cafe
etag
222 / 19677 / 31079657 / config-hash: 12061389886161084213
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:27 GMT
noconsent
cdn.fuseplatform.net/telemetry/
1 B
266 B
Fetch
General
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1700148207090&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=2143&e=fuse-load
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://captcha.bot
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Thu, 16 Nov 2023 15:53:27 GMT
8270bc2f6e098c95
captcha.bot/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame F303
0
550 B
XHR
General
Full URL
https://captcha.bot/cdn-cgi/challenge-platform/h/g/jsd/r/8270bc2f6e098c95
Requested by
Host: captcha.bot
URL: https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ds2vD%2FsL%2FNq%2B5QqyVRUOtibYVCC4So8ZVxisn24lSJ6v2usiq1sX7Z9r%2BvXE7kNqbSucCKsLjnpU%2FODfyJfv9QttJ44HGYcZxrc6FPTERBdVXpndy2r%2Bj4nWcAo4yYbfH9igZfQUWcHR"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8270bc3759c142be-EWR
alt-svc
h3=":443"; ma=86400
203-021d9bb6abdf3b0a1686.js
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ Frame DB44
3 KB
2 KB
Script
General
Full URL
https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/203-021d9bb6abdf3b0a1686.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master-41a5b5a55a6af09d04bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-47.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
398aaea091a54352bcde7ee272823fae32d2ec9cbf1d7547ec07e97f800192e7
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
ZmaCPSdsoVeiTWNO2GLd.W1svX.lA..u
strict-transport-security
max-age=300; includeSubdomains; preload
content-encoding
gzip
date
Thu, 16 Nov 2023 15:19:05 GMT
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
269
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 10:27:18 GMT
server
AmazonS3
etag
W/"39b0397b27d3ed0a3a1371fc8ca05908"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300,public
x-amz-cf-id
eCzlAif6i2mkNQh3_1bem7knJj0nnHJurWh2uqPQYXdqDw78c6B3lw==
211-6a6908e5a41569cb399a.js
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ Frame DB44
3 KB
2 KB
Script
General
Full URL
https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/211-6a6908e5a41569cb399a.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master-41a5b5a55a6af09d04bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-47.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e686f777af902c3b49e5143f9205136effcd04b661d8c863a8380e75a0d3a97d
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
pTvRBGvWyPqC7FJZSl8CBoWW58HvKYFl
strict-transport-security
max-age=300; includeSubdomains; preload
content-encoding
gzip
date
Thu, 16 Nov 2023 15:22:01 GMT
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
160
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 10:27:18 GMT
server
AmazonS3
etag
W/"98b68e616f028cac9f25f9eb296a0686"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300,public
x-amz-cf-id
XnGRGFfPHb_MkSjbdzXvXjl0PRG970gme2QQoDX_DTQPC0AKIEBP7w==
pi-worker.js
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ Frame DB44
65 KB
21 KB
Other
General
Full URL
https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/pi-worker.js
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-47.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b013c2c47077742878ed5169c4f564d0d5278a480d7aac99ef7df75a783359e9
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
6YZnSvXwCgQmMy3h1edTQ_hExiC5T2J3
strict-transport-security
max-age=300; includeSubdomains; preload
content-encoding
gzip
date
Thu, 16 Nov 2023 15:19:05 GMT
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
270
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 10:27:18 GMT
server
AmazonS3
etag
W/"2324169384a83daddea2b3025d388fe0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300,public
x-amz-cf-id
-qe1BkiEGGE6Oa-pyZrh54T2RLS5H1sSjKvZmIHw638W7xeii0-26g==
retrieve_js_info
privygg.chargebeestaticv2.com/api/internal/1700147700/ Frame DB44
596 B
1 KB
XHR
General
Full URL
https://privygg.chargebeestaticv2.com/api/internal/1700147700/retrieve_js_info
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master-41a5b5a55a6af09d04bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-86.phl50.r.cloudfront.net
Software
ChargeBee /
Resource Hash
064a3112be6d2f55331306cf2edd1ccc2a63cb9e3453a735861daba634d75188
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://js.chargebee.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:15:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
500
x-cache
Hit from cloudfront
content-length
596
server
ChargeBee
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/json;charset=utf-8
access-control-allow-origin
https://js.chargebee.com
cache-control
max-age=0, must-revalidate, public, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version, chargebee-business-entity-id, X-TP-Token
x-amz-cf-id
Mvf9cXR-ZKqU0MweVKUpm7ubUxjeNRCTARHHq8i9tYEdOMBpTCN8ig==
expires
Thu, 01 Jan 1970 00:00:00 UTC
retrieve_js_info
privygg.chargebeestaticv2.com/api/internal/1700147700/ Frame
0
0
Preflight
General
Full URL
https://privygg.chargebeestaticv2.com/api/internal/1700147700/retrieve_js_info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-86.phl50.r.cloudfront.net
Software
ChargeBee /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://js.chargebee.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version, chargebee-business-entity-id, X-TP-Token
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://js.chargebee.com
cache-control
max-age=0, must-revalidate, public, s-maxage=10800
content-length
0
date
Thu, 16 Nov 2023 15:23:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
server
ChargeBee
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
x-amz-cf-id
v-5N2MHQy_RiUMWAjCXtRfcNoaiJ5x_9uQgJSspV-JAXMswy6ihF-g==
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/
429 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 17:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
78315
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 14 Nov 2024 17:38:12 GMT
tag
btloader.com/
91 KB
30 KB
Script
General
Full URL
https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3677a201ab63c88c0d56d83e946665e5fb5d93bca0d4b7a7ff0588b7e0107f85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 14:28:48 GMT
server
cloudflare
age
3277
etag
"3b3e5d8fa78387de6747760e97ba5614"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8270bc388c331982-EWR
content-length
30020
state
api.btloader.com/mw/
0
101 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Nov 2023 15:23:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/
43 B
919 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1083504
x-guploader-uploadid
ABPtcPpNNajJRSFwM_0C3hYzCNCujkAURVj2eJaHaN1pvAL62OV4Db0k-n6McK_DMWi8P7kNfg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFtWWnCoGV8xCwcQqJ7Q%2BmIr7UK2f6NUzqAq%2Bmx%2BEkRw564ljjtOkoThBJtnCCG0odojL8CEqsX%2FMmuofqK8dbk68Bp%2FFBKW0jscEEZwGybSUlxCpujQQPl20JRMs%2FUmQ7ij%2FHhf0W3b7f5k0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8270bc38fefb4219-EWR
expires
Fri, 17 Nov 2023 15:23:27 GMT
favicon.ico
ad.doubleclick.net/
1 KB
571 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 09:34:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 09:34:20 GMT
px.gif
ad-delivery.net/
43 B
339 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.24106254670847926
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1083504
x-guploader-uploadid
ABPtcPpNNajJRSFwM_0C3hYzCNCujkAURVj2eJaHaN1pvAL62OV4Db0k-n6McK_DMWi8P7kNfg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdz7wO9qjSuO4sRefhzwmrktmt2UetiROvTs0S8InWtfFLTxjfrpRG4ZVNUkq%2FQy7olj9SwLGP3kqb3ghp8JvCkhkSTWSrpuSkan%2FjMP07WhND%2Bf7tY0AlmziE3qHcIhLQYh4amZk2orMb%2FWHA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8270bc38fefe4219-EWR
expires
Fri, 17 Nov 2023 15:23:27 GMT
205-e9a35cb8e86108e5b7ba.js
js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/ Frame DB44
13 KB
4 KB
Script
General
Full URL
https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/205-e9a35cb8e86108e5b7ba.js
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master-41a5b5a55a6af09d04bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-47.phl51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad74a7f477d4dbe1cecfc7591f728f9d7236efb402e337634cd3d14c321c1ac7
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/master.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
h3AAKv5Dik2bQU79frh68MdMzQKMhS3n
strict-transport-security
max-age=300; includeSubdomains; preload
content-encoding
gzip
date
Thu, 16 Nov 2023 15:19:05 GMT
via
1.1 cdbbcd70735de4c554b3d02a12c5bea0.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
262
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 10:27:18 GMT
server
AmazonS3
etag
W/"d277b774543358b06ec00bd035f365fa"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300,public
x-amz-cf-id
WffQcgvE7AbWIC0tc-YX63MzbU9-AklTZBj5U9QUvWQOynHdjopMhA==
country
api.btloader.com/
16 B
141 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
rum
captcha.bot/cdn-cgi/
0
138 B
XHR
General
Full URL
https://captcha.bot/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:66e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://captcha.bot
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8270bc395cae42be-EWR
api.js
js.hcaptcha.com/1/ Frame DB44
325 KB
92 KB
Script
General
Full URL
https://js.hcaptcha.com/1/api.js?onload=hCaptchaLoadCallback&render=explicit
Requested by
Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2023.11.15-10.23/v2/205-e9a35cb8e86108e5b7ba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36eb960a0f696bcea2ff0f7e1c190497b0434dc69b5f08e5ef966bf8a5fdb62e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.chargebee.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
qgwXoHvtvhyqGf6FlJZpIKGVKUu9tX9V
age
0
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 13:02:04 GMT
server
cloudflare
etag
W/"4615710d2f5af894fc819f8023a57fe1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
cf-ray
8270bc398fdb440d-EWR
x-amz-cf-id
qeqAC9dXTdEbknaBzB858i0LDBJ5UJizIOeirnwtzoJwyyS55I2mLg==
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=sGjyYCeOw&w=5142342223265792&o=5708166709903360&cv=2.1.23-7-g7ca04d5&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fcaptcha.bot%2F&sid=sGmry40rl&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Nov 2023 15:23:27 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/c455997/static/ Frame C15F
2 KB
933 B
Document
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=hCaptchaLoadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85bf82b1839f7ce776633ba44f9bafe42b7bece4581e008e641274134810f4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.chargebee.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
age
252
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
8270bc3a1873440d-EWR
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 15:23:27 GMT
last-modified
Thu, 16 Nov 2023 13:02:04 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
x-amz-cf-id
g36cx3x-W6UQT7at_XEscPRCGCIJwVo4r9lN_6uwVHDTfXnHjxWsiQ==
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
p.ku4Nkm6QkcaDuF1MzZmBrOVAxIDhNF
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/c455997/static/ Frame EA6E
2 KB
763 B
Document
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=hCaptchaLoadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85bf82b1839f7ce776633ba44f9bafe42b7bece4581e008e641274134810f4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.chargebee.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
age
252
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
8270bc3a1870440d-EWR
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 15:23:27 GMT
last-modified
Thu, 16 Nov 2023 13:02:04 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 c3fb7b0c0d3cbd002fed2c3d958d111e.cloudfront.net (CloudFront)
x-amz-cf-id
g36cx3x-W6UQT7at_XEscPRCGCIJwVo4r9lN_6uwVHDTfXnHjxWsiQ==
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
p.ku4Nkm6QkcaDuF1MzZmBrOVAxIDhNF
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/c455997/ Frame C15F
325 KB
91 KB
Script
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/c455997/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36eb960a0f696bcea2ff0f7e1c190497b0434dc69b5f08e5ef966bf8a5fdb62e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
qgwXoHvtvhyqGf6FlJZpIKGVKUu9tX9V
age
255
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 13:02:04 GMT
server
cloudflare
etag
W/"4615710d2f5af894fc819f8023a57fe1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
8270bc3a38a6440d-EWR
x-amz-cf-id
qeqAC9dXTdEbknaBzB858i0LDBJ5UJizIOeirnwtzoJwyyS55I2mLg==
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/c455997/ Frame EA6E
325 KB
91 KB
Script
General
Full URL
https://newassets.hcaptcha.com/captcha/v1/c455997/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36eb960a0f696bcea2ff0f7e1c190497b0434dc69b5f08e5ef966bf8a5fdb62e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
qgwXoHvtvhyqGf6FlJZpIKGVKUu9tX9V
age
255
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 16 Nov 2023 13:02:04 GMT
server
cloudflare
etag
W/"4615710d2f5af894fc819f8023a57fe1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
8270bc3a48be440d-EWR
x-amz-cf-id
qeqAC9dXTdEbknaBzB858i0LDBJ5UJizIOeirnwtzoJwyyS55I2mLg==
truncated
/ Frame EA6E
798 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
choice.js
cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/
Redirect Chain
  • https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
  • https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
10 KB
4 KB
Script
General
Full URL
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Protocol
H2
Server
2600:9000:25c8:4800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
beea121e5188b863d6e08e80e8b9744ecebf9cdd37f201a9b2b4000fd6af900f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
br
via
1.1 155cf052093c04a91231ce0752765784.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 19:51:02 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
x-amz-server-side-encryption
AES256
etag
W/"68a808c955fa55b5689765c1870de09c"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
09JcOEF1bWVl8rd5gz0FdpWNbl_gJ_VHZYj9e0ytRxtH06wDhZnGnw==

Redirect headers

x-amz-website-redirect-location
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
date
Thu, 16 Nov 2023 15:23:28 GMT
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
0
last-modified
Wed, 15 Nov 2023 19:47:35 GMT
server
AmazonS3
etag
"997985d66f999e7c0034a8915419c2cf"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
grWBN09e5BmBkHe9P7E_zKxv7Wbiru1GNQfQ9aKhZHv0PtWXgeRYlA==
checksiteconfig
api.hcaptcha.com/ Frame C15F
650 B
837 B
XHR
General
Full URL
https://api.hcaptcha.com/checksiteconfig?v=c455997&host=js.chargebee.com&sitekey=dc26aa54-4902-437f-80e2-a22947a6c01b&sc=1&swa=1&spst=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c455997/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ac786dd7d2df1c24377488b0cd75aa969d139420d5ac295be1e93f8fde493c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
8270bc3af9a9440d-EWR
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc
h3=":443"; ma=86400
hsw.js
newassets.hcaptcha.com/c/bc8c0a8/ Frame C15F
511 KB
222 KB
Script
General
Full URL
https://newassets.hcaptcha.com/c/bc8c0a8/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/c455997/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e6dab1cacda3a4a07e374d1364e01aa182806cafee7421cc7bccf5ca347f3de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/c455997/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
sOQ_F0Za0jAfo9cYoJ7FtRMIyAVgv0OK
age
423
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 15 Nov 2023 08:28:40 GMT
server
cloudflare
etag
W/"c0fbe32c10a50567ff821ccdabc2754c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
8270bc3b29fa440d-EWR
x-amz-cf-id
pf5necXxv5tcd-jvDu4lysg5HJEXgSFoDQZ-tUd9WTj-ihlmCfuYHA==
cmp2.js
cmp.inmobi.com/tcfv2/
158 KB
42 KB
Script
General
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=captcha.bot
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:4800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a36cfe069f3a0762652d5b30060d711b1c3261ea54ad353241a265db227812c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:28:05 GMT
content-encoding
br
via
1.1 155cf052093c04a91231ce0752765784.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL51-P1
age
3324
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 20 Sep 2023 19:17:26 GMT
server
AmazonS3
etag
W/"e7ba2bb5a35380a45ae26284e5c41476"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
x-amz-cf-id
hIH0oIfDHGGLaUAAg1cqE5kWVesviRq64eME6m1m_3q2VQKpb5SwyQ==
publishertag.ids.js
static.criteo.net/js/ld/
42 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 17 Nov 2023 15:23:28 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-124.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:18:30 GMT
content-encoding
gzip
via
1.1 b364a698bd3b40fc657ca5500f6818ce.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
29099
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
OEMbMlBO7_bDBjSmaKJZFYA47G8PclyfriU0fo5uNTf3WaenFM0y2A==
ads
securepubads.g.doubleclick.net/gampad/
184 KB
50 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2972673244638772&correlator=3937899634057707&eid=31079659%2C31079670%2C31079657%2C44780988%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&gdpr=0&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Cweb_interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=4167373516&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700148208377&lmt=1699676384&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1030093738.1700148207&ga_sid=1700148208&ga_hid=560816133&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9sXrxb0xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPbF68W9MUgAUgIIZA..&dlt=1700148206290&idt=1097&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D2000-2499%26PREBID_READY_MS%3D2000-2499%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3Dnot_ready%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D2000-2499%26CMP_JURISDICTION%3Dunknown%26CMP_ALLOW_PERSONAL%3Dfalse&adks=3794695886&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56e01dbd445b3e609dba673bd82bdf1969b350936a70c9e1a234ad3cddec16de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51657
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://captcha.bot
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
noconsent
cdn.fuseplatform.net/telemetry/
1 B
266 B
Fetch
General
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602535&cmpj=unknown&v=1&ttm=1700148208390&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3443&e=slot-request
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://captcha.bot
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Thu, 16 Nov 2023 15:53:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce32ae882f40c9033f5d7fc2704b9be9cee32aa7d53023f20fdb966ab3e01119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12259
x-xss-protection
0
container.html
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DD23
6 KB
3 KB
Document
General
Full URL
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://captcha.bot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 15:23:28 GMT
expires
Fri, 15 Nov 2024 15:23:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/
39 KB
13 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js?cb=31079657
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 17:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
78135
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13750
x-xss-protection
0
server
cafe
etag
15254217830347453119
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 14 Nov 2024 17:41:13 GMT
geoip
cmp.inmobi.com/
49 B
333 B
XHR
General
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=captcha.bot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:4800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a

Request headers

Accept
application/json, text/plain, */*
Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
via
1.1 ca0fc43bc87ea655f66615a99ef77b4e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL51-P1
x-cache
FunctionGeneratedResponse from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
content-length
49
x-amz-cf-id
RhyANUOlrIwcvLDtL3MUhTHE5hYeViNEHltyDZhnKNKgMPoJY9ZMBw==
auction
tlx.3lift.com/header/
19 B
739 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fcaptcha.bot%2F&tmax=1000&gdpr=false
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.23.92.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-92-235.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://captcha.bot
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/
0
190 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.27.0&cb=23227072884
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://captcha.bot
date
Thu, 16 Nov 2023 15:23:27 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
hb
ssc.33across.com/api/v1/
104 B
180 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://captcha.bot
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
104 B
189 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://captcha.bot
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
104 B
189 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://captcha.bot
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
104 B
189 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://captcha.bot
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/
104 B
358 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://captcha.bot
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
prg8.smartadserver.com/prebid/
1 KB
2 KB
XHR
General
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.94.209 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip209.ip-147-135-94.us
Software
/
Resource Hash
a8642b2144f5f3473de287de8bf9960e40c66bacb4845580accdd400c52a7fa7

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://captcha.bot
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/
1010 B
2 KB
XHR
General
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.94.209 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip209.ip-147-135-94.us
Software
/
Resource Hash
3a2762ba48e0ce21f54e4b545f937fe83de3dd840d291134103d889dbb28d86e

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://captcha.bot
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/
1 KB
2 KB
XHR
General
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.94.209 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip209.ip-147-135-94.us
Software
/
Resource Hash
ca73ce16bf82732ed93a9b6087c7bc63ac2d76e285ca5d7a34411b47ee49995f

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://captcha.bot
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/
1 KB
2 KB
XHR
General
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.94.209 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip209.ip-147-135-94.us
Software
/
Resource Hash
16584d00bde34db36e3c3fd2d68804f1a05ef12abe8570531e561134e1fec73d

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://captcha.bot
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg8.smartadserver.com/prebid/
1007 B
2 KB
XHR
General
Full URL
https://prg8.smartadserver.com/prebid/v1
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.94.209 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip209.ip-147-135-94.us
Software
/
Resource Hash
a1cb10406a6a28655351f567b6851b114056e8b2b2b773d0aca26cb3da966143

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://captcha.bot
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/
263 B
603 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=41c58079-ea0c-4028-9f61-d42d66385f06&l_pb_bid_id=37d1c9391c09103&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7377247672957787
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
43fe9baf723ed950dda46d8675f1123142eab8360bf5d71f3126de4978e5e74f

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://captcha.bot
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
263
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
5 KB
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=049f652f-8843-4c19-bf9c-dcfe2c9a6617&l_pb_bid_id=38c39be76a475be&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.41142009896986886
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
64b5c64d8600b52c7750278da76ec7cb2ae1b6ac40831ef3e7f3402e970f9525

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://captcha.bot
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
263 B
604 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=1a778a26-e6ce-491c-bb48-ce09e0c22169&l_pb_bid_id=39a4fa0f35740bf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7771585078351313
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1162f1c47f371d5ca4192e405bb3059b3d582df339ce66b15ed7da465367dc80

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://captcha.bot
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
263
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
263 B
604 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=07301293-55dd-47be-9ff9-1c5495b45ca7&l_pb_bid_id=40ad67c3940c30a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.731575498782719
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c5cc340c08cd853d82cd532d2f58de982e0c8fc015b7116f837202d52b129508

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://captcha.bot
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
263
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
263 B
774 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=7ee258c5-369c-46a3-af03-b04cab1826d7&l_pb_bid_id=415c8ffcaa2469d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3763994117632361
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cd594deba343e24788a95c61f98cecd9e107ddbc82ac9c95033a71aa4dc22a64

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://captcha.bot
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
263
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
265 B
606 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=1%2C55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=ba2da729-f220-44e5-9716-79ae4d3c1a61&l_pb_bid_id=422ed1e3be7348c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4647718285707103
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4b5a1c328f781b61a764d17923f440cc970d6f699849bcc236e894a0d51c72bd

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://captcha.bot
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
265
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
603 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
22caa2f838449dff34cf4b2e3d693ea3605903c403032431d294eef8d894da0e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
an-x-request-uuid
0e803b08-9a55-4696-b66f-4cb375cefe94
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://captcha.bot
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.132; 5.181.234.132; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
113 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://captcha.bot
date
Thu, 16 Nov 2023 15:23:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/
0
167 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Thu, 16 Nov 2023 15:23:28 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://captcha.bot
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
map
bcp.crwdcntrl.net/6/
156 B
612 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.214.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-214-81.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f1541501090897e0804ad3205d903eb61d4fed83ed28d2a903272f614ee894b7

Request headers

Referer
https://captcha.bot/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://captcha.bot
cache-control
no-cache
x-server
10.40.52.132
access-control-allow-credentials
true
content-length
156
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Nov 2023 15:23:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C1EF
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://captcha.bot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
66478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 20:55:30 GMT
expires
Thu, 14 Nov 2024 20:55:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4AB9
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8e4186bd2cfa76f7a48100c5d1edb1909b37f68f1e33508f92edb72017a40406
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-APvzqoQR9uKx0ChkaftnNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://captcha.bot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-APvzqoQR9uKx0ChkaftnNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 15:23:28 GMT
expires
Thu, 16 Nov 2023 15:23:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame C1EF
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 13:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
7867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 13:12:21 GMT
syncframe
gum.criteo.com/ Frame 8DB4
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=captcha.bot&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://captcha.bot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 15:23:28 GMT
server
Kestrel
server-processing-duration-in-ticks
444952
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame 4AB9
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=2972673244638772&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

sid
mug.criteo.com/ Frame 8DB4
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=captcha.bot&sn=ChromeSyncframe&so=0&topUrl=captcha.bot&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=pSLJmHxJNktXbGVET1UwZFkvU0RzcFpNbExMVUtTVHB2R05ha3VjM1ZUZ2hnNzBiaXgyVTliYUY1YmxSZHU4MnQ3djYxems0d0pxMEl4MXRzL28xZmdTdVlQVmlnL1RMT0kwb0VZVmhoTUR6b1E5MFhiTmw0VGhvRHNIM2...
435 B
653 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=pSLJmHxJNktXbGVET1UwZFkvU0RzcFpNbExMVUtTVHB2R05ha3VjM1ZUZ2hnNzBiaXgyVTliYUY1YmxSZHU4MnQ3djYxems0d0pxMEl4MXRzL28xZmdTdVlQVmlnL1RMT0kwb0VZVmhoTUR6b1E5MFhiTmw0VGhvRHNIM2Zib3BXNGtRMW02YnpFSHBpNU5IcUU1ZUQ5ZWFpaXJHd09scVNpWFRkbWdyWGxZWVdFM0syVnFJU3BZeTkvRDJLS0IzQVVNL3N3T3ZyZVdhenVWYWRZREdJWlJjVVVDU0hucDVOWm5KaUNrQ0xBRXBtQmJodWpxMEpPUnlVUlc4NkJZWWFpOUQraHVVblFLYm1oMHdTZ0kyR2RCWVV3UT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
eed41569c5406a72f15d1cf51192eb8f2ee0fc44e64cbc97b50cf7f7f5437e3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1639001
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=pSLJmHxJNktXbGVET1UwZFkvU0RzcFpNbExMVUtTVHB2R05ha3VjM1ZUZ2hnNzBiaXgyVTliYUY1YmxSZHU4MnQ3djYxems0d0pxMEl4MXRzL28xZmdTdVlQVmlnL1RMT0kwb0VZVmhoTUR6b1E5MFhiTmw0VGhvRHNIM2Zib3BXNGtRMW02YnpFSHBpNU5IcUU1ZUQ5ZWFpaXJHd09scVNpWFRkbWdyWGxZWVdFM0syVnFJU3BZeTkvRDJLS0IzQVVNL3N3T3ZyZVdhenVWYWRZREdJWlJjVVVDU0hucDVOWm5KaUNrQ0xBRXBtQmJodWpxMEpPUnlVUlc4NkJZWWFpOUQraHVVblFLYm1oMHdTZ0kyR2RCWVV3UT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
539408
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/
243 KB
42 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2972673244638772&correlator=228965415457787&eid=31079659%2C31079670%2C31079657%2C44780988%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Chome_header%2Chome_incontent_1%2Cscrolling_sticky_footer%2Chome_incontent_2%2Chome_incontent_3%2Chome_incontent_4&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C468x60%7C728x90%7C970x90%7C970x250%7C1200x90%2C728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250&ifi=2&didk=907217920~3563266103~3802411025~907161749~907278779~907458070&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700148208758&lmt=1699676384&adxs=436%2C436%2C566%2C436%2C436%2C436&adys=140%2C1149%2C1200%2C2312%2C3159%2C4373&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x64%7C0x64%7C0x-1%7C0x64%7C0x64%7C0x64&msz=728x0%7C728x0%7C468x-1%7C728x0%7C728x0%7C728x0&fws=128%2C128%2C644%2C128%2C128%2C128&ohw=0%2C0%2C1600%2C0%2C0%2C0&ga_vid=1030093738.1700148207&ga_sid=1700148208&ga_hid=560816133&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjGx-vFvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj2xevFvTFIAFICCGQ.&dlt=1700148206290&idt=1097&prev_scp=is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Chb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.20%26hb_adid%3D6355932014fc4e3%26hb_bidder%3Drubicon%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Cis_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Cis_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Cis_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Cis_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D2000-2499%26PREBID_READY_MS%3D2000-2499%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3D3000-3499%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D2000-2499%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D3500-3999%26CMP_LOAD_FINISH_MS%3D3000-3499%26FIRST_ZONE_MS%3D2500-2999%26HB_AUCTION_START_MS%3D3500-3999&adks=789855873%2C3730992247%2C3743414737%2C258786273%2C1791281508%2C4107777432&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b25fabbdd4608ade7c022b666c1cc2e631a9d403fc29535df2789ed0bca96817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42673
x-xss-protection
0
google-lineitem-id
-1,5936619770,6135256488,208234953,208234953,208234953
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138383374723,138370670983,138324663415,138324663418,107027452833
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://captcha.bot
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
noconsent
cdn.fuseplatform.net/telemetry/
1 B
266 B
Fetch
General
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602502&cmpj=none&v=1&ttm=1700148208772&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3826&e=slot-request
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://captcha.bot
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Thu, 16 Nov 2023 15:53:28 GMT
noconsent
cdn.fuseplatform.net/telemetry/
1 B
266 B
Fetch
General
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801516488&cmpj=none&v=1&ttm=1700148208773&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3826&e=slot-request
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://captcha.bot
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Thu, 16 Nov 2023 15:53:28 GMT
noconsent
cdn.fuseplatform.net/telemetry/
1 B
266 B
Fetch
General
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=22856109504&cmpj=none&v=1&ttm=1700148208774&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3827&e=slot-request
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://captcha.bot
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Thu, 16 Nov 2023 15:53:28 GMT
noconsent
cdn.fuseplatform.net/telemetry/
1 B
266 B
Fetch
General
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602508&cmpj=none&v=1&ttm=1700148208774&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3828&e=slot-request
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://captcha.bot
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Thu, 16 Nov 2023 15:53:28 GMT
noconsent
cdn.fuseplatform.net/telemetry/
1 B
266 B
Fetch
General
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602505&cmpj=none&v=1&ttm=1700148208775&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3828&e=slot-request
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://captcha.bot
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Thu, 16 Nov 2023 15:53:28 GMT
noconsent
cdn.fuseplatform.net/telemetry/
1 B
266 B
Fetch
General
Full URL
https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602511&cmpj=none&v=1&ttm=1700148208776&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=846c601df42816ba4d54&srate=100&adserver=gpt&etm=3829&e=slot-request
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:7::1728:b3ba Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 11:31:51 GMT
server
AkamaiNetStorage
etag
"9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
text/plain
access-control-allow-origin
https://captcha.bot
cache-control
max-age=1800
accept-ranges
bytes
content-length
21
expires
Thu, 16 Nov 2023 15:53:28 GMT
generate_204
tpc.googlesyndication.com/ Frame C1EF
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?gzvdbw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DAA6
6 KB
3 KB
Document
General
Full URL
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://captcha.bot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 15:23:28 GMT
expires
Fri, 15 Nov 2024 15:23:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame DAA6
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 14:43:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Nov 2023 15:23:29 GMT
css
fonts.googleapis.com/ Frame 9229
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 14:44:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Nov 2023 15:23:29 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9229
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:55:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
66470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 20:55:39 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 9229
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:45:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
67109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 20:45:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2E35
143 B
248 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
3454
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 14:25:55 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9229
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:57:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
66330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 20:57:59 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9229
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
66958
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 20:47:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9229
195 KB
62 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62828
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:29 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 9229
37 KB
16 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 13 Feb 2024 20:55:46 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame DAA6
21 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:55:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
66460
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 20:55:49 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DAA6
205 B
519 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:45:13 GMT
x-content-type-options
nosniff
age
67096
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 14 Nov 2024 20:45:13 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DAA6
604 B
695 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:50:18 GMT
x-content-type-options
nosniff
age
66791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 14 Nov 2024 20:50:18 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=2972673244638772&bg=!WFulWxTNAAZxrfrxUa07ADQBe5WfOAfome-V534rE6wWHfXTP4PMU1F1m8lw4ivJuCRKfb3d1n-31dhOomRwXWtuy7-JAgAAAKZSAAAABWgBB5kCw1do2XvjSoGN_B3ur6PYXpqsPnANEu0BNxM6ZnlFg4pbCsWKnENBg8XAYjmfmr3Q-Lwon2wmFxTpiy37K1dcv4ZTrBpsd9_ZTTdHpBns_Rj9WtJ8viov1XjarUtpw8dj1Q9xGzqQKfxLwAEJH5wakl7EzUoaTYsA-m6j0TVAHBanqNNs2Z6nmAP1r16QLUl5s6e7AGpMixbq0Wov6tJChxhcFrn7wlCs9qz2wKSwQILDlm8gnygkP3LsHFV3K2H7tkJGTFSiPeiU7nBfxjjZSJrNtF74IUrK7KDHsKf1KsWbTdNM72RhOABWUWKY0u4PpcALGq4EkFYA31yw1k3RiXm7USEGmfZ291DduseyWwl6YmR2il7NQYzQIOCQTFonW1Z-PzoOlp5rmE7Jnmdaemi7UUqztaqvc6IJZyqvi1TvYyZtcOsw_SxpPosjoRooA3B4b4UFkfJ0KzMPh3izsBP9dJ-y-dtbt4nXXGAgbFbD5f0a7x3_sp68uiuTxrM1IAoEoaiBoIz5vs81f64dlWj6XhavSucbwME4O0dqM8iJDeL8RPEdbZvTaVRb9FX_Cx2KQ55c8VI_Jw1bG-5Xis0y5zQWa09y-sME_OSV8QRL3PSr-7R1xyofhF4eXm75KHk2jmeV7YSKtu_6KsAI_crOO3B4FZkrHnQueM0nCOqAp1hnIbJzDagL3Wvgd7BuKec1J3ZEGYdnjAXtMqTyOKRaUVD0fCm6bZgWTYxG9Zp_cuj0ZWN49r4KKTtZ6-wGyyxdJmGry3PN-UXC2E29vyKKik-gEcKQOzCAuBUPsQQMq1Ci1unIfjTJatVDs6XA8qnopjwm8HLIRwoM-vJEfiLFHv2DgLlM9aNXv5xBQqz882DvgJZi7DXdGp5uDVz1YOFSgdi_bh3DU1GJGpwk2MNEaOwe6T5oWSI_ccUHMRSQD4uf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

publishertag.prebid.117.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 17 Nov 2023 15:23:29 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 7F94
196 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 11 Nov 2023 04:44:03 GMT
age
470366
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 10 Nov 2024 04:44:03 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7F94
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 13 Nov 2023 18:07:46 GMT
age
249343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 12 Nov 2024 18:07:46 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7F94
95 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 13 Nov 2023 18:07:46 GMT
age
249343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 12 Nov 2024 18:07:46 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7F94
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 13 Nov 2023 18:07:46 GMT
age
249343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 12 Nov 2024 18:07:46 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7F94
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 09 Nov 2023 21:20:22 GMT
age
583387
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 08 Nov 2024 21:20:22 GMT
css
fonts.googleapis.com/ Frame 7F94
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 14:37:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Nov 2023 15:23:29 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7F94
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:59:41 GMT
x-content-type-options
nosniff
server
cafe
age
66228
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Thu, 16 Nov 2023 20:59:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7F94
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:48:23 GMT
x-content-type-options
nosniff
server
cafe
age
66906
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Thu, 16 Nov 2023 20:48:23 GMT
truncated
/ Frame 7F94
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81c68e93b5bad4332a72ee44e13adf8f0ad4a709f0ff5b93f37d985485ff903b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 702E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyo5moOtaXhlwZUDtm3TWXHTRQnuNwcSA6JR2X4C2Mjzz59dZncUe7ND5v0n3YzmG6QfD4-kDQGnzr__bhxE4z0vLKa_ZjUguJq1cXqvdziIrHb3nyLLTkxpuO0E9KCGjQj56k-qD3pSn283bkNBSf6neFsFCOaMLNtyONjBJPWfsNJnQNb-ffKrbYfDC8sdSPvzP2_QCLw8QUl_SGra7A4VIwC0qlt2Plq0gagBeb5xr1_EWZemv05wwHGv-kcDGiW1LwK5JrZf_pKxk9vLMIemGsJn8YzF2q08h6-BfCwvnFjd6NIdh3LbXx15Bl7gehGfqZwwM_WxdWV6FAhQPB4l19MgXeyY4wLtSoOuQ_b3XfjuMb6VEQVEx2pzdDzVhE&sai=AMfl-YRA4ix0M5ZHovKS-LAgBqjGtKiFH1VVjnjX2xmDfA4pI02EUUbBsmIdUD1yIT4R_b9ad-I2jHNJvGFwUWpBm07okduXP02FIU7DfEQODFNkyB-YXxiOKyqu_T0nOi467VhERJvcyMTp_9rk9qfP2Xw&sig=Cg0ArKJSzPfp9pQ11lq-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Nov 2023 15:23:29 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 702E
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 16 Nov 2023 15:23:29 GMT
x-content-type-options
nosniff
content-encoding
br
age
41621
x-jsd-version
1.16.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9365
x-served-by
cache-fra-etou8220028-FRA, cache-lga21957-LGA
x-jsd-version-type
version
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 702E
195 KB
61 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62828
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F4B6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuc1srfwV83ZScSpgnMOWiqYgPZ66BfDyoawqBnL8DjN3ibWs7GmEMnvTLiG7WjwSQUhUAElJqF0j4eFPKwfxCwxp2CK8zOPZkINprQKFLy8LAH7rj8xXp60EVM3pqO-QGtgkA9z5BRuXBCVWvk1PDodcDbV6x6iS-xk2NpsWTMssGowIEjTWIGeQiiHPPA7zedZwuXvACgavMjNwZ7Ex7pa7oPIfBN01N260f8GBQPs9B7J65QiZCWChVSGVMZDHQbDa7NgOOBQMT6uqP6p8mYzO-ys8LUYDYgF93s3K7YxZfqpW-hytSv2iDHkVptksx_c6QDkPjDvWigizaj0QFixlW7cjzGPbt0GLyKDMcVfTuUg_RD7CKmcyxjiMZ3YqASKjUjJLs8jtU&sai=AMfl-YQSZzc-SUzaS7714nMVU266W7owoqXr16cmKfi8XSML2j6AJ7G-Hqbm7Da0H-Dgi-I8vnPa2dzb2oJdHRapCzLOQh3hYa14nJ7rRdEs6b49QTg23ilCI-PZrUzCbVZeZzu2AFEvXKUN77ZuWgaWUZ0&sig=Cg0ArKJSzLBA3753GXnkEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Nov 2023 15:23:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F4B6
195 KB
61 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62828
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:29 GMT
container.html
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C496
6 KB
3 KB
Document
General
Full URL
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://captcha.bot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 15:23:28 GMT
expires
Fri, 15 Nov 2024 15:23:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3505
6 KB
3 KB
Document
General
Full URL
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://captcha.bot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 15:23:28 GMT
expires
Fri, 15 Nov 2024 15:23:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 019D
6 KB
3 KB
Document
General
Full URL
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://captcha.bot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 15:23:28 GMT
expires
Fri, 15 Nov 2024 15:23:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
58 KB
20 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2972673244638772&correlator=228965415457787&eid=31079659%2C31079670%2C31079657%2C44780988%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Cscrolling_sticky_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=468x60%7C728x90%7C970x90%7C970x250%7C1200x90&ifi=8&didk=3802411025&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D46bc5e9458bf6f55%3AT%3D1700148208%3ART%3D1700148208%3AS%3DALNI_MbIJYE-JKAAMrCyQrBxKQ-UMyNMDw&gpic=UID%3D00000a0053d5c6ac%3AT%3D1700148208%3ART%3D1700148208%3AS%3DALNI_MZu1Oz511-cDZ4fCVwbtKJ8OrNGog&abxe=1&dt=1700148209710&lmt=1699676384&adxs=800&adys=1151&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x-1&msz=0x-1&fws=516&ohw=1600&psts=AOrYGsmzTUZIvfN6iqrGRNqK91FkNnD6Kewtw11F-75YiYeCO7FICCTEmeISiehFktV1NjvPzTpjR5zNDumPbeAxNnU5-KsC4vIBFTk%2CAOrYGsmdGDm7W07vuVzPP-LSCeRket1sqN8VupqjSCVZJG7UpRxR2bQmLS-bELkyw-EEUEhaENqtGxa9xJlNNr5U1OTM_vawmiQ%2CAOrYGsl28t0dSUBLbM-TuixCRH7gGM57jYM1vW7OAzbXJWCRD50D13X4cohz13fsHrIfdBCslJJPHpa47BI9pOZmE2z-cYpuziM%2CAOrYGslbfMLpMo25aWcI34-6bTPmGlPgJ5Jrjc49AweOCkOgVLyKBNJ9Ake4SV4eam73298L3uirMgN65ozpD8xYuL9ecwk62mk&ga_vid=1030093738.1700148207&ga_sid=1700148208&ga_hid=560816133&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjGx-vFvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj2xevFvTFIAFICCGQ.&dlt=1700148206290&idt=1097&prev_scp=is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26in2w_key%3D5%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx1515%26in2w_key4%3D--3---%2C--3---%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D1515%26in2w_key8%3D5%252C6%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D7%26in2w_keypm%3Dfuse-slot-22856109504-1%26in2w_key9001%3D1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D2000-2499%26PREBID_READY_MS%3D2000-2499%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3D3000-3499%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D2000-2499%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D3500-3999%26CMP_LOAD_FINISH_MS%3D3000-3499%26FIRST_ZONE_MS%3D2500-2999%26HB_AUCTION_START_MS%3D3500-3999&adks=3743414737&frm=20
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf2251fa0d25ff7169dc9c75e11526578a71434eb9b25487dc2228f13bfc2bf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20215
x-xss-protection
0
google-lineitem-id
6135185025
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138376945722
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://captcha.bot
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7F94
33 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://captcha.bot
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:47:49 GMT
x-content-type-options
nosniff
age
66940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 20:47:49 GMT
s_XRf87ByLeD_XctsjabcveBG_1696965932533.html
cdn.w55c.net/i/ Frame F9FD
1 KB
1 KB
Document
General
Full URL
https://cdn.w55c.net/i/s_XRf87ByLeD_XctsjabcveBG_1696965932533.html?&rtbhost=conf01-us-east4.rtb.roku.com&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&ei=RUBICON&wp_exchange=NWP&ac=WFNXOXFyT2xxRzpYUzQ1S0VoZjBzfDB8MHxVU0Q7&js=0&ob=1&ccw=SUFCMjQjMS4w&ci=XmbvfiH6oH&fiu=WG01RHFwcXVhTA&fid=Xm5DqpquaL&sd=captcha.bot&s=https%3A%2F%2Fcaptcha.bot%2F&ts=1700148208613&dvdp=i.w55c.net/dv.jpg&ai=0DkbXg17JP&tpce=&c=US&r=NY&m=501&pc=10013&rnd=2830509275131764&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=WGNv&dm=MU1ocWFxcHZ5RQ&l=fGVufA&ri=2ravM8&alg=TGcwMDA4&v=0&euid=NDNmZGY0OWJkN2I2YzQ3MTA1ODFiNmFkNzBiZjA0OWJiMWVhYWIyZg&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=QW1lcmljYS9OZXdfWW9yaw&sg=ckbgDtUkhQvEnRK0f7Gl9w&buid=Xdb4S64gzq5&bs=XiosL1mBqIPx&dv=MUxWSXJn&az=us-east4-c&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.84.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-84-140.compute-1.amazonaws.com
Software
AdTracking/v2.0.30-795-gb641a57#rel-ec2-master i-08ccf266c0a43c5e8@us-east-1d@dxedge-app-us-east-1-prod-asg /
Resource Hash
e7d966b93453ecd66f4633ebf4cfa77e88a8fd891507ee213a6fa8f836a992e1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://captcha.bot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
880
Content-Type
text/html
Date
Thu, 16 Nov 2023 15:23:29 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Pragma
no-cache
Server
AdTracking/v2.0.30-795-gb641a57#rel-ec2-master i-08ccf266c0a43c5e8@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DBD8
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=na&co=us
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.105.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-105-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://captcha.bot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Nov 2023 15:23:30 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
a.gif
i.w55c.net/ Frame 702E
42 B
576 B
Image
General
Full URL
https://i.w55c.net/a.gif?t=0&rtbhost=conf01-us-east4.rtb.roku.com&rts=1&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&ei=RUBICON&wp_exchange=461C729B55943175&ac=WFNXOXFyT2xxRzpYUzQ1S0VoZjBzfDB8MHxVU0Q7&js=0&ob=1&ccw=SUFCMjQjMS4w&ci=XmbvfiH6oH&fiu=WG01RHFwcXVhTA&fid=Xm5DqpquaL&sd=captcha.bot&s=https%3A%2F%2Fcaptcha.bot%2F&ts=1700148208613&dvdp=i.w55c.net/dv.jpg&ai=0DkbXg17JP&c=US&r=NY&m=501&pc=10013&rnd=2830509275131764&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=WGNv&dm=MU1ocWFxcHZ5RQ&l=fGVufA&ri=2ravM8&alg=TGcwMDA4&v=0&euid=NDNmZGY0OWJkN2I2YzQ3MTA1ODFiNmFkNzBiZjA0OWJiMWVhYWIyZg&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=QW1lcmljYS9OZXdfWW9yaw&sg=ckbgDtUkhQvEnRK0f7Gl9w&buid=Xdb4S64gzq5&bs=XiosL1mBqIPx&dv=MUxWSXJn&az=us-east4-c&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.191.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-191-242.compute-1.amazonaws.com
Software
PixelTracking/v2.0.30-795-gb641a57#rel-ec2-master i-055993d3c4412001c@us-east-1b@dxedge-app-us-east-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 15:23:29 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PixelTracking/v2.0.30-795-gb641a57#rel-ec2-master i-055993d3c4412001c@us-east-1b@dxedge-app-us-east-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
03459223-65cb-436d-a88e-4f9171ceec97
beacon-iad3.rubiconproject.com/beacon/d/ Frame 702E
43 B
227 B
Image
General
Full URL
https://beacon-iad3.rubiconproject.com/beacon/d/03459223-65cb-436d-a88e-4f9171ceec97?oo=0&accountId=20884&siteId=439790&zoneId=2524990&sizeId=55&e=6A1E40E384DA563B79DB8C0973A11FFF69541C6F39E4EC003BB59FE2B4CF98E5F58C123D78C513AF531DF96EB190BC017E9407B9AA8219989470015D0D83109A65D526DDA1F37A0349A4D5289E6FB05D293BC4FB2B9617DC5F8B706BCFC491273A5A217D874F4CE29E21D797FBA67262A487001C20827FDB04303F356A9175FDBC7563EBF67C5EA7882E7E659025382CA574F01A8D37877B5E0F970957AADF808CDE26324DFAF831CA2F7B50A4398B2F76E747A35D71D90DCDA10306204D320B
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::36 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:29 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C496
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
67091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Nov 2024 20:45:18 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C496
24 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a91cc53d98054493697f3fa81e2fbefa695bdd4e122524bf59e57d50719dc42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10246
x-xss-protection
0
server
cafe
etag
12324758957409740054
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C496
195 KB
61 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62828
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:29 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3505
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
67091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Nov 2024 20:45:18 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3505
24 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
915a4f4841a2fc128f33bac8815a6b9e041a16a07e328aa6c22041167cb31987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10241
x-xss-protection
0
server
cafe
etag
5641402966499741169
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3505
195 KB
61 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62828
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:29 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 019D
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
67091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Nov 2024 20:45:18 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 019D
24 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a872bbbb6742e0d8756d7e5c7ad9f117ea78f7985fbbd6861adfced3648fd774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10183
x-xss-protection
0
server
cafe
etag
753930000383727430
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 019D
195 KB
61 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62828
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 702E
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0sJY7zIUuaTfFph8aT17XhtMVqbtUn3AjLRrwnIhrfSqVl7yaU2P3ps-cc0k4c45GiWgIxUGbIb6e-xOvHs8guUWlI78FmGtLqZGLg2W1I1lskWMptMcLNFKn4EJp9JvC9iJMZysitAX_-N3h30M0SxuYEkKr2ffw2CuzZA0rxln73_HyCZIUmvSWiB4fZpa579mozA7cWUQm99C46VxT9I9KJhB8zbSNre8l-EGbhxY-S2h39rDtPJX6x2ObkMlCSKB8ZR8eR-JdAzf0cpesNInVV720HL0rP3tBtBS5Pmc-UtG1CeQzbLGy19_kMdPb1gABdL5v3JCcPi7XBVVQ5enLsqNKEmE5oeCTCMSOVR0m2CbVTgkFz52ydLimw9ZUkfU&sai=AMfl-YQ2GllIgTwrJuW_WKO0N3R7MAjqt7uMt4Xjts7wuhe4JXS0ljoI2E7-Rk1I6Ylyhe5HTWokoIZE1vs2F2XIGHL5APPh--6FEqR6J7RVZSFBGgq2W6U8y2RQbhEHtVcIKs4SeAyS7d8gLPBYtD-NurU&sig=Cg0ArKJSzCdLyrOzIkWzEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Nov 2023 15:23:29 GMT
truncated
/ Frame 702E
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d1ceb94e880da6a9d0d5dbc9bca2163e767f3eb9c4c9a6583a2ce64255a83cd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2E35
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 15:23:30 GMT
expires
Thu, 16 Nov 2023 15:23:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 15:23:30 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F4B6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrqaPp4b1B-oDQfOU9QDQjU0LnID-zoaEoJXpdVsu-nPko8iKfhb2tj1yS74Li1TxJ4DVlPcsJXS-YPb0tMedhZsVMSUV-wiLMelakN770vspgF15YsQSnnH-R94oV3mv2CkkoM7gmfMplyjitazn0_p40_6VrjiSq9fuWgKZVAM7DBWJbAVqjfir2BZHpFvGV7i4ISiAxdEdJVCC8ZNjhl8GQ-vpNx6OdPkrgzTSsAgaX6jR7amj38mbyZDLDH7u8O8HlkLgRaPL88GvS0ZmARgurUrhPpx9Z4VpxY29azxVznDEvEJo5Khb8cK87ITTfQvrSwg64B0kLU-49h4AhId5euQ-MvQ83FYgbgrQ0BkmFYFuCsWB_mzEcfUTx3L5g6q0DWVzXNC9u5w&sai=AMfl-YQ09nw9_7LvBN3lqw1rd33aPpln-xDhlPzyd_N0PV74NcBrVW9nQUT4TR758zEhBLM-5CQiTk8fPAg0RRZOgsIw7KO132HcVE7pcBhjsuXDJFTsAK2oSqhyb7NpIcyfeFKrJX2OnkK_LgPG36uJtdQ&sig=Cg0ArKJSzBkBjbQRH2mzEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Nov 2023 15:23:30 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7F94
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date
Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame DBD8
46 KB
13 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=na&co=us
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.105.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-105-107.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
64f168455859b28f4a27d3f9c07063c7011cb6b4ab0e75dbad02869067884b8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&gdpr=0&geo=na&co=us
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 15:23:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 12:56:22 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77558
Connection
keep-alive
Content-Length
13230
Expires
Fri, 17 Nov 2023 12:56:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3505
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste0j_BYS6lqk_HeoquXl3JwxWoApo11oG8gJFFwqNHCNIfydyUeCmIcMswp629J8tnvlpqfqMqS1yxn7Qj0fl2CcysxVIDSY8ddswkWLnkST-0VZZS0mAnAnKGGWOfI7uw9g3IbkKVrZa7lhV0ofOoQgnJoWSEVpSImakAbgdrWB0mlY1NzgqXZq5aOeJ476GkBKtHW-yIrXfHFkUX29Q53l-OlkI3LP-ZEXzyav8ArrAavA4aGlnMeq-Of8nz0Fa1bJdn3er6_PKIhnTLh04AWzG_ATyTR3clsYkx11DDW4mOrylHv7YCsbjNW6GfN7Rql4qb39trcYwWA4sGPcAl0J-R5hSx8LSjsF-YIGjoVv_XMcu4itPUUE0e3hc&sai=AMfl-YTC9pQS6TR3u3FWQWiQpWWHf9Z2RUtBxLJzeLeECDL7wFWTIHQubOAVVjNJ1UCc_0Ou2g1uskIFqBpwTgQgzqHdwYGvNqn-KsMY2fnvTWrz9CdzOFCY3gRs9Hw7N2N59fBV3FVExChqif5k8K6IOh0&sig=Cg0ArKJSzAz1VwxDBSkbEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3505
150 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
729193687b34515324d1c9020777b3d86b9f42d1fdbcb5998824944c601bcd54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52666
x-xss-protection
0
server
cafe
etag
11796332636468626065
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:30 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 019D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEHMSnxud7nIOiDEcLLxAFPEkm2A5aZ7KTWcz7vka_sFlUGorfugtgIH_P2LklWFOo2zqtdDW9YIeFOxGAF5jmdVRiACloZTye2tBR9kI0v7nUTQKI69MGgIEqICPuZUMFhK98FZqtCgzPEUbBmqzQVX2MqHruBMgXZUnT2SztVB6XH_OAwSkViiBd9zlt9L91rqqGp90rdv07ouDaiOqp7mFcBkbwnBAtx5BmJ_vRYDcGM5shdDNOfd0oPE264aqsd0fdc5-sIZt-vqfIrG90okFmUWKwuXwMqbRiUIxtrOjM68RYm692aPC4GMGGDYKPm_4ytAtEtu5KliXt5E8_RiEHtqI66WqqRdGGFVs_WVP5H2fOsmP9vuaq4ig&sai=AMfl-YQzL4nzDUnhCgKHvnOjIHhdrjYCtnXZHKDV9SVsMJJpSEybeTHIJZuEUnN2Rqtdb65fqBU_PmpSHcU4J-ESf3yJYl-j-7GsXPMI_vyx-WE0DUSokSj492xc_nShONVZHdHCDrPGlcrMOt88mK_ASfs&sig=Cg0ArKJSzFeoPXF4kidpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C496
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGymNdMQCQDf1_6E0JcLkbC3dKHfpVl0HYOQlevCj3i9zLI11hh2jZ4jFgZbTdRc85U8NkLMSBtRlHUeWEow2ki8IqguR5FdjRjhifPF1wD2u5dxmlUfIBOipWV9dsH75VQDUFyUJ5JKmzzsLQ-7ZsFs7UffmCsJxgdmu1-ZgDLdJkaO2_PZXV7mjM94PxaeekgitfIM10BGgac5FRVj6c2OE6O8Qu8jUduMbhY8FLrWgwfyLSD8Q5QjVHoziTKBpoPjlJeDkXJTO0wRdecdw0gTqmUVBoISDJtW6E0fo34sIt0168Ql6ZLGzfBjatSN_TqLJHM6i8G91CAzkk2-ArG0F86UDWyZZIIY2zbOhO0IDNis9BxwIYOgGj7FM&sai=AMfl-YRKIcvPOXQ_Hqrqcbljhq0RhFh_0SADFooq2TrfP2VM7K-pIG9x9lJgPBG8SMTVEBikaS8yiyr_e-nSp8Ze1rKyMw18ZMnMxF_kWn_7WoY5kSgOmWPJ65H3lTYWkCT-SDWqoKjUPQ6uuBK0l9mP400&sig=Cg0ArKJSzKR6k_QsEnXCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C496
150 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5369907163ac4f204bd871d3db2537d401ac4bf2cb034da05bcc0af1271eb5f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52632
x-xss-protection
0
server
cafe
etag
16808164148181876585
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 019D
150 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a13bba05bc65835222eb71040bba525c75e73845a2b3f10b7ccbe7fc35e130ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52667
x-xss-protection
0
server
cafe
etag
16297179189874648165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:30 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame F9FD
18 KB
8 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.w55c.net
URL: https://cdn.w55c.net/i/s_XRf87ByLeD_XctsjabcveBG_1696965932533.html?&rtbhost=conf01-us-east4.rtb.roku.com&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&ei=RUBICON&wp_exchange=NWP&ac=WFNXOXFyT2xxRzpYUzQ1S0VoZjBzfDB8MHxVU0Q7&js=0&ob=1&ccw=SUFCMjQjMS4w&ci=XmbvfiH6oH&fiu=WG01RHFwcXVhTA&fid=Xm5DqpquaL&sd=captcha.bot&s=https%3A%2F%2Fcaptcha.bot%2F&ts=1700148208613&dvdp=i.w55c.net/dv.jpg&ai=0DkbXg17JP&tpce=&c=US&r=NY&m=501&pc=10013&rnd=2830509275131764&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=WGNv&dm=MU1ocWFxcHZ5RQ&l=fGVufA&ri=2ravM8&alg=TGcwMDA4&v=0&euid=NDNmZGY0OWJkN2I2YzQ3MTA1ODFiNmFkNzBiZjA0OWJiMWVhYWIyZg&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=QW1lcmljYS9OZXdfWW9yaw&sg=ckbgDtUkhQvEnRK0f7Gl9w&buid=Xdb4S64gzq5&bs=XiosL1mBqIPx&dv=MUxWSXJn&az=us-east4-c&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:26:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 16 Nov 2023 15:26:50 GMT
creative_add_on.js
cti.w55c.net/ct/ Frame F9FD
5 KB
2 KB
Script
General
Full URL
https://cti.w55c.net/ct/creative_add_on.js?w=970&h=90&pos=&zindex=0&ci=XmbvfiH6oH&ei=RUBICON&ob=1&ai=0DkbXg17JP&dvt=&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&fiu=WG01RHFwcXVhTA&s=https%3A%2F%2Fcaptcha.bot%2F&abn=&ciu=XRf87ByLeD&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&c=US&dl=&dt=2dt0005&ean=&sd=captcha.bot&cip=&pa=&hmt=1&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&eridu=&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&dcn=
Requested by
Host: cdn.w55c.net
URL: https://cdn.w55c.net/i/s_XRf87ByLeD_XctsjabcveBG_1696965932533.html?&rtbhost=conf01-us-east4.rtb.roku.com&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&ei=RUBICON&wp_exchange=NWP&ac=WFNXOXFyT2xxRzpYUzQ1S0VoZjBzfDB8MHxVU0Q7&js=0&ob=1&ccw=SUFCMjQjMS4w&ci=XmbvfiH6oH&fiu=WG01RHFwcXVhTA&fid=Xm5DqpquaL&sd=captcha.bot&s=https%3A%2F%2Fcaptcha.bot%2F&ts=1700148208613&dvdp=i.w55c.net/dv.jpg&ai=0DkbXg17JP&tpce=&c=US&r=NY&m=501&pc=10013&rnd=2830509275131764&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=WGNv&dm=MU1ocWFxcHZ5RQ&l=fGVufA&ri=2ravM8&alg=TGcwMDA4&v=0&euid=NDNmZGY0OWJkN2I2YzQ3MTA1ODFiNmFkNzBiZjA0OWJiMWVhYWIyZg&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=QW1lcmljYS9OZXdfWW9yaw&sg=ckbgDtUkhQvEnRK0f7Gl9w&buid=Xdb4S64gzq5&bs=XiosL1mBqIPx&dv=MUxWSXJn&az=us-east4-c&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b400:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding
br
via
1.1 191d4b07c4ff3e2c7cfeea67e1eb00f0.cloudfront.net (CloudFront)
date
Mon, 13 Nov 2023 23:33:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-amz-cf-pop
PHL50-C1
age
229780
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
etag
W/"a6c8a5bdec77729759b220b95bf503f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate
x-amz-cf-id
rEq_8PH20GjBQVF9mtS9QnI9dImNMrnLbBRwhm-6AkZkIPSTY5jZxg==
activeview
pagead2.googlesyndication.com/pcs/ Frame F4B6
0
0

view
securepubads.g.doubleclick.net/pcs/ Frame 6DAC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoCYccFChhsFs-Z9xJn6CAFwpErgirliVsxIMV0UkiehRynuFPzd2QeM7gdJLQT1eIXdf4rly7mjE0dpdCqyCEFd2VEAjR9On4NNvCtMR_0VecznsXUmf6ggfLd-CewSRoMJ2jkxrePFl2ZLUoGFL9_b9wRVIXyC6zV47wJ4_d1UQKYXsoqEo6uHsTxd_cfS3gwh9Yx2U-wA4hNPMaAcbIFa-KiDsy2ELjA8ROi6ofdR_BbF94r9RnFqi-Au-ilbDS9NXfObPmZXOVDXJUqBhpH4wBWeu5TRb0qtEUQ_kHYdzcXk6Ri08HSbWj7M0XJeI2CGcCL0iiEtkMdnuJHGrSlFLIiojwEKpNtRtXYj3a4MGu4Vaqfo-WPb0M3w8jNP8jVkmmbKe5FSI&sai=AMfl-YShPu0DxRcM4Zrw_MKfGRk7Tto-TGQwEWRwZ0pRNMUuU94_Ogu2jQCoZeeG1s4U2Z9fVkL-18hmw32w58y5wqWi9-3YMn5ai0cRkdFGHzX_kbgJlRyC7AYRyasGMw&sig=Cg0ArKJSzFOxiw4MOZQOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6DAC
195 KB
61 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62828
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:30 GMT
ads
securepubads.g.doubleclick.net/gampad/
157 KB
47 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2972673244638772&correlator=228965415457787&eid=31079659%2C31079670%2C31079657%2C44780988%2C31079525%2C31079575&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Cscrolling_sticky_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=468x60|728x90|970x90|970x250|1200x90&ifi=9&didk=3802411025&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D46bc5e9458bf6f55%3AT%3D1700148208%3ART%3D1700148208%3AS%3DALNI_MbIJYE-JKAAMrCyQrBxKQ-UMyNMDw&gpic=UID%3D00000a0053d5c6ac%3AT%3D1700148208%3ART%3D1700148208%3AS%3DALNI_MZu1Oz511-cDZ4fCVwbtKJ8OrNGog&abxe=1&dt=1700148210346&lmt=1699676384&adxs=800&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x-1&msz=0x-1&fws=516&ohw=1600&psts=AOrYGsmzTUZIvfN6iqrGRNqK91FkNnD6Kewtw11F-75YiYeCO7FICCTEmeISiehFktV1NjvPzTpjR5zNDumPbeAxNnU5-KsC4vIBFTk%2CAOrYGsmdGDm7W07vuVzPP-LSCeRket1sqN8VupqjSCVZJG7UpRxR2bQmLS-bELkyw-EEUEhaENqtGxa9xJlNNr5U1OTM_vawmiQ%2CAOrYGsl28t0dSUBLbM-TuixCRH7gGM57jYM1vW7OAzbXJWCRD50D13X4cohz13fsHrIfdBCslJJPHpa47BI9pOZmE2z-cYpuziM%2CAOrYGslbfMLpMo25aWcI34-6bTPmGlPgJ5Jrjc49AweOCkOgVLyKBNJ9Ake4SV4eam73298L3uirMgN65ozpD8xYuL9ecwk62mk&ga_vid=1030093738.1700148207&ga_sid=1700148208&ga_hid=560816133&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjGx-vFvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj2xevFvTFIAFICCGQ.&dlt=1700148206290&idt=1097&prev_scp=is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26cmp_allow_personal%3Dtrue%26cmp_determined_ms%3D3000-3499%26cmp_gdpr_cached%3Dfalse%26cmp_jurisdiction%3Dnone%26cmp_load_finish_ms%3D3000-3499%26first_zone_ms%3D2500-2999%26fuse_industry%3DIAB9%26fuse_loaded_ms%3D2000-2499%26fuse_path%3D%252F%26fuse_profanity%3Dfalse%26fuse_publication_id%3D5%26fuse_site%3Dcaptcha.bot%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26gpt_auction_start_ms%3D3500-3999%26gpt_ready_ms%3D2000-2499%26hb_auction_start_ms%3D3500-3999%26in2w_key%3D6%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D1%2C1%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx1515%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D1515%26in2w_key8%3D5%2C6%26in2w_key9001%3D2%26in2w_keypm%3Dfuse-slot-22856109504-1%26inskin_yes%3Dtrue%26prebid_ready_ms%3D2000-2499%26testmode%3Dfalse%26uam_ready_ms%3Ddisabled&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D2000-2499%26PREBID_READY_MS%3D2000-2499%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3D3000-3499%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D2000-2499%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D3500-3999%26CMP_LOAD_FINISH_MS%3D3000-3499%26FIRST_ZONE_MS%3D2500-2999%26HB_AUCTION_START_MS%3D3500-3999&adks=3743414737&frm=20
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6707a3c68df726150faa7897909a1052309a6d021c0c699d1261a0a0945f10e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47929
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://captcha.bot
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3505
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48bed48790300a86a8b38be367b9fc7e124007d87d3ae1a1b5f9a05349dcf9a5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 7F94
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDJwy8DNWZdqlNtvSjvQProqp6Ai40Y2edJban9LsEbLnh-mTDhABINPLzjBgycapi8Ck2A-gAf6E1ZApyAEBqQIpN_mFyi-yPuACAKgDAcgDCqoEtwJP0EPifAyHoic_-lGIpyj5E1hPMM_K9D2R9bUG_VHXIVpMRZfWiTXXQJ5uhNrIgYUrpSIgM3S1UY1ihge_U46sldpOHnYubpM1zrj4Fil5u9ffQVEZRPwwVYIVVILK0CJc9RIeWFNG7xCSdNoV9WNleuqm4PlfPkSlLMSbDZnO7ABtkkT1bZkUZzqqEKrFn3e0aXsVMmWPa-loD2bxtiCOlmZNWSAuzhJOErzR5jyr3__sQ2iFRIOjtyRhKH80MpCjWmS55vMO2KtzWzx2KTDiRVWraLfTDZl1ib6g5UP5MYpiIURCtc_U4TxUdI0mIESOQTW4bGWVXtymVTw37Emy8f8A3Rz4AtFV4QkWCXX2E2TyijkjcAKKWXF9PRa50iAIsJQXE5SLtJvMhNHn-mgp9uCndNQt9sAEuNC59dkE4AQBiAWwydaFTZIFBAgEGAGSBQQIBRgEgAf-vKXwA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJTcHtIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkbaHR0cHM6Ly90ZW1wb3NlYXJjaC5jb20vZHNygAoDyAsB2gwRCgsQ8KKG5s3hw6DQARICAQPiDRMIn-i00OnIggMVW6mDCB0uRQqN2BMM0BUBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=as_sgu3_yQQ&uach_m=[]&ase=2&nis=5&cid=CAQSTgDICaaNn_ENZ23K86C78wlLHrtSZt3usUpsCsJKdX_6_Hk8Af0IcimSNJGlrnVKyDOCMG6sLM4P3mxDVxRffTVKp90pUJ65MwwbivS48BgB&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

khaos.json
token.rubiconproject.com/ Frame DBD8
7 B
790 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Expires
0
vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
pagead2.googlesyndication.com/bg/ Frame E98A
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 17:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
80205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14894
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 17:06:45 GMT
truncated
/ Frame 019D
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d26f0552bbcdf57b802dc4fb481f0623f6bad3129c35da64310e5c50ef1d44a9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
impl_v99.js
www.googletagservices.com/dcm/ Frame F9FD
59 KB
23 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:59:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 20:59:46 GMT
truncated
/ Frame C496
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b45b26a597954e058c5af5f2e15ef7e315bd4571dbb86241fe47cd5395744ca

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6DAC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseptWMEdnxNZpWEZVV8MMXl4UNhkpigw_9nnFhv_PvkxbgSNpOFj9W0G5zbXDLotM5nwx3lL8T8C6GVOtFZjca6IR1Vv-ZMvNmRTT14VKxR9OyHarvFu4pfQoT6nZKo2-no3hR0BHTX8UzxbVpW4Qu7roCTuCjUnnj1YOuPSwUv-21KRswtYS80bBT11q522KAVJDHWqykCceYRRj18pJJaTSnSQgPegI2xVtoGV-d5DGaSiMZ3rwLIz2nqmFlC2p_XI3GoalVf27rBnkqAasBmNgcH58aAt_ROmFrzPHCcTVS9SJXj6ae2hGDt9hhnyQfx7MT_j79rhcXrqmMkRHQ5y44VjOoPUPn24Js4RkbsAOjlFFKv_6wci-xA6Y2FtERfMHfUNS5B10bPA&sai=AMfl-YS9z33CsLPq45osMGszW8OE1ikNtUbdwp92pP8fMRlQnyw_4_H93CFhvkO2-5moPimyLAJ5emkhZNazAnBrHFW2ZOUtxa3F6DDeVME1HZA5kSvPcM9AzFlVZgzfag&sig=Cg0ArKJSzBdkrNGEKS5IEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Nov 2023 15:23:30 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame 3505
400 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8f69294cb3228695da3ba9b677db613089da1f680cc7daba635881b6e6554af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138484
x-xss-protection
0
server
cafe
etag
12696593722970998856
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:30 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame A645
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
78821
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 17:29:50 GMT
etag
16674218716276178799
expires
Wed, 29 Nov 2023 17:29:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ Frame C496
396 KB
134 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1206a0fff7f8e27074b00ac3c9abece94df9312c7aba4ad8c8b44666f141c3ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137152
x-xss-protection
0
server
cafe
etag
2671794590518573610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:30 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame 019D
400 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3d1a7e5a7458fab350938e5d27ac4a5715e3c27e00e4d0287e406721cebd8db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138491
x-xss-protection
0
server
cafe
etag
2031640218591517695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7F94
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuc3iOfkQ1Y3SuZj5EReVdUnE_kmfoFEgecPnYDA4DeyMSLBrbY7JRUEetAjIbJ_TIBeLcVKHFMTeWj86bEKgJJartnVncwzNAZAA4OlHMPebYXBbXRPy3s_fEv4xMKrjPxNP5olRWyHw&sai=AMfl-YSMzjh7j7XxrtV5s9cw8WcVCYnZ7yWPfSFtvMqfT7qifw_0u4exkEF9OXM2nXnIEY3TVn6jNZF-yTiTSILTo5dPGHMHAdpcCNnk6pqn6Z4ttz4GFKksamjiK2fNTj-REgbKG1jJ4YTYeD0SECQZ&sig=Cg0ArKJSzI4VIQT1YXw4EAE&cid=CAQSTgDICaaNn_ENZ23K86C78wlLHrtSZt3usUpsCsJKdX_6_Hk8Af0IcimSNJGlrnVKyDOCMG6sLM4P3mxDVxRffTVKp90pUJ65MwwbivS48BgB&id=ampim&o=315,140&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=735&tls=1736&g=100&h=100&tt=1736&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.bot/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6DAC
0
0

container.html
978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D70
6 KB
3 KB
Document
General
Full URL
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://captcha.bot/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 15:23:28 GMT
expires
Fri, 15 Nov 2024 15:23:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
durly.js
c.evidon.com/ Frame F9FD
4 KB
2 KB
Script
General
Full URL
https://c.evidon.com/durly.js?;coid=292;nid=2532;ad_w=970;ad_h=90;ad_z=0
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/creative_add_on.js?w=970&h=90&pos=&zindex=0&ci=XmbvfiH6oH&ei=RUBICON&ob=1&ai=0DkbXg17JP&dvt=&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&fiu=WG01RHFwcXVhTA&s=https%3A%2F%2Fcaptcha.bot%2F&abn=&ciu=XRf87ByLeD&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&c=US&dl=&dt=2dt0005&ean=&sd=captcha.bot&cip=&pa=&hmt=1&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&eridu=&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&dcn=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c54eb47c8ffc83c5ceeff7a5f3bb3544c4eec6c92091f3ee37f36ab36b09fd88

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:00:59 GMT
server
AkamaiNetStorage
etag
"dfc6274d1706a7345478409711bbd93a:1692723659.506965"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
1606
cms-2c.html
cti.w55c.net/ct/ Frame 8967
52 KB
12 KB
Document
General
Full URL
https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/creative_add_on.js?w=970&h=90&pos=&zindex=0&ci=XmbvfiH6oH&ei=RUBICON&ob=1&ai=0DkbXg17JP&dvt=&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&fiu=WG01RHFwcXVhTA&s=https%3A%2F%2Fcaptcha.bot%2F&abn=&ciu=XRf87ByLeD&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&c=US&dl=&dt=2dt0005&ean=&sd=captcha.bot&cip=&pa=&hmt=1&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&eridu=&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&dcn=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b400:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90344adeb8e502c0a5582900ed8480f49e834970830b5f7fccdef17f68cb75fa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://cdn.w55c.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
229847
cache-control
must-revalidate
content-encoding
br
content-type
text/html
date
Mon, 13 Nov 2023 23:32:50 GMT
etag
W/"31617dfb523a79d899463679b126cece"
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 191d4b07c4ff3e2c7cfeea67e1eb00f0.cloudfront.net (CloudFront)
x-amz-cf-id
dsc3hbIRkikmLgwB7VfxwmTn-1tm0QspuDZ48DdHyeqEkKFIOTUrbQ==
x-amz-cf-pop
PHL50-C1
x-amz-replication-status
COMPLETED
x-amz-version-id
A15NsXZXRtcdiNLRKl5wurbKu36icykE
x-cache
Hit from cloudfront
css
fonts.googleapis.com/ Frame 5D70
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Nov 2023 15:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 14:40:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Nov 2023 15:23:31 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5D70
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:55:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
66472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 20:55:39 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5D70
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:45:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
67111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 20:45:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5D70
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:57:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
66332
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 20:57:59 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 44BB
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
34890
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 05:42:01 GMT
etag
48472445140208031
expires
Fri, 17 Nov 2023 05:42:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5D70
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
66960
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 20:47:31 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 5D70
225 B
250 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:45:19 GMT
x-content-type-options
nosniff
server
cafe
age
67092
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Thu, 16 Nov 2023 20:45:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5D70
195 KB
61 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62828
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:31 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 5D70
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 13 Feb 2024 20:55:46 GMT
data=9a9HNZdiJVpu3L7bUN318jvG-VF6AuCJNbHfJe4MN5IRtb5PzEZd7S-cEosq5pl_M0NWbGFVCXQPVDnOvPTosMtNGEkyoAFLUcK3Ks_2fuLJvhLE7O484C1r
mts0.google.com/vt/ Frame 5D70
0
0
Image
General
Full URL
https://mts0.google.com/vt/data=9a9HNZdiJVpu3L7bUN318jvG-VF6AuCJNbHfJe4MN5IRtb5PzEZd7S-cEosq5pl_M0NWbGFVCXQPVDnOvPTosMtNGEkyoAFLUcK3Ks_2fuLJvhLE7O484C1r
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

truncated
/ Frame 5D70
244 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5D70
333 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
view
securepubads.g.doubleclick.net/pcs/ Frame 019D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvD3uKVU-NkOw7EFVyBV1NIK0NzqtEiY32V4HB2vTyP54qdnoo5hxCFEy6LAZRfeLkgo2uTo7YV76i_lA0iGNL3N9ps5z_88slo8TnDKRCfqhn8G5Mpw8yBPpZwrpSPRru9YMS0dfPA55j21KrFdtEncI_8-ZNqGXOjEP9Jp2L3065H-ICmv8f9EJ1WOXrXtNu3SOdEg4OpgfhVjNsIMVkUTojGEmQqaXfSgaj98qHbitzUfhyFlygsNqP4xzEF2vOeKrqg77jtuLAChbqsKRhKqskg4fzfCpdZ4gQziZ9r7FqJXzwk8-q0zpxDBrGtkLlfCb2CeFtATDPb4GTX-HKpmyeU3HQuteB4S_uUMRW59z1mUSM5j4BgZFLtZhTA0A&sai=AMfl-YT184PRVCk1BIX6qlE-3s3-YYocB1srKwfnuW_WWamDZ79WWONtBdBMBS85UOc-OvkjLlL5XZ-0ZdJ5L7GtC4XyoylLccGQq2CeGIwkEK35XBF53oHxCl17QCy7mEiKiIL-DEI-scQU7tt-YxZsF1w&sig=Cg0ArKJSzBaitX1dguEzEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Nov 2023 15:23:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3505
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssv2GFJx1H9YyLXJA4TpFflH31SLidcMYAoJlFPocLkQkITtE8X39iFmJcPslNH0mSX4fN8dzG3Eoy8n6hszGiJ5GgF_2k8YoWG0OwpgMeFdA4DR1iDI0v_GHyQB-tAF2oVQiFcnrZwGpp5DqJltdeyP-MVbFrI5G8MtfitwYOjwHjNgJB24Te1mo2XYuJHvHNdaZP_b5WWep-CC-UY9XFupm2yMoMojxu5Z9ZleS-YdFoN-LyW6CD2NaInNbJInxczsQo-QHPjkBpVxlSZz9WerOjvB4TsyygvEOE3jLn7TrtTxTvWxdsuVQ7lLujyZBdRjTipjrH0uZh-y8aqT2NAE9lnxhUX--_2ddwonrQ_GoAh1hkFbZnLODGUjakNVw&sai=AMfl-YRRGa8xRk6AoVulFq11BjinmeYU_K9ot3rnMufyMBASeaExUanNUoxpQAWo76cqVKSOMUZZ_y5FW0wwEL3eCCcFJ_IOiTQZoZq5Qz7vlc51eD5QBNk3kIKpC6Mf5nBSAoWC-ZVs3zjDwBiEQzKcwJQ&sig=Cg0ArKJSzHqnnkFXXgpjEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Nov 2023 15:23:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C496
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuV3OZAG0bw9ahFX-a89-K0LSfs675pIqTu7LHBmHovACIdcP2cjNUy92g7VFCPvMPS7XtI15ezTrXCpt8Cbd5lD-6cjQ0hGnxHidzXBU9h8tLuqxqJVTvEIjR_zdO79lnxCAvAkhmwK3eupLrjPM1XdN5DRnw3sxz8I63W4lZwEY_ZsPszZFv3mUYXXevO-nzxNRAYNkcdQ3DNvaSpORjZ_F4pj8WS4TQgv-FfkXuv-jZ4Q157MDrWDVmx2WsWXTnLruKJjetPpjUT0_CxxQPxPR9PJFhs7N1MaG9JCPXLd4ZUWNJ2ygJciuDE2cYOsaS_7lUQgZB25tiq5Oc5EL30zW5jil5gsCBpC41ZX7_8nveQ9Gpzdq7eZ7Zck8Ta3Q&sai=AMfl-YTC3dUCZDbXjE7oVq7gQf2IpjvOePmTp7pHtKB08iW-O-Qe3_1nGwUP2nOM_mp6V6WWOcmxhuoU123IgEQmTg1Ua4mthuUuXnHbXY04V2Wr3GxatDpmGH1vmFgA6sElQXycesP--Wmh3lP8tOslZdk&sig=Cg0ArKJSzJe4f9zCD4BcEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Nov 2023 15:23:31 GMT
cms-2.min.js
cti.w55c.net/ct/ Frame 8967
8 KB
3 KB
Script
General
Full URL
https://cti.w55c.net/ct/cms-2.min.js
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:b400:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60dc3bb507df5e166862248771d6a0c2597f7dd318613c7c4478c9faeba80840
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
e7Zq2fuNOK8tsl7ngXs7K19L9fD3QcT1
content-encoding
br
via
1.1 191d4b07c4ff3e2c7cfeea67e1eb00f0.cloudfront.net (CloudFront)
date
Mon, 13 Nov 2023 23:32:50 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-amz-cf-pop
PHL50-C1
age
229848
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
etag
W/"93910b779f850309b648ed6cfd843be6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate
x-amz-cf-id
qhPffecG8_zHOLuYaDthxdWJ9N7EhEW3Sex_VJfAV3e8qAHRwem4jg==
dpixel
cms.quantserve.com/ Frame 44BB
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOyTmlQcYaKjzKGl5e5Dyjs&google_cver=1&google_push=AXcoOmRX164z6-L5FT8D7HQThsWBvJoS0aZqixrS1JDQZBplbt-q7dcsJApFsA_MAYWJ6eEZTQvCoakI9bGDqdHeOEsWseTcdESUDQ
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 44BB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHWGe4BEFuoy6BXFYT1DPHk&google_push=AXcoOmTKAS0v09fLIqm2lR8dy08IKeIqDOT51W6kIWewsc4WnmAVb_BDEP...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHWGe4BEFuoy6BXFYT1DPHk&google_push=AXcoOmTKAS0v09fLIqm2lR8dy08IKeIqDOT51W6kIWewsc4WnmAVb_BDEPZJii8yChSbInxI7Z6aSjYPk9qlItdv0O8cA7utU5FGNQ
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-lga21921-LGA
pragma
no-cache
date
Thu, 16 Nov 2023 15:23:33 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1700148212.719936,VS0,VE1932
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHWGe4BEFuoy6BXFYT1DPHk&google_push=AXcoOmTKAS0v09fLIqm2lR8dy08IKeIqDOT51W6kIWewsc4WnmAVb_BDEPZJii8yChSbInxI7Z6aSjYPk9qlItdv0O8cA7utU5FGNQ
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
asr
aid.send.microad.jp/g/ Frame 44BB
43 B
641 B
Image
General
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEAO6uUapFGSBTBse1S_n_IE&google_cver=1&google_push=AXcoOmSxMFrG6wNC0JGL9xX46qgt4kaWDTfi4G_aIoylPjoCqxTgsxUcxaS0YM8Lb0Jfbe_50ZJGBkJXm-6aITP4VhbHvc3s197VWA
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 15:23:32 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 44BB
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQiFQmvNJ-09NNaQ6TAqF-jCM3-auyAYW8x4uJt2Z_QaYhKryvs3wsYMWrgYqdimajJZSLvi19rjR...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQiFQmvNJ-09NNaQ6TAqF-jCM3-auyAYW8x4uJt2Z_QaYhKryvs3wsYMWrgYqdimajJZSLvi19rjRsQZwavMK_Y01bX6x8&google_hm=5338f273-4bc0-4612-a52...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQiFQmvNJ-09NNaQ6TAqF-jCM3-auyAYW8x4uJt2Z_QaYhKryvs3wsYMWrgYqdimajJZSLvi19rjRsQZwavMK_Y01bX6x8&google_hm=5338f273-4bc0-4612-a525-3b8fad1e3d4e
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-132
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQiFQmvNJ-09NNaQ6TAqF-jCM3-auyAYW8x4uJt2Z_QaYhKryvs3wsYMWrgYqdimajJZSLvi19rjRsQZwavMK_Y01bX6x8&google_hm=5338f273-4bc0-4612-a525-3b8fad1e3d4e
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 44BB
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL_9E0aS4784q8-JnwC7zBY&google_cver=1&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL_9E0aS4784q8-JnwC7zBY&google_cver=1&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5gyY05wkFy7jLA&google_hm=Hqp7iGZHKQ-vjOoIRYWZ...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5gyY05wkFy7jLA&google_hm=Hqp7iGZHKQ-vjOoIRYWZs8mP
Protocol
H2
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 16 Nov 2023 15:23:31 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQiS0vRGEiGGju7fJfrLdiddf1_Mvfrq6OL6QUDhCZehmCjYb2Y-U4wQf1fC8aIPMbny55ORqtHmEkolTYR5gyY05wkFy7jLA&google_hm=Hqp7iGZHKQ-vjOoIRYWZs8mP
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2dca1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 44BB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMGNNs6_kk_Bt6hoQexm2vM&google_cver=1&google_push=AXcoOmQlO0aQQsrV1P_Leh58cnJnTCUsde8sX6iK4RGRZ8BSaHdUO4qtoa3dmX8NpHn0lYYlm_A0QATKgzLeda1o1ny3ygy--B7J
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQzNDEwOTgzOTYwMDQxMTA5NjYyMQ%3D%3D&google_push=AXcoOmQlO0aQQsrV1P_Leh58cnJnTCUsde8sX6iK4RGRZ8BSaHdUO4qt...
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQzNDEwOTgzOTYwMDQxMTA5NjYyMQ%3D%3D&google_push=AXcoOmQlO0aQQsrV1P_Leh58cnJnTCUsde8sX6iK4RGRZ8BSaHdUO4qtoa3dmX8NpHn0lYYlm_A0QATKgzLeda1o1ny3ygy--B7J
Protocol
H2
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTQzNDEwOTgzOTYwMDQxMTA5NjYyMQ%3D%3D&google_push=AXcoOmQlO0aQQsrV1P_Leh58cnJnTCUsde8sX6iK4RGRZ8BSaHdUO4qtoa3dmX8NpHn0lYYlm_A0QATKgzLeda1o1ny3ygy--B7J
date
Thu, 16 Nov 2023 15:23:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 44BB
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELw4bpZz7t5KjIBnm1cfcH4&google_cver=1&google_push=AXcoOmRl2u6dQYqWYu7qXQ7cxfFThF4FBJSHDolXPl2jR-V_JR8KFPEnmPPxtQURgq...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRl2u6dQYqWYu7qXQ7cxfFThF4FBJSHDolXPl2jR-V_JR8KFPEnmPPxtQURgqIoKrt0MLj5GySRF-23tam9mscEie9hMIK_dw&google_hm=e...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRl2u6dQYqWYu7qXQ7cxfFThF4FBJSHDolXPl2jR-V_JR8KFPEnmPPxtQURgqIoKrt0MLj5GySRF-23tam9mscEie9hMIK_dw&google_hm=ePUJvIu4RDih7t-G-ODOVYQ
Protocol
H2
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:30 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRl2u6dQYqWYu7qXQ7cxfFThF4FBJSHDolXPl2jR-V_JR8KFPEnmPPxtQURgqIoKrt0MLj5GySRF-23tam9mscEie9hMIK_dw&google_hm=ePUJvIu4RDih7t-G-ODOVYQ
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 44BB
0
139 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ii8pmneqlmADDYYWxEdsAp9eH6eKP0IqTOnD1FQ5_6SolDFS2QNlzhF3MNXAJGHBiEzqm_LA
Requested by
Host: 978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
URL: https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ba.js
c.evidon.com/geo/ Frame F9FD
41 KB
12 KB
Script
General
Full URL
https://c.evidon.com/geo/ba.js?r230822
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=292;nid=2532;ad_w=970;ad_h=90;ad_z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
51f4dc64108e838c8879494af7e51ff28088766f95b52b7d3444b1f4e0e77d0b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:00:27 GMT
server
AkamaiNetStorage
etag
"8b29a624c1584b2233dc1351c2973536:1692723627.228193"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
12427
4.gif
c.evidon.com/a/ Frame F9FD
43 B
326 B
Image
General
Full URL
https://c.evidon.com/a/4.gif
Requested by
Host: cdn.w55c.net
URL: https://cdn.w55c.net/i/s_XRf87ByLeD_XctsjabcveBG_1696965932533.html?&rtbhost=conf01-us-east4.rtb.roku.com&btid=NTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA&ei=RUBICON&wp_exchange=NWP&ac=WFNXOXFyT2xxRzpYUzQ1S0VoZjBzfDB8MHxVU0Q7&js=0&ob=1&ccw=SUFCMjQjMS4w&ci=XmbvfiH6oH&fiu=WG01RHFwcXVhTA&fid=Xm5DqpquaL&sd=captcha.bot&s=https%3A%2F%2Fcaptcha.bot%2F&ts=1700148208613&dvdp=i.w55c.net/dv.jpg&ai=0DkbXg17JP&tpce=&c=US&r=NY&m=501&pc=10013&rnd=2830509275131764&epid=UkIyMDg4NA&esid=UkI0Mzk3OTA&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=WGNv&dm=MU1ocWFxcHZ5RQ&l=fGVufA&ri=2ravM8&alg=TGcwMDA4&v=0&euid=NDNmZGY0OWJkN2I2YzQ3MTA1ODFiNmFkNzBiZjA0OWJiMWVhYWIyZg&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=QW1lcmljYS9OZXdfWW9yaw&sg=ckbgDtUkhQvEnRK0f7Gl9w&buid=Xdb4S64gzq5&bs=XiosL1mBqIPx&dv=MUxWSXJn&az=us-east4-c&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=43fdf49bd7b6c4710581b6ad70bf049bb1eaab2f&spidu=RUBICON&pidu=20884&hmpvu=e27afdf9-24bd-4b7a-8d4f-d03a81bf0b1a&hmtsu=3&odtu=2&mtfu=1&sidu=439790&crdmu=970x90&cridu=XRf87ByLeD&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2010 17:07:29 GMT
server
AkamaiNetStorage
etag
"65786c291a4603aa5150a1884452838d:1271351254"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/gif
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
53
truncated
/ Frame 5D70
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c79e8606b6cce8b1d3d3fd72e2b4e5ab1a19bdc00501d407cbeb8d40c09d4a9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 5D70
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CdvQ18jNWZZbKGdXFjvQP77GT8AWZmIuHdPnb6ZWDEmQQASDTy84wYMnGqYvApNgPoAGc9uDKA8gBCeACAKgDAcgDywSqBLoCT9D0DaTJy4aFrh-9xGHc-SbRW7nSIngvyfPE-eYJe7DB...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc909f52672c1a4800000000000000000%22,%222%22:%220x5233a0dbd4b9caa20000000000000000%22,%223%22:%220x27e157...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc909f52672c1a4800000000000000000%22,%222%22:%220x5233a0dbd4b9caa20000000000000000%22,%223%22:%220x27e157624c0fdb150000000000000000%22,%224%22:%220xda2ae78fab0a4e670000000000000000%22,%225%22:%220xdd2202203ef37c850000000000000000%22},%22debug_key%22:%222876871645714610428%22,%22debug_reporting%22:true,%22destination%22:%22https://pressed.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22962083612%22],%224%22:[%2211-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215129133991070806385%22}&andc=true
Protocol
H3
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:32 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xc909f52672c1a4800000000000000000","2":"0x5233a0dbd4b9caa20000000000000000","3":"0x27e157624c0fdb150000000000000000","4":"0xda2ae78fab0a4e670000000000000000","5":"0xdd2202203ef37c850000000000000000"},"debug_key":"2876871645714610428","debug_reporting":true,"destination":"https://pressed.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["962083612"],"4":["11-16"],"6":["true"]},"priority":"500","source_event_id":"15129133991070806385"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 16 Nov 2023 15:23:32 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 16 Nov 2023 15:23:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc909f52672c1a4800000000000000000","2":"0x5233a0dbd4b9caa20000000000000000","3":"0x27e157624c0fdb150000000000000000","4":"0xda2ae78fab0a4e670000000000000000","5":"0xdd2202203ef37c850000000000000000"},"debug_key":"2876871645714610428","debug_reporting":true,"destination":"https://pressed.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["962083612"],"4":["11-16"],"6":["true"]},"priority":"500","source_event_id":"15129133991070806385"}&andc=true
access-control-allow-origin
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame
0
0
Preflight
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdvQ18jNWZZbKGdXFjvQP77GT8AWZmIuHdPnb6ZWDEmQQASDTy84wYMnGqYvApNgPoAGc9uDKA8gBCeACAKgDAcgDywSqBLoCT9D0DaTJy4aFrh-9xGHc-SbRW7nSIngvyfPE-eYJe7DBssFUZdq1bkYDzbo9VOG2RC-3KT9y1j34OOJdpuhtqi-JQRnX1Mcu3GN4sIH2hgGo2BKlKv4r8RG7qd4qg2APydOgYqRa-imE1q9Kaa5bjgXu9qU03zyE6gdAQobbCXCDQFGE0UIorHkzLsI3AHjxlJ6H1Q5PjSpcFtyHFJD8HhFjE_ieFZN4Veo5SFKuUVE8RC2O35q90GA7MngDGq7ANxWoDQbRu9hsMcA9-rfG0aV1s8HGq3vEuRraknZr7szTPZ36_-jRk31KNrtLhU4MdPz_Ep_i-LsldwdFFhZ2hR4vMAxEHyhOX02KSQUHbQaSuvCgLEtdGm_voeOEkhLu2OxtJXYDuSkvAi4TFeSICM78sQN31jnn9XzABJGAn4DOBOAEAYgFvpfng02SBQQIBBgBkgUECAUYBKAGLoAHzImfNagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEI7wA9IIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkTaHR0cHM6Ly9wcmVzc2VkLmNvbYAKA8gLAZgM9KnA5cYE2gwQCgoQwNCRl-KrrsgfEgIBA-INEwj_npXR6ciCAxXVooMIHe_YBF64E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=A27w3mE-LRY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNqeMK65r53D-41zrzhfB14uhgprVqfT_Z8vOo6lz6W7cFLzzzMwnDZiOBbsm9TGC_JZ2KxbPvGAE&template_id=515&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 15:23:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
match-result
tags.w55c.net/ Frame 8967
Redirect Chain
  • https://pm.w55c.net/m.gif?rurl=//cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=_wfivefivec64esc_&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cHNMRlN1Z1kxUjNFZGs1&google_cm
  • https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEKLUgMa9XVAbL-k1ONyZ4k0&google_cver=1
42 B
618 B
Image
General
Full URL
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEKLUgMa9XVAbL-k1ONyZ4k0&google_cver=1
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
HTTP/1.1
Server
52.45.78.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-78-169.compute-1.amazonaws.com
Software
Retargeting/v2.0.30-795-gb641a57#rel-ec2-master i-0ba988f9abfc8bce5@us-east-1d@dxedge-app-us-east-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 15:23:31 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/v2.0.30-795-gb641a57#rel-ec2-master i-0ba988f9abfc8bce5@us-east-1d@dxedge-app-us-east-1-prod-asg
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_gid=CAESEKLUgMa9XVAbL-k1ONyZ4k0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
384
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2964
tags.bluekai.com/site/ Frame 8967
62 B
426 B
Image
General
Full URL
https://tags.bluekai.com/site/2964?id=psLFSugY1R3Edk5
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.105.110 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-105-110.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 16 Nov 2023 15:23:31 GMT
content-length
62
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 8967
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=47&external_user_id=psLFSugY1R3Edk5&gdpr=0&gdpr_consent=&expiration=1702740211
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=47&external_user_id=psLFSugY1R3Edk5&gdpr=0&gdpr_consent=&expiration=1702740211&C=1
43 B
339 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=47&external_user_id=psLFSugY1R3Edk5&gdpr=0&gdpr_consent=&expiration=1702740211&C=1
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfV%2Bqb%2Fo56hWA5%2BDvCCmw14UKXnpO5pAI5se2XY2ckTmsFpT4jFxr94d9iZlep80NZ6WA09wJmEZDf6YeVj4ByD%2BeuW87fxqIT9iQD81PjYA%2BmYUbF4b3E4WwauhSUXxQ5YC5AM93s6H9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8270bc53fa2d4391-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmoA10lQX76kPML9b%2F2IENREzud%2BsdlVic%2FgayU70425rWQ7ZalcR1KaMmOVXKRrB5SbmMQnBkUxHU5YIJ7Ub%2BCbJaTnpF9p0UBotIrYrPBjH5OcK298IeOpySAPxe%2Bd6h%2FXRS8DOb97yg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=47&external_user_id=psLFSugY1R3Edk5&gdpr=0&gdpr_consent=&expiration=1702740211&C=1
cache-control
no-cache
cf-ray
8270bc53897c4391-EWR
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
db_sync
px.ads.linkedin.com/ Frame 8967
Redirect Chain
  • https://idsync.rlcdn.com/385636.gif?partner_uid=psLFSugY1R3Edk5
  • https://idsync.rlcdn.com/1000.gif?memo=COTEFxIaChYIARCTEBoPcHNMRlN1Z1kxUjNFZGs1EAAaDQjz59iqBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&rand=02707617
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&rand=02707617&expected_cookie=95a5f5b1-9e1e-49c1-9f32-dfb37c48377d
0
144 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&rand=02707617&expected_cookie=95a5f5b1-9e1e-49c1-9f32-dfb37c48377d
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 5DD2E74AFD0D40F4830283777F3EF64E Ref B: EWR30EDGE0216 Ref C: 2023-11-16T15:23:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKRppAQfkVXGCulHDxxA==

Redirect headers

date
Thu, 16 Nov 2023 15:23:31 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 5504708925AE4E4CA4631C1807A453EC Ref B: EWR30EDGE0216 Ref C: 2023-11-16T15:23:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=10339&puuid=4b35e2b557c6d8f569898523b75a70daeab9b3327291095ca0167285ea9a9efe791426b5417dce21&rand=02707617&expected_cookie=95a5f5b1-9e1e-49c1-9f32-dfb37c48377d
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKRpo/nduGiD5gbdf5mA==
tap.php
pixel.rubiconproject.com/ Frame 8967
42 B
703 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=psLFSugY1R3Edk5&expires=10
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
86c92d2fca135435ceca5cadd19355a6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
1
tapestry.tapad.com/tapestry/ Frame 8967
95 B
532 B
Image
General
Full URL
https://tapestry.tapad.com/tapestry/1?ta_partner_id=1011&ta_partner_did=psLFSugY1R3Edk5&ta_format=png&gdpr=0&gdpr_consent=
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security
max-age=31536000
via
1.1 google
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/56554/ Frame 8967
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/56554/sync?uid=psLFSugY1R3Edk5&_origin=1&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/56554/sync?uid=psLFSugY1R3Edk5&_origin=1&gdpr=0&gdpr_consent=&verify=true
0
121 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/56554/sync?uid=psLFSugY1R3Edk5&_origin=1&gdpr=0&gdpr_consent=&verify=true
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
H2
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/56554/sync?uid=psLFSugY1R3Edk5&_origin=1&gdpr=0&gdpr_consent=&verify=true
date
Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
px.britepool.com/ Frame 8967
0
0

demconf.jpg
dpm.demdex.net/ Frame 8967
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=359&dpuuid=psLFSugY1R3Edk5
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=359&dpuuid=psLFSugY1R3Edk5
42 B
720 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=359&dpuuid=psLFSugY1R3Edk5
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
H2
Server
54.88.23.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-23-27.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcscanary-prod-va6-1-v067-07f4b616a.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
YOqr3LQSQ74=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-2-v053-01d318e41.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
8kvK7rU7Soo=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=359&dpuuid=psLFSugY1R3Edk5
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
setuid
ib.adnxs.com/ Frame 8967
43 B
848 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=17&code=psLFSugY1R3Edk5
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
an-x-request-uuid
ac273279-46ad-424d-880d-b88fe8123022
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.132; 5.181.234.132; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 8967
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=dataxu&uid=psLFSugY1R3Edk5
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.7.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-7-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
beacon-n018-ash-prod.krxd.net
date
Thu, 16 Nov 2023 15:23:31 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1700148211
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
user-registering
ads.stickyadstv.com/ Frame 8967
43 B
636 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=psLFSugY1R3Edk5
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.133 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 15:23:31 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1700148211798080-140
g.pixel
aa.agkn.com/adscores/ Frame 8967
43 B
533 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9232829800&dx=psLFSugY1R3Edk5
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-114.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
via
1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
5V6of2irQ2X8VKOf1RULvEzalfG5rzSoH8gtpHhFY7h1K4V_MMGj8A==
expires
0
sync
partners.tremorhub.com/ Frame 8967
43 B
175 B
Image
General
Full URL
https://partners.tremorhub.com/sync?UIDX=psLFSugY1R3Edk5
Requested by
Host: cti.w55c.net
URL: https://cti.w55c.net/ct/cms-2c.html?ei=RUBICON
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:d296:b4ab:44c7:4070 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cti.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 16 Nov 2023 15:23:31 GMT
server
nginx
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 8967
0
0

4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5D70
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:47:49 GMT
x-content-type-options
nosniff
age
66942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 20:47:49 GMT
2532.js
c.evidon.com/a/n/292/ Frame F9FD
2 KB
1017 B
Script
General
Full URL
https://c.evidon.com/a/n/292/2532.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r230822
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c427820d10fd65f85b3f4165edd9586dedb7050815e868589fa5053427141ad0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
content-encoding
gzip
last-modified
Wed, 29 Apr 2020 21:14:41 GMT
server
AkamaiNetStorage
etag
"c7fc1b40bd9577a21bcb7652721eca53:1588194881.633596"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=600
accept-ranges
bytes
access-control-allow-headers
*
content-length
730
vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
pagead2.googlesyndication.com/bg/ Frame 08B8
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 17:06:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
80206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14894
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Nov 2024 17:06:45 GMT
tap.php
pixel.rubiconproject.com/ Frame DBD8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBSJKKMS9_gU3r86yDwpxo4&google_cver=1
42 B
703 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBSJKKMS9_gU3r86yDwpxo4&google_cver=1
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
86c92d2fca135435ceca5cadd19355a6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBSJKKMS9_gU3r86yDwpxo4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame DBD8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://match.adsrvr.org/track/cmb/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5b2d22ff-3381-4f15-a7fa-f78470f9c0fd&gdpr=0&gdpr_consent=&expires=30
42 B
703 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5b2d22ff-3381-4f15-a7fa-f78470f9c0fd&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5b2d22ff-3381-4f15-a7fa-f78470f9c0fd&gdpr=0&gdpr_consent=&expires=30
date
Thu, 16 Nov 2023 15:23:31 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame DBD8
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dcQGNUMtSh6xuD1ho4zF8w&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dcQGNUMtSh6xuD1ho4zF8w&gdpr=0
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dcQGNUMtSh6xuD1ho4zF8w&gdpr=0
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 15:23:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4N0195XC3AY4M41CYKHK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=dcQGNUMtSh6xuD1ho4zF8w&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame DBD8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=LP1CCHJE-1H-17CQ&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
720 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LP1CCHJE-1H-17CQ&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 15:23:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A0Z9MPSSN2VRFPEY6C8A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LP1CCHJE-1H-17CQ&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
setuid
px.ads.linkedin.com/ Frame DBD8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP1CCHJE-1H-17CQ&gdpr=0
0
253 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP1CCHJE-1H-17CQ&gdpr=0
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: CBB74AFE2E0743969B5C72E427FF994D Ref B: EWR30EDGE0216 Ref C: 2023-11-16T15:23:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKRpo/ilKMCn+EjgMAvA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP1CCHJE-1H-17CQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DBD8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=r_Ka9CfwRJCpT9szpt5R-g&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=r_Ka9CfwRJCpT9szpt5R-g&gdpr=0
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=r_Ka9CfwRJCpT9szpt5R-g&gdpr=0
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
HTTP/1.1
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 15:23:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3R743MJFP16TK9XVZX89
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=r_Ka9CfwRJCpT9szpt5R-g&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame DBD8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM5YWUxMGI4Y2U3ODYwYzgyNzY3YWFhNTg5M2FmMGUyYTBmZjE2ZQ&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM5YWUxMGI4Y2U3ODYwYzgyNzY3YWFhNTg5M2FmMGUyYTBmZjE2ZQ&gdpr=0
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM5YWUxMGI4Y2U3ODYwYzgyNzY3YWFhNTg5M2FmMGUyYTBmZjE2ZQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DBD8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OV06eFtKmJ0WQ6R_Z2hXr8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bgEY1XRE2oLcr4P_Ee48T0wAR7DWHHNQYt7uUA--~A
42 B
703 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bgEY1XRE2oLcr4P_Ee48T0wAR7DWHHNQYt7uUA--~A
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 16 Nov 2023 15:23:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-bgEY1XRE2oLcr4P_Ee48T0wAR7DWHHNQYt7uUA--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame DBD8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAxQ0NISkUtMUgtMTdDUQ==&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEAALe76x01_jyo8flqHpSuA&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxQ0NISkUtMUgtMTdDUQ==&google_push=&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxQ0NISkUtMUgtMTdDUQ==&google_push=&gdpr=0
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxQ0NISkUtMUgtMTdDUQ==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
tap.php
pixel.rubiconproject.com/ Frame DBD8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABja07KrGgAABOLtnH04g&expires=30&gdpr=0
42 B
703 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABja07KrGgAABOLtnH04g&expires=30&gdpr=0
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
03d4828e33e22cf7b4098c5a68746480
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABja07KrGgAABOLtnH04g&expires=30&gdpr=0
Date
Thu, 16 Nov 2023 15:23:31 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/ Frame DBD8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0
  • https://prebid.a-mo.net/setuid/magnite?uid=LP1CCHJE-1H-17CQ&gdpr=0
0
392 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LP1CCHJE-1H-17CQ&gdpr=0
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:31 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LP1CCHJE-1H-17CQ&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
setuid
ib.adnxs.com/prebid/ Frame DBD8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP1CCHJE-1H-17CQ&gdpr=0
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP1CCHJE-1H-17CQ&gdpr=0
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:32 GMT
an-x-request-uuid
43484922-72ad-4571-ba09-3d75b357ae74
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.132; 5.181.234.132; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP1CCHJE-1H-17CQ&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
tap.php
pixel.rubiconproject.com/ Frame DBD8
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=dc5e457b-d108-4ca1-82ba-6772903d3ba7&expires=30&gdpr=0
42 B
703 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=dc5e457b-d108-4ca1-82ba-6772903d3ba7&expires=30&gdpr=0
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
86c92d2fca135435ceca5cadd19355a6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=dc5e457b-d108-4ca1-82ba-6772903d3ba7&expires=30&gdpr=0
Date
Thu, 16 Nov 2023 15:23:32 GMT
Connection
keep-alive
X-CI-RTID
90c2d57f-a56a-4bce-afd9-25265879c847
Content-Length
155
Content-Type
text/html; charset=utf-8
cksync
hb.yahoo.net/ Frame DBD8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP1CCHJE-1H-17CQ&redir=true&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP1CCHJE-1H-17CQ&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wRE9rVUc5RTJ1RXpTbTh5YkpsclFTSmY5SjlFRjFuSX5B&gdpr=0&ovsid=LP1CCHJE-1H-17CQ&dpid=58160
53 B
648 B
Image
General
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wRE9rVUc5RTJ1RXpTbTh5YkpsclFTSmY5SjlFRjFuSX5B&gdpr=0&ovsid=LP1CCHJE-1H-17CQ&dpid=58160
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Server
23.55.235.176 Newark, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-235-176.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 16 Nov 2023 15:23:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Thu, 16 Nov 2023 15:23:33 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1wRE9rVUc5RTJ1RXpTbTh5YkpsclFTSmY5SjlFRjFuSX5B&gdpr=0&ovsid=LP1CCHJE-1H-17CQ&dpid=58160
date
Thu, 16 Nov 2023 15:23:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame DBD8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP1CCHJE-1H-17CQ&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP1CCHJE-1H-17CQ
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP1CCHJE-1H-17CQ&ckls=true&ci=7Ql6xOGvbT&nc=false&trid=599680559
43 B
1 KB
Image
General
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP1CCHJE-1H-17CQ&ckls=true&ci=7Ql6xOGvbT&nc=false&trid=599680559
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Server
13.224.214.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-10.phl50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:33 GMT
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
FVHrrjmh3xVQh7MwlprJl1XA7mtbH-zEWXzWXb0VfvfzGcdebsyBSA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:33 GMT
via
1.1 90ad2a23a8617490c9d13e1f260633f8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LP1CCHJE-1H-17CQ&ckls=true&ci=7Ql6xOGvbT&nc=false&trid=599680559
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
p7ydrzk4N9go8pr8pz9-J3F3l6n2cYVzEeQxfJO9MNixsKWQ3Pcrmg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame DBD8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0
  • https://ce.lijit.com/merge?pid=80&3pid=LP1CCHJE-1H-17CQ&gdpr=0
43 B
664 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LP1CCHJE-1H-17CQ&gdpr=0
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
HTTP/1.1
Server
63.251.86.50 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 15:23:33 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LP1CCHJE-1H-17CQ&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Expires
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc909f52672c1a4800000000000000000%22,%222%22:%220x5233a0dbd4b9caa20000000000000000%22,%223%22:%220x27e157624c0fdb150000000000000000%22,%224%22:%220xda2ae78fab0a4e670000000000000000%22,%225%22:%220xdd2202203ef37c850000000000000000%22},%22debug_key%22:%222876871645714610428%22,%22debug_reporting%22:true,%22destination%22:%22https://pressed.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22962083612%22],%224%22:[%2211-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215129133991070806385%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 15:23:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzY...
ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/ Frame BD44
78 KB
32 KB
Document
General
Full URL
https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f6.1e100.net
Software
cafe /
Resource Hash
6bdd776cb16e22b3dd4e315156ff4c68d66d770079fdcdbeb381021529c9c544
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.w55c.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
32249
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 15:23:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
9442520355539263991
s0.2mdn.net/simgad/ Frame BD44
71 KB
72 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/9442520355539263991
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a06df7b2f04d23d7e156a668eb69b238c68bdaecad0e6d954e58fde3e725b5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:33:13 GMT
x-content-type-options
nosniff
age
64219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72937
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 16:25:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Nov 2024 21:33:13 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/xfa/ Frame BD44
10 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
527718fd2692a8581d7fb4e3d42fed33df4b4dc56632b1cc06344180902e5ef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 04:13:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
40220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4282
x-xss-protection
0
server
cafe
etag
13218323832899434506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 04:13:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame BD44
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 13:22:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
7261
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 13:22:31 GMT
dvbm.js
cdn.doubleverify.com/ Frame BD44
430 KB
102 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbm.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9da Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9924f0aee1ecba1673c4e75a3b78b53dc3e63bc7dceadd5a9ae7ccfb1e2c0e3a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 16 Nov 2023 15:23:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:21:25 GMT
Server
UploadServer
ETag
"84527e9ec03ed8d9f0114db3e7ba8215"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
104112
Expires
Thu, 16 Nov 2023 15:38:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BD44
0
22 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=88&version=r20231109&sample=0.01
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BD44
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Nov 2023 15:23:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BD44
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrdk-q2t7ZOkQBYmDbYq0sQmIjeZP1lwH-fBxUoNKGQodGoRmeKe8Y444FIKr3xGTrXLEJMfgRzWX6fCnYRr9i4x6qsy4vqVpVe-E6-X-7-ioFBMVkETjz63Pv7skxJV42A771lssZMLczyriZN7KYsO2wGLzo9shFykQ6ePWJxWIApdRM5b4LmMF7HQ&sai=AMfl-YQAEkMhEt_jqDfKTx_2QG_snJ3V3chlLZN0D8iZIINKnqWrhE9i5ZVfu6ZzDD2iUAItUPWj0TRMkITrFQxXYfN7Sk_ci_iRNw7FDA&sig=Cg0ArKJSzOCqbNxDH083EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=0&cisv=r20231109.66844&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame BD44
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc6f237c59aa6b0f45874b67ecdafc85249bd1f870a4507afa225f8010141012
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5926
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame BD44
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 20:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
66468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 20:55:44 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BD44
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrdk-q2t7ZOkQBYmDbYq0sQmIjeZP1lwH-fBxUoNKGQodGoRmeKe8Y444FIKr3xGTrXLEJMfgRzWX6fCnYRr9i4x6qsy4vqVpVe-E6-X-7-ioFBMVkETjz63Pv7skxJV42A771lssZMLczyriZN7KYsO2wGLzo9shFykQ6ePWJxWIApdRM5b4LmMF7HQ&sai=AMfl-YQAEkMhEt_jqDfKTx_2QG_snJ3V3chlLZN0D8iZIINKnqWrhE9i5ZVfu6ZzDD2iUAItUPWj0TRMkITrFQxXYfN7Sk_ci_iRNw7FDA&sig=Cg0ArKJSzOCqbNxDH083EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=13&vt=11&dtpt=9&dett=2&cstd=0&cisv=r20231109.66844&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C082
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
66474
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 20:55:39 GMT
expires
Thu, 14 Nov 2024 20:55:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5D70
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcdmSbQ5AO0EnFVxPdUO-1N4-keK_POo3F-hYfZsUd4T0V7iZhEdQ0VV2pg5yJqEY7Xo6AaNUe3_EROvChbp726Jt2Y_u6llaqZpgkzlmjStvOwrfT6osuZsOFBh6hUMyNVhEYW6fNV0qTP_1KcSWGWk9sJDt4ROWYBxtruUyRL29dYx3fQZBHLws7aaGI8QX3QLhCEbFWyaT7ojHzv5trI0346T5xKD70n-twGhw-q6UVNft9F5yQIZyfm4oUKiD-ZH0sZ-aZaa-xUTyQYtWpQs8VykwdvLw8BshfEVuz3vjnjNGroIyqQ4lgCmFhRu_c31sKQDQzIoGXuLL1wLFbBPqMoVztO-BOV_-hYjLkIsm3vqeBxLXXoOE55xxySOKav7b4QLoNJNXsGj6DuEksu0ZT0BDF_uQS2ZRsVfcYHUTrt2ScEBH-kHQTMU892DQm_ei-SrDrcAhywuJMQ5qBcS3jVF2lpC0AROarN2DJ2UFcYvdVj58WjcKBVjnhYXztTtYPsJCepr19QurQZO3-XglyiQ_VP06KUfLmc5JS6-MJrrNL2zosDQ0-qp-eHKF_I1wjGs2A2zhXpt5VBFl14ocJ0I41YzcT5GIO4fAv9p0M0MNVeNl9rqUKsp-bmRlcWFCVRU63ovWFnoRIg2PE0pf8pnZIBQHIvQgNBPjE4gJsdlgGmer4FLCVX-JsL2P8DE_h9ue7xhgGTO7oAEjso6rPt76hUoXDjFCMkXiuR3CySYt7gs-LBzPG8OlYuG8JDUkcdPBrWgypRKvnewwzVMraUpp-nJMF97tZ-tYOXY6djEOx7lmubl6UMOItn24l6MHxOrqZMjX1jWmgxS01zW41kncQ3Yq8ab9RCQ8YYrJQQ3z-LWG8dK1XDYtSxgJxzcy5P_-Kh8T4PDyvbnzh1uRwG1HMYkDJdc8LuuEcQ_zggg1giaJjrrHMeL3DhEOZ24Hu5LNKJS-UhObSjGL90Gu6wpfVvpYl1rSkGU1ao9t3DL6o2wPkJ5Pi7vVQxCX4WvwmoadO6iMRm1tv0E6Zm5YSoLDCdhoSB-gWu-3G7RYKkIPG1-TRi1ziebDogyAuUBgSJ1JUDxfuG63DfrWUjM78F8llWFjoD4K-9UIRXDcQufcxiAHbkABAcqQUMbdKCORIwx0ppIwwNRVvNJrHMm9H6Dvsp-aES7U-87NT1K1PUb5sEgE0sqPRVzY6LFyGFEEK-vCAmVggKqKlt0rhBIB1g-d55hlpFvsbsMoy_tBu_l4zfMC114B0Bg9lBO3ooPFqUcgy_DBIW0bvfSOVIDXwBcr2EbZaONEA0LlxN0hGn8GfN8FqWpbKcW3vLBVywAFutYYNHqFoi1_ZxoM&sai=AMfl-YQDwpYJg8pvpkDEslryxNB-9vHNtt0kTTCDiVhy0jlUDxqnPyQ-cSubJkbgxsdyPQqjaNN_SFK752YJz1RkGJL4mMKqreeTTzdyrpfyTFDIYIEfqHsE8E9fsiES03D4UY9SQVs4xhRi&sig=Cg0ArKJSzN6-gHi49h4rEAE&cid=CAQSOwDICaaNqeMK65r53D-41zrzhfB14uhgprVqfT_Z8vOo6lz6W7cFLzzzMwnDZiOBbsm9TGC_JZ2KxbPvGAE&id=lidar2&mcvt=1000&p=1074,200,1324,1400&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&vu=1&app=0&itpl=22&adk=3743414737&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700148211392&rpt=353&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
verify.js
rtb0.doubleverify.com/ Frame BD44
450 B
580 B
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?ctx=29864238&cmp=30675526&sid=8798372&plc=378029753&crt=202045356&advid=12827303&adsrv=1&mon=1&blk=1&dvp_cawf=crtwrp&cm360cw=1&unit=970x90&adid=&app=&dup=&gmnpo=&isdvvid=&supplySource=&tagtype=&aUrlD=0&brid=3&bridua=3&brver=119.0.6045.159&brh=2&vavbkt=&lvvn=28&fcifrms=14&winh=90&winw=970&chro=1&noc=4&wouh=1200&wouw=1600&htmlmsging=1&refD=3&scah=1200&scaw=1600&jsver=4946&uid=1700148213141483&srcurlD=2&ttfrms=57&num=6&dvp_isOnHead=0&flvr=1&ver=4946&jsCallback=__verify_callback_1700148213141483&jsTagObjCallback=__tagObject_callback_1700148213141483&ssl=1&prndr=1&m1=13&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=12882666.737840181&ee_dp_sukv=12882666.737840181&dvp_tukv=53414301585.05837&ee_dp_tukv=53414301585.05837&ee_dp_dvtpurl=https%3A%2F%2Fcdn.doubleverify.com%2Fdvbm.js&dvp_strhd=1.0999984741210938&dvpx_strhd=1.0999984741210938&eparams=DC4FC%3Dl9EEADTbpTauTau45%3F%5DHdd4%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau42AE492%5D3%40ETar9EEADTbpTauTau42AE492%5D3%40ETar9EEADTbpTauTau45%3F%5DHdd4%5D%3F6ETar9EEADTbpTauTau25%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&referrer=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN6046.3886140ROKUONEVIEW2%2FB30675526.378029753%3Bdc_ver%3D99.292%3Bsz%3D970x90%3Bu_sd%3D1%3Bgdpr_consent%3Dtcunavailable%3Bdc_adk%3D1203382665%3Bord%3Dd3nmfz%3Bclick%3Dhttps%253A%252F%252Fi.w55c.net%252Fcl%253Ft%253D1%2526btid%253DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%2526ei%253DRUBICON%2526tpc%253D%2526rurl%253D%3Buach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%3Bdc_rfl%3D2%2Chttps%253A%252F%252Fcaptcha.bot%242%2Chttps%253A%252F%252Fcaptcha.bot%252F%240%3Bxdt%3D1%3Bcrlt%3DwNB*fvZvF!%3Bcmpl%3D8%3Bgcsr%3Da%3Bstc%3D1%3Bchaa%3D1%3Bsttr%3D1506%3Bprcl%3Ds
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
cf2350a7ba804e2c8e117ac52a185bbc5b4ae59e50b6cebfd5d77fd3eaebd24c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 15:23:33 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
11/15/2023 15:23:33
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame C082
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 13:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
7872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 13:12:21 GMT
visit.js
tps.doubleverify.com/ Frame BD44
694 B
730 B
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=1&ttmms=25&ttfrms=57&brid=3&brver=119.0.6045.159&bridua=3&bds=1&tstype=128&prndr=1&eparams=DC4FC%3Dl9EEADTbpTauTau45%3F%5DHdd4%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau42AE492%5D3%40ETar9EEADTbpTauTau42AE492%5D3%40ETar9EEADTbpTauTau45%3F%5DHdd4%5D%3F6ETar9EEADTbpTauTau25%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=2&aUrlD=0&ssl=https:&dfs=243&ddur=861&uid=1700148213141483&jsCallback=dvCallback_1700148213141971&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4946&tgjsver=4946&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN6046.3886140ROKUONEVIEW2%2FB30675526.378029753%3Bdc_ver%3D99.292%3Bsz%3D970x90%3Bu_sd%3D1%3Bgdpr_consent%3Dtcunavailable%3Bdc_adk%3D1203382665%3Bord%3Dd3nmfz%3Bclick%3Dhttps%253A%252F%252Fi.w55c.net%252Fcl%253Ft%253D1%2526btid%253DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%2526ei%253DRUBICON%2526tpc%253D%2526rurl%253D%3Buach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%3Bdc_rfl%3D2%2Chttps%253A%252F%252Fcaptcha.bot%242%2Chttps%253A%252F%252Fcaptcha.bot%252F%240%3Bxdt%3D1%3Bcrlt%3DwNB*fvZvF!%3Bcmpl%3D8%3Bgcsr%3Da%3Bstc%3D1%3Bchaa%3D1%3Bsttr%3D1506%3Bprcl%3Ds&fcifrms=14&brh=2&dvp_epl=211&noc=4&nav_pltfrm=Win32&ctx=29864238&cmp=30675526&sid=8798372&plc=378029753&crt=202045356&adsrv=1&advid=12827303&unit=970x90&bsimpid=f6acc465f72a426d8fedd70f759fa35e&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&mon=1&blk=1&dvp_cawf=crtwrp&cm360cw=1&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=12882666.737840181&ee_dp_sukv=12882666.737840181&dvp_tukv=53414301585.05837&ee_dp_tukv=53414301585.05837&ee_dp_dvtpurl=https%3A%2F%2Fcdn.doubleverify.com%2Fdvbm.js&dvp_strhd=1.0999984741210938&dvpx_strhd=1.0999984741210938&dvp_tuid=73318042799&jurtd=2790745991
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
3430da2fac67c2a866dc7463500c2637eacdb6c3abeab65347f02317adbc2b3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Nov 2023 15:23:34 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
11/15/2023 15:23:34
gen_204
pagead2.googlesyndication.com/pagead/ Frame C082
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B4rsv9DNWZYaOB76ioPMPit6-uAMAAAAAOAHgBAI&bg=!SEulSwTNAAZxrfrxUa07ADQBe5WfONXr-CrRTVJwJvQh4JFMdKfR1rDBuaj3TEFPP8bfj-JXgU3cuJ9rx7QlWnpXAtWJAgAAAFlSAAAAB2gBB5kDAGZH4iEQtSnBCflsqHYMfDo-jvZviQZDuO52QHZgyZH6z4hUnwm0Jf2FFcI7CLsEQzhhGyM3HX05xBXwd8TziQjrNAa0ZiFhXzZTwjqk2tfatobhGDTfurZUdRI-HmP2v4rIVM4oydZot6IhxD6nrTXil4ivKoYXPk1Q3hLecbxmXvvAlvyrmt2OhaWyqgnzgq0PeMH1OkQq48Gt10CtpHf_1uZ-0y0cCDvewN8uIETbMTPy591NWlMmkOGr-fD8CURrp94L9jtu3NXoj_41lUFiso9HVulSFKDA5sAr2QdAzVjzp0LaU07Q00UvKXDfP2AF3zgMJufzPNtarHKEOZif2li6NH2tKaVIm7oTO1eQT3-coFZzM_5_epGO0PW-v8X2LOv3-dsxe9L7G2ANxxvbGew54z3zre0ZZlcARF5eC72X6fX7wNrPigUEBMc8I4SHzoSUJWeIA8y9eltIPSHm83rJcFlRMLBvPwQy3MnqD6qTrtfaDdKfHsMPon5h6KGHf6sKLJqJ58s9h4_GqpxX5RyI6QHFfjtGfB9d04DXFRJhS5QtTUiDKiKIqHaB8uzViWC_jky8lp8XfcWbyqTOlh24ZQHOSlQFZaFDthqSSKQWxzVlUxzbQVd1mJPkWYhN9GvhHk097M3LyvUUfkVpW3KuqUSdh2vefhF-kQVw8ILGX1usBRoozNwZRemGj4pOSIpvsVqoJguo5wtXuYhz5imhY6ipAUFy7bOPuCELo9SsSuXogj3SQHuPXsI3So3AiAwnhoPIgjhkcEYpVv80O6c9G8UAM9VptHlj9B3EdnqtlYBQ1wJyvpTiDb51UdtbFZQW6AQpPDNnki2wEnao5kWoJuYHwASOledakc0bKNF7uIaSSTSDbDbGGrQvv69bun2j6oXoTu1HM1GxGDsxUK2gATV55hNBsHjFOxiJkp2k8ciN0NRpxqb0TYzWuvC1mNBEb6ShA4PkbeDjtPjQ67YLp1V7nBeNEuR3JpjXf_bpA25r7BheMaRkHfgifg
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N6046.3886140ROKUONEVIEW2/B30675526.378029753;dc_ver=99.292;sz=970x90;u_sd=1;gdpr_consent=tcunavailable;dc_adk=1203382665;ord=d3nmfz;click=https%3A%2F%2Fi.w55c.net%2Fcl%3Ft%3D1%26btid%3DNTI3Zjk2NWYyNmI3MzBlYmUzNDgxNWU3NDQzYzU2OWZkNzRmNjczMV81NXxSRmlrRWhiUkRWfDE3MDAxNDgyMDg2MTB8MXxYbTVEcXBxdWFMfFhSZjg3QnlMZUR8MTEyNTg2Mzg3MV9FWHwyMzkwODB8fHx8LjBQfFVTRA%26ei%3DRUBICON%26tpc%3D%26rurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fcaptcha.bot$2,https%3A%2F%2Fcaptcha.bot%2F$0;xdt=1;crlt=wNB*fvZvF!;cmpl=8;gcsr=a;stc=1;chaa=1;sttr=1506;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Nov 2023 15:23:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BD44
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/xfa/sodar_loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Nov 2023 15:23:34 GMT
COMMON.css
c.evidon.com/a/ Frame F9FD
2 KB
976 B
Stylesheet
General
Full URL
https://c.evidon.com/a/COMMON.css?r=0.22135588724318
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r230822
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:34 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2017 16:26:10 GMT
server
AkamaiNetStorage
etag
"c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
text/css
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
715
6.css
c.evidon.com/a/ Frame F9FD
898 B
649 B
Stylesheet
General
Full URL
https://c.evidon.com/a/6.css?r=0.09560524937246706
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r230822
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4be3ac72f80e7f9de3f25f566fe693f2ff4ca40467d0ebb0f2ace003f2eed98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:34 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2016 22:23:43 GMT
server
AkamaiNetStorage
etag
"0201e098f4bf4dfb5200e1da0993359c:1461104623"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
text/css
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
388
box_19_top-right.png
c.evidon.com/icon/ Frame F9FD
109 B
392 B
Image
General
Full URL
https://c.evidon.com/icon/box_19_top-right.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:34 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:18 GMT
server
AkamaiNetStorage
etag
"8c7c476ac28727b21040351fa3006c59:1360189518"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
118
ci.png
c.evidon.com/icon/ Frame F9FD
581 B
880 B
Image
General
Full URL
https://c.evidon.com/icon/ci.png
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.54 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-54.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:34 GMT
content-encoding
gzip
last-modified
Wed, 06 Feb 2013 22:25:44 GMT
server
AkamaiNetStorage
etag
"2697f4b848d2400cd051312585a6bf42:1360189544"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
image/png
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
cache-control
max-age=432000
accept-ranges
bytes
access-control-allow-headers
*
content-length
604
pixel.gif
l.betrad.com/ct/0_0_0_2532/us/0/1/0/0/0/0/970/90/242/292/0/ Frame F9FD
0
122 B
Image
General
Full URL
https://l.betrad.com/ct/0_0_0_2532/us/0/1/0/0/0/0/970/90/242/292/0/pixel.gif?v=2_1&ttid=2&d=cdn.w55c.net&r=0.8335512508124496
Requested by
Host: captcha.bot
URL: https://captcha.bot/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.177.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-177-112.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.w55c.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:23:34 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary
Accept-Encoding
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame BF9E
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 13:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
7873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 13:12:21 GMT
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame BD44
0
299 B
Ping
General
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?impid=f6acc465f72a426d8fedd70f759fa35e&flavor=1&gdpr=&gdpr_consent=&tgdur=861&vfdur=119&vfsz=568&tuveims=59&tuveems=179&eoid=1&ttfurm=3155
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://ad.doubleclick.net
Pragma
no-cache
Date
Thu, 16 Nov 2023 15:23:36 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-11-15T15:23:36

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdQuhHqh7TuJaLKoLMyJL2ujjuoIsxhQn_XDVYD2d1ERaseDeWPkmTW9qntFu8IG0HY81A3X05T8DfBCE8xF4_3iMzxxuAYz6R7YT7wXxch8cCTX0n0J4Fid_uKUjZ7Y5z48iBte8SpQ&sig=Cg0ArKJSzNdZRgArVekBEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231115&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3743414737&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700148209608&rpt=392&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1nrv9_9pBcLBzMoTvkm0Ll85jw1yZPK8MkoTL5T4kF_HEIbEsvRgn8DttsSTFRBTPT5dUB0P27jr2hAFuO8PBsvOb5oFRG87qHmqd8mtyA5bNT3X0pqmA2n_37DBB19fVRKicf_-kkw&sig=Cg0ArKJSzL1CiiI3JiHmEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231115&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3743414737&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700148210320&rpt=160&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
px.britepool.com
URL
https://px.britepool.com/sync?partner_id=dx&ppid=psLFSugY1R3Edk5
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=6465&uid=psLFSugY1R3Edk5&img=1

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| documentPictureInPicture object| cbJsonP object| __core-js_shared__ function| cb_window_logger object| __SENTRY__ function| Chargebee object| turnstile object| webpackChunkvue_frontend object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__ object| dataLayer function| gtag object| __cfBeacon object| fusetag object| google_tag_manager object| google_tag_data object| gaGlobal boolean| cb-cb-master-frame-loaded object| fusePbjs function| __tcfapi object| googletag object| ggeac object| google_js_reporting_queue object| fusePbjsChunk object| _pbjsGlobals object| pbjs undefined| google_measure_js_timing object| google_reactive_ads_global_state object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am boolean| __bt_already_invoked object| regeneratorRuntime function| __tcfapiui function| __uspapi number| google_unique_id object| Criteo function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| GoogleGcLKhOms object| criteo_pubtag object| criteo_identitytag_144 object| Criteo_identitytag_144 object| criteo_syncframe_state object| google_image_requests function| __iwgtk__ function| __iwct__ object| __rfc__ object| __rfs__ function| __old__refresh function| __ori__refresh function| __rfsfn__ object| __i2w__ number| __iwuri__ object| __iwur__ object| __iwasc__ object| __iwrso__ object| __iwst__ function| __iwurff__ function| __iwurf__ number| __sti__ undefined| __st__ object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

96 Cookies

Domain/Path Name / Value
cdn.fuseplatform.net/ Name: akacd_captchabot
Value: 1702740206~rv=16~id=ed2d57698377f4b714907230bf38f457
.captcha.bot/ Name: _ga_VT1JT14S09
Value: GS1.1.1700148207.1.0.1700148207.60.0.0
.captcha.bot/ Name: _ga
Value: GA1.1.1030093738.1700148207
.captcha.bot/ Name: cf_clearance
Value: D43YXCZIfgmPazZuIOQvzfRLZBwxh0uNIo.xmM1BU8U-1700148207-0-1-1217726.c9026b81.e835628b-0.2.1700148207
.adnxs.com/ Name: icu
Value: ChkInNGFARAKGAEgASgBMPDn2KoGOAFAAUgBEPDn2KoGGAA.
.adnxs.com/ Name: uuid2
Value: 3127847580981328433
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: b249f4b46c177426835555d67a740b4a
.3lift.com/ Name: tluid
Value: 1434109839600411096621
.captcha.bot/ Name: _cc_id
Value: b249f4b46c177426835555d67a740b4a
.captcha.bot/ Name: panoramaId_expiry
Value: 1700234608548
.criteo.com/ Name: uid
Value: ba331bcf-9eaa-4513-8211-3ae5f43eb307
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 536838=5719163
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D152_0_0t%3B%24dma%3D501
.smartadserver.com/ Name: pid
Value: 2831371484337470390
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D152_0_0t%3B%24dma%3D501&c=1&l=908530559&lo=-1530083348&lt=638357450085973333&o=1
.rubiconproject.com/ Name: khaos
Value: LP1CCHJE-1H-17CQ
.captcha.bot/ Name: cto_bundle
Value: tnh24V9ieTJncDhZSW92eiUyQk5uVVc0S0tZZFYzMGJFbkV3ZlIlMkIyQkg4ZDF2WmU2RCUyRlNhYUkxTDBHRXVQOHJJUmJvVzdnYkxhN2s0OTdaYU8zZWxWT0Ftc2dSdVhnMXdXUXJ0M25ZcXozJTJCUlhxSDMzSmdTcjB6MDlqdHhWRmdsQUMzUHluSkQwT2EzQ0ZRS212JTJGZGdaTjhvN2h3JTNEJTNE
.captcha.bot/ Name: __gads
Value: ID=46bc5e9458bf6f55:T=1700148208:RT=1700148208:S=ALNI_MbIJYE-JKAAMrCyQrBxKQ-UMyNMDw
.captcha.bot/ Name: __gpi
Value: UID=00000a0053d5c6ac:T=1700148208:RT=1700148208:S=ALNI_MZu1Oz511-cDZ4fCVwbtKJ8OrNGog
.doubleclick.net/ Name: IDE
Value: AHWqTUmUI85Sja4AunJ2lQbhdoYlepMKvwqBjBXIfHqEet1nhZtYsn2a1O-yBRCsCUA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.w55c.net/ Name: wfivefivec
Value: psLFSugY1R3Edk5
.go.sonobi.com/ Name: __uis
Value: 5338f273-4bc0-4612-a525-3b8fad1e3d4e
.go.sonobi.com/ Name: HAPLB8G
Value: s86132|ZVYz9
.quantserve.com/ Name: d
Value: EAoBCQG4KoEA
.quantserve.com/ Name: mc
Value: 655633f3-b0614-23ca4-e5d0e
.w55c.net/ Name: matchbp
Value: 1
.ctnsnet.com/ Name: cid_78f509bc8bb84438a1eedf86f8e0ce55
Value: 1
.ctnsnet.com/ Name: gid_CAESELw4bpZz7t5KjIBnm1cfcH4
Value: 1
.lijit.com/ Name: ljt_reader
Value: Hqp7iGZHKQ-vjOoIRYWZs8mP
.casalemedia.com/ Name: CMID
Value: ZVYz8zi7JB4riHXINOFDBgAA
.casalemedia.com/ Name: CMPS
Value: 1439
.casalemedia.com/ Name: CMPRO
Value: 1439
.yahoo.com/ Name: A3
Value: d=AQABBPMzVmUCEO9edmkiNIeXltrmkY68jqMFEgEBAQGFV2VgZdwt0iMA_eMAAA&S=AQAAAtHg5K8-5KQyZj3OxOZpxzc
.tapad.com/ Name: TapAd_TS
Value: 1700148211803
.tapad.com/ Name: TapAd_DID
Value: f6062374-b0c5-427e-a433-ca5fb6862304
.rlcdn.com/ Name: rlas3
Value: Eq85tDMd39yNS626wa7DP1qd4avl3EjtubguncfBGnk=
.krxd.net/ Name: _kuid_
Value: P62Yi6h5
.demdex.net/ Name: demdex
Value: 72486236448098387573537290136385370032
.ads.stickyadstv.com/ Name: UID
Value: 95326b9dc2c2b1aa54674d76a26377
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: psLFSugY1R3Edk5
.w55c.net/ Name: matchan
Value: 1
.w55c.net/ Name: matchtapad
Value: 1
.w55c.net/ Name: matchkrux
Value: 1
.w55c.net/ Name: matchfreewheel
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 72486236448098387573537290136385370032
.w55c.net/ Name: matchdemdex
Value: 1
.w55c.net/ Name: matchcasale
Value: 1
.w55c.net/ Name: matchspotx
Value: 1
.rlcdn.com/ Name: pxrc
Value: CPPn2KoGEgUI6AcQABIFCOhHEAA=
.w55c.net/ Name: matchtargus
Value: 1
.adsrvr.org/ Name: TDID
Value: 5b2d22ff-3381-4f15-a7fa-f78470f9c0fd
.bluekai.com/ Name: bku
Value: k9L99w1pPZDw+qWQ
.bluekai.com/ Name: bkpa
Value: KJy9cxeid02pSUHknp/8BMxdSVx2zcB1HkBNjNAhDMBajsLN9yYJ7QAr
.w55c.net/ Name: matchbluekai
Value: 1
.w55c.net/ Name: matchtremor
Value: 1
.w55c.net/ Name: matchgoogle
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCJqv7eXAsLM8EAUYBSABKAIyCwi-t9eS17CzPBAFOAE.
.pippio.com/ Name: did
Value: zV9nNhbwhHDdzLfk
.pippio.com/ Name: didts
Value: 1700148211
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CPPn2KoGEgYIgr0rEAA=
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bidr.io/ Name: bito
Value: AABja07KrGgAABOLtnH04g
.bidr.io/ Name: bitoIsSecure
Value: ok
.linkedin.com/ Name: li_sugr
Value: 95a5f5b1-9e1e-49c1-9f32-dfb37c48377d
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3148:u=1:x=1:i=1700148212:t=1700234612:v=2:sig=AQHMTWoEpMox0EubQzSBb0HXxO3j0I1e"
.linkedin.com/ Name: bcookie
Value: "v=2&10b26e06-221d-44f5-82c4-99f7c9b6e5d5"
.doubleclick.net/ Name: APC
Value: AfxxVi74QVVa4EHgHIATr_P_w0pcQ5Nx6hQje93TLdIobMok5AA8_A
.googleadservices.com/ Name: ar_debug
Value: 1
.ipredictive.com/ Name: cu
Value: dc5e457b-d108-4ca1-82ba-6772903d3ba7|1700148212208
.w55c.net/ Name: matchrubicon
Value: 1
.send.microad.jp/ Name: TR
Value: 5ebc02e709635e50542f41234eed63b6950188531ab43966
.amazon-adsystem.com/ Name: ad-id
Value: A6e_BGZkw0IckusPtBZcoYk
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 23825073-3152-471b-be18-7320ab037821
.prebid.a-mo.net/ Name: sd_amuid2
Value: 23825073-3152-471b-be18-7320ab037821
.adnxs.com/ Name: anj
Value: dTM7k!M4/rF7/.XF']wIg2In>w8Ti#!]tau8i_j0PU`qM*SseYS)CV?LHJz5_#qyC[TMb`5hi4X3If)y3M7g`[!h4>%5A[C6bma8aey+_pWkrS$:Bo3[%z5WCnY3O=L0Z+
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQMUNDSEpFLTFILTE3Q1EiLCJleHBpcmVzIjoiMjAyNC0wMi0xNFQxNToyMzozMloifX0sImJpcnRoZGF5IjoiMjAyMy0xMS0xNlQxNToyMzozMloifQ==
.analytics.yahoo.com/ Name: IDSYNC
Value: "17my~2f33:18vk~2f33:19e0~2f33"
.lijit.com/ Name: _ljtrtb_80
Value: LP1CCHJE-1H-17CQ
.primis.tech/ Name: csuuid
Value: 655633f50b965
.hb.yahoo.net/ Name: visitor-id
Value: 3431498130813273000V10
.hb.yahoo.net/ Name: data-mag
Value: LP1CCHJE-1H-17CQ~~63
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: 7Ql6xOGvbT
.rubiconproject.com/ Name: audit
Value: 1|i7WLabMcVxII7Kwqh1ucpFMG4C6D/t+3x5H4/Al95QUGfQznKejYyDTJ8/763XY+Goppw8J0UWflrv5VkzQulZzU4JWreVW/X/BqjHngba2ma+WVcS1g3g==
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUdm1xZGlk
.intentiq.com/ Name: intentIQCDate
Value: 1700148213226
.intentiq.com/ Name: IQPData
Value: 95808132#1700148213218#0#1700148213218
.intentiq.com/ Name: ASDT
Value: 0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVYz9QAAGnj0cAAM

5 Console Messages

Source Level URL
Text
network error URL: https://mts0.google.com/vt/data=9a9HNZdiJVpu3L7bUN318jvG-VF6AuCJNbHfJe4MN5IRtb5PzEZd7S-cEosq5pl_M0NWbGFVCXQPVDnOvPTosMtNGEkyoAFLUcK3Ks_2fuLJvhLE7O484C1r
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://px.britepool.com/sync?partner_id=dx&ppid=psLFSugY1R3Edk5
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=6465&uid=psLFSugY1R3Edk5&img=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 104)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

978209568a1221baa5dd36d0c168cc04.safeframe.googlesyndication.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.stickyadstv.com
aid.send.microad.jp
analytics.google.com
ap.lijit.com
api.btloader.com
api.hcaptcha.com
bcp.crwdcntrl.net
beacon-iad3.rubiconproject.com
beacon.krxd.net
bidder.criteo.com
btloader.com
c.evidon.com
captcha.bot
cdn.ampproject.org
cdn.doubleverify.com
cdn.fuseplatform.net
cdn.jsdelivr.net
cdn.w55c.net
ce.lijit.com
challenges.cloudflare.com
cm.g.doubleclick.net
cmp.inmobi.com
cmp.quantcast.com
cms.quantserve.com
cti.w55c.net
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
i.w55c.net
ib.adnxs.com
idsync.rlcdn.com
ius.ctnsnet.com
js.chargebee.com
js.hcaptcha.com
l.betrad.com
live.primis.tech
login3.bot-captcha-verify.online
match.adsrvr.org
match.prod.bidr.io
mts0.google.com
mug.criteo.com
newassets.hcaptcha.com
pagead2.googlesyndication.com
partners.tremorhub.com
pippio.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg8.smartadserver.com
privygg.chargebeestaticv2.com
px.ads.linkedin.com
px.britepool.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssc.33across.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.search.spotxchange.com
sync1.intentiq.com
tags.bluekai.com
tags.crwdcntrl.net
tags.w55c.net
tapestry.tapad.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
ups.analytics.yahoo.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
px.britepool.com
sync.search.spotxchange.com
104.19.218.90
104.36.115.111
107.178.254.65
107.20.214.81
107.22.177.112
107.23.92.235
108.139.29.114
13.224.214.10
13.224.214.86
130.211.23.194
142.250.80.102
142.251.40.226
147.135.94.209
147.28.129.37
151.101.2.49
172.217.13.194
172.64.151.101
18.238.4.47
202.233.84.1
23.203.105.107
23.44.111.54
23.55.235.176
23.62.105.110
2600:141b:1c00:7::1728:b3ba
2600:141b:1c00:f::172c:c9da
2600:1f18:4e9:5a02:520a:c711:865a:bf81
2600:1f18:612b:4216:d296:b4ab:44c7:4070
2600:9000:2073:9000:1b:6b7d:2300:93a1
2600:9000:20ed:b400:3:4706:a6c0:93a1
2600:9000:2209:a800:9:46dc:4700:93a1
2600:9000:2512:5200:1a:5235:f980:93a1
2600:9000:25c8:4800:1b:cadc:ef40:93a1
2602:803:c002:300::36
2602:803:c002:300::98
2606:4700:10::ac43:293c
2606:4700:20::681a:246
2606:4700:20::681a:66e
2606:4700:3037::6815:41a
2606:4700::6810:3965
2606:4700::6811:2b8
2607:f8b0:4004:c0b::9a
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::200e
2607:f8b0:4006:816::2006
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2004
2607:f8b0:4006:81c::2001
2607:f8b0:4020:804::2001
2607:f8b0:4020:804::2003
2607:f8b0:4020:804::2008
2607:f8b0:4020:805::2001
2607:f8b0:4020:805::2003
2607:f8b0:4020:806::2002
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::200a
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2a04:4e42:600::485
3.225.218.10
34.111.113.62
34.117.228.201
34.149.20.76
35.186.193.173
35.190.60.146
35.71.131.137
35.71.139.29
52.205.7.147
52.23.71.199
52.3.191.242
52.45.78.169
52.46.155.104
52.70.105.17
54.146.35.112
54.172.84.140
54.230.163.124
54.88.23.27
63.251.28.133
63.251.86.50
67.220.228.202
68.67.181.211
69.166.1.35
74.119.119.139
8.43.72.97
8.43.72.98
017e92684f9301c6edc3504af22d04183982c21b1b3ae04221140b6746baaba8
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06483d1af09fe201d80ff4fc8f93895e3898b5b3e2629af9bc9d85fcd30f57a4
064a3112be6d2f55331306cf2edd1ccc2a63cb9e3453a735861daba634d75188
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08a184bb8e17a3028350b402628040f572e5e6b2a57a5959c5acd78bfb1f5f9a
0a06df7b2f04d23d7e156a668eb69b238c68bdaecad0e6d954e58fde3e725b5e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c79e8606b6cce8b1d3d3fd72e2b4e5ab1a19bdc00501d407cbeb8d40c09d4a9
1162f1c47f371d5ca4192e405bb3059b3d582df339ce66b15ed7da465367dc80
1206a0fff7f8e27074b00ac3c9abece94df9312c7aba4ad8c8b44666f141c3ff
12ac786dd7d2df1c24377488b0cd75aa969d139420d5ac295be1e93f8fde493c
16584d00bde34db36e3c3fd2d68804f1a05ef12abe8570531e561134e1fec73d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1a87310dacb8e83018f2cbb037552a79868dafb9214613d442581b3f3eeea914
1a91cc53d98054493697f3fa81e2fbefa695bdd4e122524bf59e57d50719dc42
1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a
22caa2f838449dff34cf4b2e3d693ea3605903c403032431d294eef8d894da0e
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32b756bfa32d3c2a0a584ebaa8d5050f9db464fe5a7c7ca25bd54ebfea5b15fd
3430da2fac67c2a866dc7463500c2637eacdb6c3abeab65347f02317adbc2b3e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3677a201ab63c88c0d56d83e946665e5fb5d93bca0d4b7a7ff0588b7e0107f85
36a33ebf73afc5f7a6cdee51f0d2f70c15a844e424a74c5fcc25e425bd9a4dc8
36eb960a0f696bcea2ff0f7e1c190497b0434dc69b5f08e5ef966bf8a5fdb62e
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
398aaea091a54352bcde7ee272823fae32d2ec9cbf1d7547ec07e97f800192e7
3a2762ba48e0ce21f54e4b545f937fe83de3dd840d291134103d889dbb28d86e
3b45b26a597954e058c5af5f2e15ef7e315bd4571dbb86241fe47cd5395744ca
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546
3dd6334bbbdabc6a816851f5c2c4a71193190a0569359d4f8834e45b57e10dfb
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4383437e4c7973582c6fa37a8693ce3d30e4026a462995671533ef885b0a130a
43fe9baf723ed950dda46d8675f1123142eab8360bf5d71f3126de4978e5e74f
45081b381b2448cac81c3cc81ed427d216719a54890a2242e691ab7608a0ada8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48bed48790300a86a8b38be367b9fc7e124007d87d3ae1a1b5f9a05349dcf9a5
4b5a1c328f781b61a764d17923f440cc970d6f699849bcc236e894a0d51c72bd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7
51f4dc64108e838c8879494af7e51ff28088766f95b52b7d3444b1f4e0e77d0b
527718fd2692a8581d7fb4e3d42fed33df4b4dc56632b1cc06344180902e5ef3
528b6b3e8edb272a61e1d3b10f11af0d241680684143fb5339fa2758a3e65187
5369907163ac4f204bd871d3db2537d401ac4bf2cb034da05bcc0af1271eb5f9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e01dbd445b3e609dba673bd82bdf1969b350936a70c9e1a234ad3cddec16de
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5b489849f86636e88d98772735af2416b3c3e85076f7135b4ca14a08764e4774
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c99dc27d465b2f8425daee704098e7335a880b4c757bfdded09721b9054d64d
60dc3bb507df5e166862248771d6a0c2597f7dd318613c7c4478c9faeba80840
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e69f1c3711825b5166ddcbd07539e556ce7068917ad7701a5af5b4814f33
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
62d056f363b8b39fd0f85690a31012fcb6f1f0cef642bb247fc8ae627e33ac6d
64b5c64d8600b52c7750278da76ec7cb2ae1b6ac40831ef3e7f3402e970f9525
64f168455859b28f4a27d3f9c07063c7011cb6b4ab0e75dbad02869067884b8d
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6707a3c68df726150faa7897909a1052309a6d021c0c699d1261a0a0945f10e4
6800d363cb5a534231c868a110cc4762d636d4df062c41a407c1c091e959e96f
6bdd776cb16e22b3dd4e315156ff4c68d66d770079fdcdbeb381021529c9c544
729193687b34515324d1c9020777b3d86b9f42d1fdbcb5998824944c601bcd54
75f60b8ba8974945a0ffcd6f2e93258cdac42a785b9d478ec3786881e2abcbee
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7a36cfe069f3a0762652d5b30060d711b1c3261ea54ad353241a265db227812c
7a929bcd8cce2585ea3be49e84b6735c35debe93e48f62f5dd7e4fc4b33825e5
7c305b7ad1d78bd67cd5af248ce383aa062d4d09e779b2add0c732469d32badb
7d1ceb94e880da6a9d0d5dbc9bca2163e767f3eb9c4c9a6583a2ce64255a83cd
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8109cf8ec5546bd1865b1850b83ce3ee5cc358cc0bfdc14d52b5f5cb59a93d71
81c68e93b5bad4332a72ee44e13adf8f0ad4a709f0ff5b93f37d985485ff903b
8991556f5c9b30c2d75a55872cf2a8ad90a5b7a8db12ea78e8c51afda2b9ddbb
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8e4186bd2cfa76f7a48100c5d1edb1909b37f68f1e33508f92edb72017a40406
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
90344adeb8e502c0a5582900ed8480f49e834970830b5f7fccdef17f68cb75fa
915a4f4841a2fc128f33bac8815a6b9e041a16a07e328aa6c22041167cb31987
92ca1736ee4a07da4aec1bf75f1cf294129e25ba87ea6198627837448e9b1f5e
93dc5afee0d7c64a418ee3804bb76f9855e7ff5a501a26ed29cd544f066bb6d3
950487041eb8b857d86436c10b487f194b9b97a4205366978d9b945de8164ccb
98174e30b9f1468b96f8d317978ded9f514e77d8903f5c1a95463bc43c51f298
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9924f0aee1ecba1673c4e75a3b78b53dc3e63bc7dceadd5a9ae7ccfb1e2c0e3a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be1ff5169a3fc6334c134a96df76938723501a00fe5ad2d152f10a573595d7e
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e424ab30e57e903c77ed203fd48b8e240c9333d18eada751c7a5744ad5ac5f7
9e6dab1cacda3a4a07e374d1364e01aa182806cafee7421cc7bccf5ca347f3de
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a13bba05bc65835222eb71040bba525c75e73845a2b3f10b7ccbe7fc35e130ae
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1cb10406a6a28655351f567b6851b114056e8b2b2b773d0aca26cb3da966143
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907
a6778aac1a3b22c7997c1b8d951e2fe5224a2b45f3133294e908d43e6d84e394
a71902890d932247a4c1a8f83c6f0b8dd7a6e7a12d64524559aa158c9a19f1db
a8642b2144f5f3473de287de8bf9960e40c66bacb4845580accdd400c52a7fa7
a872bbbb6742e0d8756d7e5c7ad9f117ea78f7985fbbd6861adfced3648fd774
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac029ed357e9abcb27b7afb2c5e3ffd7b0877924f8707c32c0a094e9a2027b2d
ad4e421119302e89d2ef10d7461de4fd4d6318c1529c36ee973c4c17ea3e31d9
ad74a7f477d4dbe1cecfc7591f728f9d7236efb402e337634cd3d14c321c1ac7
b013c2c47077742878ed5169c4f564d0d5278a480d7aac99ef7df75a783359e9
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25fabbdd4608ade7c022b666c1cc2e631a9d403fc29535df2789ed0bca96817
b4c57083a29b481f9d288f379ce155b9f116ceb399f359770cfdb95f3fb9e021
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b9eab613f27dc9efb747630f963208741cc088b586edfbfdaaebf7d733dc2d63
bba3a253608d50cff0174ea1102b3ff4e93993be25d07c0e0223f20f19c37382
beea121e5188b863d6e08e80e8b9744ecebf9cdd37f201a9b2b4000fd6af900f
bf2251fa0d25ff7169dc9c75e11526578a71434eb9b25487dc2228f13bfc2bf2
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
bf690803e1fc3c3d03595643914712996adb559fb7846cf6c69b8f83275d47b6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c427820d10fd65f85b3f4165edd9586dedb7050815e868589fa5053427141ad0
c54eb47c8ffc83c5ceeff7a5f3bb3544c4eec6c92091f3ee37f36ab36b09fd88
c5cc340c08cd853d82cd532d2f58de982e0c8fc015b7116f837202d52b129508
c6026b5e35c99959ff49bb57e086263c3145cf10054c10448b944348d7a3d2ab
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c85bf82b1839f7ce776633ba44f9bafe42b7bece4581e008e641274134810f4d
c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd
ca73ce16bf82732ed93a9b6087c7bc63ac2d76e285ca5d7a34411b47ee49995f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc6f237c59aa6b0f45874b67ecdafc85249bd1f870a4507afa225f8010141012
cd594deba343e24788a95c61f98cecd9e107ddbc82ac9c95033a71aa4dc22a64
ce32ae882f40c9033f5d7fc2704b9be9cee32aa7d53023f20fdb966ab3e01119
cf2350a7ba804e2c8e117ac52a185bbc5b4ae59e50b6cebfd5d77fd3eaebd24c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d26f0552bbcdf57b802dc4fb481f0623f6bad3129c35da64310e5c50ef1d44a9
d4be3ac72f80e7f9de3f25f566fe693f2ff4ca40467d0ebb0f2ace003f2eed98
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64
e2a0ebb4c1e2bfeb215c6d41bb6c4fb0fac5a228fddf6a4bc77ef08e7f2e7477
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d1a7e5a7458fab350938e5d27ac4a5715e3c27e00e4d0287e406721cebd8db
e686f777af902c3b49e5143f9205136effcd04b661d8c863a8380e75a0d3a97d
e7d966b93453ecd66f4633ebf4cfa77e88a8fd891507ee213a6fa8f836a992e1
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eed41569c5406a72f15d1cf51192eb8f2ee0fc44e64cbc97b50cf7f7f5437e3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1541501090897e0804ad3205d903eb61d4fed83ed28d2a903272f614ee894b7
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f8f69294cb3228695da3ba9b677db613089da1f680cc7daba635881b6e6554af