bigpicture.net Open in urlscan Pro
74.121.193.66 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes
Submission Tags: falconsandbox
Submission: On April 29 via api (April 29th 2021, 7:13:11 pm UTC) from US

Summary HTTP 92 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 16 domains to perform 92 HTTP transactions. The main IP is 74.121.193.66, located in United States and belongs to CONTE-25-BLA-RST, US. The main domain is bigpicture.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 28th 2021. Valid for: a year.

This is the only time bigpicture.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	74.121.193.66 74.121.193.66	36473 (CONTE-25-...) (CONTE-25-BLA-RST)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:d57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
8	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	204.180.130.165 204.180.130.165	53866 (QTS-AS) (QTS-AS)
1 5	2a02:26f0:6c0... 2a02:26f0:6c00::210:baab	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	54.74.23.153 54.74.23.153	16509 (AMAZON-02) (AMAZON-02)
1	54.235.108.207 54.235.108.207	14618 (AMAZON-AES) (AMAZON-AES)
92	24

15 74.121.193.66 (United States)

ASN36473 (CONTE-25-BLA-RST, US)
PTR: 676elmp01.blackmesh.com

bigpicture.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:d57 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.juicer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e8617e317d5cec4448c618f592524a91.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 204.180.130.159 (United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.180.130.165 (United States)

ASN53866 (QTS-AS, US)

oqs.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:baab (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.74.23.153 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-23-153.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.108.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-108-207.compute-1.amazonaws.com

nextroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googlesyndication.com e8617e317d5cec4448c618f592524a91.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	370 KB
15	bigpicture.net bigpicture.net	346 KB
10	omeda.com olytics.omeda.com oqs.omeda.com	78 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	527 KB
9	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	118 KB
8	google.com www.google.com adservice.google.com	18 KB
6	adroll.com 1 redirects s.adroll.com d.adroll.com	72 KB
6	googletagservices.com www.googletagservices.com	154 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	juicer.io assets.juicer.io	100 KB
1	nextroll.com nextroll.com	2 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	google.de adservice.google.de	799 B
1	googleapis.com fonts.googleapis.com	962 B
1	googletagmanager.com www.googletagmanager.com	34 KB
1	jquery.com code.jquery.com	79 KB
92	16

	Domain	Requested by
15	bigpicture.net	bigpicture.net
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
8	olytics.omeda.com	www.googletagmanager.com bigpicture.net olytics.omeda.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net bigpicture.net
7	pagead2.googlesyndication.com	olytics.omeda.com securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
7	www.google.com	bigpicture.net www.gstatic.com securepubads.g.doubleclick.net www.google.com
6	www.gstatic.com	www.google.com www.gstatic.com
6	www.googletagservices.com	bigpicture.net securepubads.g.doubleclick.net olytics.omeda.com
5	s.adroll.com	1 redirects bigpicture.net s.adroll.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	oqs.omeda.com	olytics.omeda.com
2	www.google-analytics.com	bigpicture.net www.google-analytics.com
2	assets.juicer.io	bigpicture.net
1	nextroll.com
1	d.adroll.com
1	d.adroll.mgr.consensu.org	1 redirects
1	e8617e317d5cec4448c618f592524a91.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	bigpicture.net
1	www.googletagmanager.com	bigpicture.net
1	code.jquery.com	bigpicture.net
92	23

This site contains links to these domains. Also see Links.

Domain
www.nxtbook.com
www.linkedin.com
form.jotform.com
www.facebook.com
twitter.com
www.instagram.com
www.pinterest.ca
smartworkmedia.com
stmediagroupintl.com
stm.dragonforms.com

Subject Issuer	Validity	Valid
bigpicture.net Go Daddy Secure Certificate Authority - G2	`2021-02-28` - `2022-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-18` - `2021-07-18`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2020-07-31` - `2021-08-18`	a year	crt.sh
adroll.com R3	`2021-03-30` - `2021-06-28`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
nextroll.com R3	`2021-03-21` - `2021-06-19`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes
Frame ID: 2FCDC7292731F06474D967B17FCDFEE2
Requests: 53 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtha8UAAAAACgsWFQdkpCpj-NQWGhYFtnpnxEM&co=aHR0cHM6Ly9iaWdwaWN0dXJlLm5ldDo0NDM.&hl=en&type=image&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=light&size=normal&cb=qaj24ufktjqw
Frame ID: 2F4A41BDE28B198217B8AF1205D60444
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQbtqIB6akyPZw4YM0PC-KgYOx9YOy7YUFJ6-grdorGBB08RChrLNh5VRfZ4xGNuW5jGGsbOQ7nYIYw7Qadfe2btVEoQI9PEse2Lu7ZYMmoJcuFtODwynaBGAc477Cfv1Xavejo2MsBDzoLp7yzo09nEq85CQYwmZXgO62PdR3DsZnsmhLfDdDV6FKFFOS5z-D2-Rs_Z97EWz5CGAEJSMvtc9fppFaqgI-SbaQlEivtGTuOSxAVHwcptagAGxh7-x-tV9a4xT21_dzejuCofSdGMtRIjx8YYqwQd4mbi2tGbpAz1Hgq1CVLOM&sai=AMfl-YSUm_JwZXDCdtkJmf2184oRcMq7ASV0uyrFAW7IdoSzcI8zCKLiKG8xImSzaoNr2260Gk20o5rcr_6IqKLWRLdWjqRcJ-zSx60Xgx8EsRNeBMKICrOIlKsJMiO5N4c&sig=Cg0ArKJSzMRZc6XcYDSLEAE&adurl=
Frame ID: F0293E3212CE52B1995F7596D51A2498
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLbUJAf1vJ9F6n8FhrhejC1_CKUpxwdi0qu9i44Fs__15QUaybbacdHZ-JLkn1jIPp1rtyG6WwFPhWa-PxYcjqszGvQWTZhig0JAZkNZooBEOGidABv9_SJF7GfEfdblD8yuRj7Sg8OKADsg6vRoNOwGsyV4CnjQc_7f21NaWDioAoriJIctTjRUtSJNxqRvtbnqN0eZScqcCmYmouwuLpO_8UG6n-VOD8MQOSo6X8QWmiy_AUM34O8dz5PtkjtdAcEBAZ_6R5BLuqqw_kaNvQ2yNPYtKuj8XLoKJp6j-f6kCFGUR_ATuLSCcD2SNwzw&sai=AMfl-YSBbW-cmcQkA9gJNcA7eJ_L9c6LS9rtbRO-cPawjdiZI-hcaQ2_N44wS_rnnqE6uvvTxTD2LPWeyplV1nX6bIja0c25DYIuGSB9dDsY_I4jd81tFPAMut5Xaw1CGU8&sig=Cg0ArKJSzAdmDLV5KQ2-EAE&adurl=
Frame ID: 1FFAA0F73CDD39772F7F7896FFB5E677
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulQdHGB7wmBkfasMhkQqJppk7hoJIEd32I9244W63MHdqes07-WwS0Na6W1P_BOeAaNL8kFbT_sNwsrWHK8NgadSkN18YytEMePMUQ9Nn358l9D57dkQctX_LmhVaCS470ep_DC50HTOGWfLRp4tGmW906L9RBJAQjBQUNE0ar4UjC3LablVMt-Vv9jGXDhQPRcNjnrPNeDHFwUIy29YBWzTXYpKrcy2Ok3k2fH-I7BeJOZ1ttCZyX-NHnqtd0gTKjC20leXJ1VRVaLMJmdCyXTOsFHqdfW_3Wd2GdcX8qLnkoy91X_ug-dZHuFz1dNQO8zBBMPw&sai=AMfl-YSoU94BoOg8pXJTf97cdj8Xpxx19p7_fBlLJJggz4Tfk-vbIPuhfZmcYPmZH2di5WhhDqaY2ScyXKTq7LH7dxi0aox7dm88IUcc1lYHyOrDlJuDi6f1eMxbhFP-p3Y&sig=Cg0ArKJSzKEOJRab_B6cEAE&adurl=
Frame ID: 4CF27D5EF40FABFDB43B9244C0FE854C
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6Ldtha8UAAAAACgsWFQdkpCpj-NQWGhYFtnpnxEM&cb=9kvdt9iq4pkj
Frame ID: 34C8EBF3291EBB208579D6C79DE78708
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 2B44F24F8659282AF4C77990453A3059
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

92
Requests

97 %
HTTPS

74 %
IPv6

16
Domains

23
Subdomains

24
IPs

5
Countries

1920 kB
Transfer

5139 kB
Size

6
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.nxtbook.com/fx/archives/view.php?id=45e3209d52e788f2cd908e0cb8d9a507&nb=1
Title: Digital Edition Archives

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups/1823369/profile
Title: Job Postings

Search URL Search Domain Scan URL

URL: https://form.jotform.com/210124059573955
Title: Best of Wide Format Awards

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bigpicturemag/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/bigpicturemag
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bigpicturemag/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.pinterest.ca/bigpicturemag/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://smartworkmedia.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://stmediagroupintl.com/about/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://stm.dragonforms.com/STM14_Binew?PK=WHOME
Title: Subscribe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://s.adroll.com/j/exp/4DX4R3Y2BFEZDFCDNYO7Y6/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 81

https://d.adroll.mgr.consensu.org/consent/iabcheck/4DX4R3Y2BFEZDFCDNYO7Y6?_s=ff3e8cee65b6d07f16d5f4a11460743a&_b=2 HTTP 302
https://d.adroll.com/consent/check/4DX4R3Y2BFEZDFCDNYO7Y6/?_s=ff3e8cee65b6d07f16d5f4a11460743a&_b=2

92 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request attack-titan-season-4-episode-9-full-episodes Show response
bigpicture.net/users/ 43 KB
9 KB 754ms
380ms Document
text/html 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache / PHP/5.6.40

Resource Hash

354043e4e6f0251e6e57d59a8f30b562f59dc6cb2ad47a4d38363c8cdf9cc4e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Host: bigpicture.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: Apache
X-Content-Type-Options: nosniff nosniff
X-Powered-By: PHP/5.6.40
Cache-Control: must-revalidate, no-cache, private
X-Drupal-Dynamic-Cache: UNCACHEABLE
Link: <https://bigpicture.net/>; rel="canonical", <https://bigpicture.net/>; rel="shortlink" <https://bigpicture.net/>; rel="canonical", <https://bigpicture.net/>; rel="shortlink"
X-UA-Compatible: IE=edge
Content-language: en
X-Frame-Options: SAMEORIGIN
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Accept-Encoding
X-Generator: Drupal 8 (https://www.drupal.org)
X-Drupal-Cache: MISS
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Content-Length: 8363
Accept-Ranges: bytes
Date: Thu, 29 Apr 2021 19:12:51 GMT
X-Varnish: 932591838
Age: 0
Via: 1.1 varnish

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 23ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac474926f1b8ad8a7a17ea4b965a353805c66060fb1ec4e444c5028f54b5bdae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "857 / 180 of 1000 / last-modified: 1619694582"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21254
x-xss-protection: 0
expires: Thu, 29 Apr 2021 19:12:51 GMT

GET
H3-29 200 api.js Show response
www.google.com/recaptcha/ 850 B
576 B 25ms
15ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b97ff1109b709bf33a4a7593782b6f5f0fe56b3b46ef504dba244a9026c3fdbe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Thu, 29 Apr 2021 19:12:51 GMT

GET
H/1.1 200
OK css_mt1bojd1nZyjWOaR61Y7JMS_q9dXm9xecMEr4pLWPOo.css
bigpicture.net/sites/default/files/css/ 2 KB
1 KB 130ms
121ms Stylesheet
text/css 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://bigpicture.net/sites/default/files/css/css_mt1bojd1nZyjWOaR61Y7JMS_q9dXm9xecMEr4pLWPOo.css?qbz4sb

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

9add5ba237759d9ca358e691eb563b24c4bfabd7579bdc5e70c12be292d63cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://bigpicture.net/
Connection: keep-alive
Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Jun 2020 15:38:30 GMT
Server: Apache
Age: 0
ETag: "59cb3c-37f-5a82137f8e980"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 varnish
Cache-Control: max-age=1209600
X-Varnish: 932591840
Accept-Ranges: bytes bytes
Content-Length: 895
Expires: Thu, 13 May 2021 19:12:51 GMT

GET
H2 200 embed.css
assets.juicer.io/ 86 KB
12 KB 55ms
22ms Stylesheet
text/css 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.juicer.io/embed.css
Requested by: Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b73173ab77e5733c6a19e60efb65ab23bc8a9c584a761198234606ee167b71

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 647ad8226a7c05e9-FRA
date: Thu, 29 Apr 2021 19:12:51 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 28 Apr 2021 11:54:40 GMT
server: cloudflare
age: 2721
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JfKcpkD4fFpNDkB%2FfybQSywfuHPcoeLe9b6mqjNhEH9meyRhDp6Q6WvpFIpuU%2BPe4rOwB%2FJAKwRFf3GYEcYJYKgdD3T8Mysjd7Y%2FDK%2FAfwX16k7%2BZq2J7JUPf8pL"}]}
content-type: text/css
cache-control: public, max-age=3600
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09c0a56985000005e9e61d4000000001

GET
H/1.1 200
OK css_amxJH26EKkLrlz7rN3OyPrWgeBjFk9uLMw_Y8aO0sqU.css
bigpicture.net/sites/default/files/css/ 7 KB
2 KB 252ms
121ms Stylesheet
text/css 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://bigpicture.net/sites/default/files/css/css_amxJH26EKkLrlz7rN3OyPrWgeBjFk9uLMw_Y8aO0sqU.css?qbz4sb

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

6a6c491f6e842a42eb973eeb3773b23eb5a07818c593db8b330fd8f1a3b4b2a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://bigpicture.net/
Connection: keep-alive
Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Jun 2020 15:41:30 GMT
Server: Apache
Age: 0
ETag: "59cbb2-7ac-5a82142b37e80"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 varnish
Cache-Control: max-age=1209600
X-Varnish: 932591841
Accept-Ranges: bytes bytes
Content-Length: 1964
Expires: Thu, 13 May 2021 19:12:51 GMT

GET
H/1.1 200
OK css_chB_eNFX9Kn-uCw9TgWnrkkNtB1MuKgvyrxrZj-osz0.css
bigpicture.net/sites/default/files/css/ 381 KB
57 KB 462ms
221ms Stylesheet
text/css 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://bigpicture.net/sites/default/files/css/css_chB_eNFX9Kn-uCw9TgWnrkkNtB1MuKgvyrxrZj-osz0.css?qbz4sb

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

72107f78d157f4a9feb82c3d4e05a7ae490db41d4cb8a82fcabc6b663fa8b33d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://bigpicture.net/
Connection: keep-alive
Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Jun 2020 15:38:59 GMT
Server: Apache
Age: 0
ETag: "59cb60-e24a-5a82139b36ac0"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 varnish
Cache-Control: max-age=1209600
X-Varnish: 932591842
Accept-Ranges: bytes bytes
Content-Length: 57930
Expires: Thu, 13 May 2021 19:12:51 GMT

GET
H/1.1 200
OK css_47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU.css
bigpicture.net/sites/default/files/css/ 0
459 B 354ms
118ms Stylesheet
text/css 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://bigpicture.net/sites/default/files/css/css_47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU.css?qbz4sb

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://bigpicture.net/
Connection: keep-alive
Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Jun 2020 15:38:31 GMT
Server: Apache
Age: 0
ETag: "59cb44-14-5a82138082bc0"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 varnish
Cache-Control: max-age=1209600
X-Varnish: 932591843
Accept-Ranges: bytes bytes
Content-Length: 20
Expires: Thu, 13 May 2021 19:12:51 GMT

GET
H/1.1 200
OK modernizr.min.js Show response
bigpicture.net/core/assets/vendor/modernizr/ 5 KB
3 KB 363ms
121ms Script
text/javascript 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://bigpicture.net/core/assets/vendor/modernizr/modernizr.min.js?v=3.3.1

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

1e06b3b8ed8d91022c8192923eb0d0a913596d088312b8bdc0c3b6dd2361627a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://bigpicture.net/
Connection: keep-alive
Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 29 May 2019 19:06:24 GMT
Server: Apache
Age: 0
ETag: "8f9046-1248-58a0b7a426c00"
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 varnish
Cache-Control: max-age=1209600
X-Varnish: 932591844
Accept-Ranges: bytes bytes
Content-Length: 2110
Expires: Thu, 13 May 2021 19:12:51 GMT

GET
H/1.1 200
OK js_yaCYIfu5b-5_ie8Hdp-_tuuLqesxvdFtKj9x6njSpaE.js Show response
bigpicture.net/sites/default/files/js/ 4 KB
2 KB 366ms
122ms Script
text/javascript 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://bigpicture.net/sites/default/files/js/js_yaCYIfu5b-5_ie8Hdp-_tuuLqesxvdFtKj9x6njSpaE.js

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

c9a09821fbb96fee7f89ef07769fbfb6eb8ba9eb31bdd16d2a3f71ea78d2a5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://bigpicture.net/
Connection: keep-alive
Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Jun 2020 15:38:31 GMT
Server: Apache
Age: 0
ETag: "59cb48-48d-5a82138082bc0"
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 varnish
Cache-Control: max-age=1209600
X-Varnish: 932591845
Accept-Ranges: bytes bytes
Content-Length: 1165
Expires: Thu, 13 May 2021 19:12:51 GMT

GET
H2 200 jquery-1.10.2.js Show response
code.jquery.com/ 267 KB
79 KB 537ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.2.js
Requested by: Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:52 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-42b2f"
vary: Accept-Encoding
x-hw: 1619723572.dop224.fr8.t,1619723572.cds275.fr8.hc,1619723572.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 80743

GET
H/1.1 200
OK logo.svg
bigpicture.net/themes/custom/de_theme/ 3 KB
3 KB 122ms
120ms Image
image/svg+xml 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigpicture.net/themes/custom/de_theme/logo.svg

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

23327e8f769ecb08b5479e9eeb49696ccae7f1a33bcbbc3b78cab6e0c40ba57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bigpicture.net/
Connection: keep-alive
Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:52 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Jan 2018 16:41:50 GMT
Server: Apache
Age: 0
ETag: "71ae10-bf2-563ecec36cf80"
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
X-Varnish: 932591849
Accept-Ranges: bytes bytes
Content-Length: 3058
Expires: Thu, 13 May 2021 19:12:52 GMT

GET
H/1.1 200
OK js_0gxzOSdtpajyj4zVQ2AVxwLAKn0Cgxn7gQUk-mmpTjU.js Show response
bigpicture.net/sites/default/files/js/ 102 KB
35 KB 129ms
124ms Script
text/javascript 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://bigpicture.net/sites/default/files/js/js_0gxzOSdtpajyj4zVQ2AVxwLAKn0Cgxn7gQUk-mmpTjU.js

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

d20c7339276da5a8f28f8cd5436015c702c02a7d028319fb810524fa69a94e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://bigpicture.net/
Connection: keep-alive
Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Jun 2020 15:39:01 GMT
Server: Apache
Age: 0
ETag: "59cb6a-883d-5a82139d1ef40"
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 varnish
Cache-Control: max-age=1209600
X-Varnish: 932591846
Accept-Ranges: bytes bytes
Content-Length: 34877
Expires: Thu, 13 May 2021 19:12:52 GMT

GET
H2 200 embed-no-jquery.js Show response
assets.juicer.io/ 472 KB
88 KB 45ms
43ms Script
application/javascript 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.juicer.io/embed-no-jquery.js
Requested by: Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a649642ea247c1e5ca5f713f8fa416c53c2b6175df13a996a6a10aaf2e5e86f4

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 647ad826efd505e9-FRA
date: Thu, 29 Apr 2021 19:12:52 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 28 Apr 2021 11:54:40 GMT
server: cloudflare
age: 3342
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7DaNZrErHCIP4uMzO6PpBW32NX0dqGt8A0qcIjK6r9t%2BbwQKhd1PT%2F%2B59JhpUUS%2BZSQUoR9w%2BlzBvJGDA%2FnrFHa%2BdstrwY2Idad1xQUurxpxJw4Z6h1Vr1gsEXdo"}]}
content-type: application/javascript
cache-control: public, max-age=3600
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-request-id: 09c0a56c5a000005e9d7bfc000000001

GET
H/1.1 200
OK js_BQBHaqlxAGzMRpU03pwDGuxiy_5zTttEn6OYl44bL7E.js Show response
bigpicture.net/sites/default/files/js/ 153 KB
37 KB 232ms
230ms Script
text/javascript 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://bigpicture.net/sites/default/files/js/js_BQBHaqlxAGzMRpU03pwDGuxiy_5zTttEn6OYl44bL7E.js

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

0500476aa971006ccc469534de9c031aec62cbfe734edb449fa398978e1b2fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://bigpicture.net/
Connection: keep-alive
Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Jun 2020 15:38:31 GMT
Server: Apache
Age: 0
ETag: "59cb59-932e-5a82138082bc0"
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 varnish
Cache-Control: max-age=1209600
X-Varnish: 932591847
Accept-Ranges: bytes bytes
Content-Length: 37678
Expires: Thu, 13 May 2021 19:12:52 GMT

GET
H/1.1 200
OK js_RU5Gn1hNhIAPv1pKQEFmDv-Q-KtqelK6M8P5clytA3A.js Show response
bigpicture.net/sites/default/files/js/ 4 B
470 B 125ms
123ms Script
text/javascript 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://bigpicture.net/sites/default/files/js/js_RU5Gn1hNhIAPv1pKQEFmDv-Q-KtqelK6M8P5clytA3A.js

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

454e469f584d84800fbf5a4a4041660eff90f8ab6a7a52ba33c3f9725cad0370

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://bigpicture.net/
Connection: keep-alive
Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Jun 2020 15:38:31 GMT
Server: Apache
Age: 0
ETag: "59cb4e-18-5a82138082bc0"
Vary: Accept-Encoding
Content-Type: text/javascript
Via: 1.1 varnish
Cache-Control: max-age=1209600
X-Varnish: 932591848
Accept-Ranges: bytes bytes
Content-Length: 24
Expires: Thu, 13 May 2021 19:12:52 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6177
date: Thu, 29 Apr 2021 17:29:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 29 Apr 2021 19:29:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 86 KB
34 KB 32ms
29ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMJQJ5D

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65609d41c0f157e31e3222874703753ee416002d1c14019d25731ffae5deb7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34594
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Apr 2021 19:12:52 GMT

GET
H/1.1 200
OK css_CChw8Fb8pgzAlwzu3q7TE0TjiXuIlTgxF8z6QVDW5XY.css
bigpicture.net/sites/default/files/css/ 52 KB
9 KB 125ms
124ms Stylesheet
text/css 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://bigpicture.net/sites/default/files/css/css_CChw8Fb8pgzAlwzu3q7TE0TjiXuIlTgxF8z6QVDW5XY.css?qbz4sb

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

082870f056fca60cc0970ceedeaed31344e3897b8895383117ccfa4150d6e576

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://bigpicture.net/
Connection: keep-alive
Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 15 Jun 2020 15:38:30 GMT
Server: Apache
Age: 0
ETag: "59cb42-2248-5a82137f8e980"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 varnish
Cache-Control: max-age=1209600
X-Varnish: 932591850
Accept-Ranges: bytes bytes
Content-Length: 8776
Expires: Thu, 13 May 2021 19:12:52 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ 334 KB
131 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bigpicture.net
Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26170
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133604
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 11:56:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
962 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Roboto+Slab:300,400,700

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/sites/default/files/css/css_chB_eNFX9Kn-uCw9TgWnrkkNtB1MuKgvyrxrZj-osz0.css?qbz4sb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ad63e7a642eaccd5939a5372b9683a710eb4e501adbd9fe185ea87998110d4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 19:12:52 GMT
server: ESF
date: Thu, 29 Apr 2021 19:12:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Apr 2021 19:12:52 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v13/ 39 KB
39 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v13/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Roboto+Slab:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bigpicture.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:44:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:03:59 GMT
server: sffe
age: 12525
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39440
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:44:07 GMT

GET
H2 200 pubads_impl_2021042601.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
107 KB 108ms
39ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

98190df3dbe81118cde191895dfbe06c5f0793670108bdeadd4df4d02d532542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 08:39:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108658
x-xss-protection: 0
expires: Thu, 29 Apr 2021 19:12:52 GMT

GET
H/1.1 200
OK search-icon.svg
bigpicture.net/themes/custom/de_theme/dist/images/ 1 KB
2 KB 130ms
128ms Image
image/svg+xml 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigpicture.net/themes/custom/de_theme/dist/images/search-icon.svg

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/sites/default/files/css/css_chB_eNFX9Kn-uCw9TgWnrkkNtB1MuKgvyrxrZj-osz0.css?qbz4sb

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

e032c8e55b4b26c609faf703458a0ddbc952316a8bc421fb64e65d86df9e2c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bigpicture.net/sites/default/files/css/css_chB_eNFX9Kn-uCw9TgWnrkkNtB1MuKgvyrxrZj-osz0.css?qbz4sb
Connection: keep-alive
Referer: https://bigpicture.net/sites/default/files/css/css_chB_eNFX9Kn-uCw9TgWnrkkNtB1MuKgvyrxrZj-osz0.css?qbz4sb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:52 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Jan 2018 16:41:50 GMT
Server: Apache
Age: 0
ETag: "87b8da-4f0-563ecec36cf80"
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
X-Varnish: 932591851
Accept-Ranges: bytes bytes
Content-Length: 1264
Expires: Thu, 13 May 2021 19:12:52 GMT

GET
H/1.1 200
OK right-arrow.svg
bigpicture.net/themes/custom/de_theme/dist/images/ 751 B
1 KB 122ms
122ms Image
image/svg+xml 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bigpicture.net/themes/custom/de_theme/dist/images/right-arrow.svg

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/sites/default/files/css/css_chB_eNFX9Kn-uCw9TgWnrkkNtB1MuKgvyrxrZj-osz0.css?qbz4sb

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

742e31da6a7a6d42bec34d380d68984209d15dd2a0d71340c0457e5d869e7140

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://bigpicture.net/sites/default/files/css/css_chB_eNFX9Kn-uCw9TgWnrkkNtB1MuKgvyrxrZj-osz0.css?qbz4sb
Connection: keep-alive
Referer: https://bigpicture.net/sites/default/files/css/css_chB_eNFX9Kn-uCw9TgWnrkkNtB1MuKgvyrxrZj-osz0.css?qbz4sb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:52 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Jan 2018 16:41:50 GMT
Server: Apache
Age: 0
ETag: "87b8e4-2ef-563ecec36cf80"
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
X-Varnish: 932591854
Accept-Ranges: bytes bytes
Content-Length: 751
Expires: Thu, 13 May 2021 19:12:52 GMT

GET
H/1.1 200
OK ionicons.ttf
bigpicture.net/themes/custom/de_theme/dist/fonts/ionicons-2.0.1/fonts/ 184 KB
184 KB 294ms
220ms Font
text/plain 74.121.193.66
CONTE-25-BLA-RST

General

Check archive.org

Show headers Download Go to

Full URL

https://bigpicture.net/themes/custom/de_theme/dist/fonts/ionicons-2.0.1/fonts/ionicons.ttf?v=2.0.0

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/sites/default/files/css/css_chB_eNFX9Kn-uCw9TgWnrkkNtB1MuKgvyrxrZj-osz0.css?qbz4sb

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

74.121.193.66 , United States, ASN36473 (CONTE-25-BLA-RST, US),

Reverse DNS

676elmp01.blackmesh.com

Software

Apache /

Resource Hash

3c5b6bb603a4f7556b94532674f3847b430b9495afbb3a4dcfe5ba718baa59ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://bigpicture.net
Accept-Encoding: gzip, deflate, br
Host: bigpicture.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://bigpicture.net/sites/default/files/css/css_chB_eNFX9Kn-uCw9TgWnrkkNtB1MuKgvyrxrZj-osz0.css?qbz4sb
Connection: keep-alive
Origin: https://bigpicture.net
Referer: https://bigpicture.net/sites/default/files/css/css_chB_eNFX9Kn-uCw9TgWnrkkNtB1MuKgvyrxrZj-osz0.css?qbz4sb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:52 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Jan 2018 16:41:49 GMT
Server: Apache
Age: 0
ETag: "a38701-2e05c-563ecec278d40"
Content-Type: text/plain; charset=UTF-8
Cache-Control: max-age=1209600
X-Varnish: 932591853
Accept-Ranges: bytes bytes
Content-Length: 188508
Expires: Thu, 13 May 2021 19:12:52 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 25ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Roboto+Slab:300,400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75db69592337280529fdc6448185b1cb88a50dbe9b498718f45ba52907e8aba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bigpicture.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:38 GMT
server: sffe
age: 378554
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15088
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Roboto+Slab:300,400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bigpicture.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 378554
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
15ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&aip=1&a=1762454790&t=pageview&_s=1&dl=https%3A%2F%2Fbigpicture.net%2Fusers%2Fattack-titan-season-4-episode-9-full-episodes&dp=%2F404.html%3Fpage%3D%2Fusers%2Fattack-titan-season-4-episode-9-full-episodes%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20Big%20Picture&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1202778658&gjid=202734149&cid=1501611605.1619723573&tid=UA-2314439-4&_gid=868418421.1619723573&_r=1&_slc=1&z=1184734119

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 19:12:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bigpicture.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
84 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2314439-4&cid=1501611605.1619723573&jid=1202778658&gjid=202734149&_gid=868418421.1619723573&_u=YEBAAEAAAAAAAC~&z=745174735

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 29 Apr 2021 19:12:52 GMT
content-type: text/plain
access-control-allow-origin: https://bigpicture.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 45ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bigpicture.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 19:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bigpicture.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 19:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
11 KB 119ms
118ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3443936752896198&correlator=1454835866013169&output=ldjh&impl=fifs&eid=31060790%2C31060933&vrg=2021042601&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210429&iu_parts=16078249%2Cbpic-640x480-top-landscape%2Cbpic-336x280-landscape-rectangle%2Cbpic-970x90-leaderboard%2Cbpic-300x600-large-rectangle%2Cbpic-300x250-medium-rectangle%2Cbpic-300x600-house-large-rectangle%2Cbpic-728x90-leaderboard&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=640x480%7C336x280%2C336x280%2C970x90%7C728x90%2C300x600%2C300x250%2C300x600%2C728x90&prev_scp=user_authenticated%3Dfalse%26is_homepage%3Dfalse%26path%3D%252Fusers%252Fattack-titan-season-4-episode-9-full-episodes%26url%3Dhttps%253A%252F%252Fbigpicture.net%252Fsystem%252F404%26slotNumber%3D1%26onPageLoad%3Dtrue%7Cuser_authenticated%3Dfalse%26is_homepage%3Dfalse%26path%3D%252Fusers%252Fattack-titan-season-4-episode-9-full-episodes%26url%3Dhttps%253A%252F%252Fbigpicture.net%252Fsystem%252F404%26slotNumber%3D2%26onPageLoad%3Dtrue%7Cuser_authenticated%3Dfalse%26is_homepage%3Dfalse%26path%3D%252Fusers%252Fattack-titan-season-4-episode-9-full-episodes%26url%3Dhttps%253A%252F%252Fbigpicture.net%252Fsystem%252F404%26slotNumber%3D3%26onPageLoad%3Dtrue%7Cuser_authenticated%3Dfalse%26is_homepage%3Dfalse%26path%3D%252Fusers%252Fattack-titan-season-4-episode-9-full-episodes%26url%3Dhttps%253A%252F%252Fbigpicture.net%252Fsystem%252F404%26slotNumber%3D4%26onPageLoad%3Dtrue%7Cuser_authenticated%3Dfalse%26is_homepage%3Dfalse%26path%3D%252Fusers%252Fattack-titan-season-4-episode-9-full-episodes%26url%3Dhttps%253A%252F%252Fbigpicture.net%252Fsystem%252F404%26slotNumber%3D5%26onPageLoad%3Dtrue%7Cuser_authenticated%3Dfalse%26is_homepage%3Dfalse%26path%3D%252Fusers%252Fattack-titan-season-4-episode-9-full-episodes%26url%3Dhttps%253A%252F%252Fbigpicture.net%252Fsystem%252F404%26slotNumber%3D6%26onPageLoad%3Dtrue%7Cuser_authenticated%3Dfalse%26is_homepage%3Dfalse%26path%3D%252Fusers%252Fattack-titan-season-4-episode-9-full-episodes%26url%3Dhttps%253A%252F%252Fbigpicture.net%252Fsystem%252F404%26slotNumber%3D7%26onPageLoad%3Dtrue&eri=1&cust_params=channel%3D%253C%253Fphp%2520print%2520%2524packtid%253B%2520%253F%253E&cookie_enabled=1&bc=31&abxe=1&lmt=1619723572&dt=1619723572698&dlt=1619723571546&idt=1098&frm=20&biw=1600&bih=1200&oid=3&adxs=480%2C632%2C315%2C1069%2C1069%2C1069%2C230&adys=0%2C480%2C760%2C1031%2C1647%2C1913%2C2549&adks=1710125006%2C1347103282%2C1233848927%2C1074950782%2C2699221087%2C3722502495%2C2999297328&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbigpicture.net%2Fusers%2Fattack-titan-season-4-episode-9-full-episodes&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x480%7C1600x280%7C1600x90%7C300x600%7C300x250%7C300x600%7C1140x90&msz=1600x480%7C1600x280%7C1600x90%7C300x600%7C300x250%7C300x600%7C1140x90&ga_vid=1501611605.1619723573&ga_sid=1619723573&ga_hid=1762454790&ga_fc=false&fws=0%2C0%2C0%2C4%2C4%2C4%2C4&ohw=0%2C0%2C0%2C302%2C302%2C302%2C1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b27da639c863cee9cd70d9fce8c7ba26fcf4c1915a1afe0bce37520d6d18f89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11466
x-xss-protection: 0
google-lineitem-id: -2,-2,5587643684,5620627160,-2,5620627160,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,138345259550,138340133674,-2,138339741633,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bigpicture.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
e8617e317d5cec4448c618f592524a91.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 27ms
13ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://e8617e317d5cec4448c618f592524a91.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2F4A 20 KB
11 KB 30ms
29ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtha8UAAAAACgsWFQdkpCpj-NQWGhYFtnpnxEM&co=aHR0cHM6Ly9iaWdwaWN0dXJlLm5ldDo0NDM.&hl=en&type=image&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=light&size=normal&cb=qaj24ufktjqw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad783a726274b4c25a25c9b96077b2d5d9512213e931c284af332aa8171a2102

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MUYso/q4xiMJ5uQBThzf8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ldtha8UAAAAACgsWFQdkpCpj-NQWGhYFtnpnxEM&co=aHR0cHM6Ly9iaWdwaWN0dXJlLm5ldDo0NDM.&hl=en&type=image&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=light&size=normal&cb=qaj24ufktjqw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bigpicture.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bigpicture.net/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Apr 2021 19:12:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-MUYso/q4xiMJ5uQBThzf8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10856
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200 olytics.css
olytics.omeda.com/olytics/css/v3/p/ 28 KB
3 KB 787ms
135ms Stylesheet
text/css 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/css/v3/p/olytics.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMJQJ5D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

d17c5960d10953cc9057006480986d62c352bfd9fa78db9cf222307b414bc747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 22 Nov 2020 17:38:02 GMT
Server: Apache
ETag: W/"28730-1606066682000"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Accept-Ranges: bytes
vary: accept-encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 30 Apr 2021 01:12:53 GMT

GET
H/1.1 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 271 KB
73 KB 801ms
141ms Script
application/javascript 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

f2554304acc687068f6dd84b750d742d1233e7ab21bf29837c68dfafc15dcc86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Feb 2021 23:44:02 GMT
Server: Apache
ETag: W/"277271-1614123842000"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Accept-Ranges: bytes
vary: accept-encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 30 Apr 2021 01:12:53 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 2F4A 51 KB
25 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtha8UAAAAACgsWFQdkpCpj-NQWGhYFtnpnxEM&co=aHR0cHM6Ly9iaWdwaWN0dXJlLm5ldDo0NDM.&hl=en&type=image&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=light&size=normal&cb=qaj24ufktjqw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
age: 12537
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:43:55 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 2F4A 334 KB
131 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26170
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133604
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 11:56:42 GMT

GET
DATA 200
OK truncated
/ Frame 2F4A 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2F4A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2F4A 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 13043
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Thu, 06 May 2021 15:35:29 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2F4A 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 24 Apr 2021 06:54:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 476328
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 24 Apr 2022 06:54:04 GMT

GET
H3-29 200 4zEtDJej0gbMAtoXDEpBL-lX4_wzAnUzytr4Uik6g-k.js Show response
www.google.com/js/bg/ Frame 2F4A 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/4zEtDJej0gbMAtoXDEpBL-lX4_wzAnUzytr4Uik6g-k.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3312d0c97a3d206cc02da170c4a412fe957e3fc33027533cadaf852293a83e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtha8UAAAAACgsWFQdkpCpj-NQWGhYFtnpnxEM&co=aHR0cHM6Ly9iaWdwaWN0dXJlLm5ldDo0NDM.&hl=en&type=image&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=light&size=normal&cb=qaj24ufktjqw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 20:13:04 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 16:00:00 GMT
server: sffe
age: 601188
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5771
x-xss-protection: 0
expires: Fri, 22 Apr 2022 20:13:04 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F029 0
0 68ms
67ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQbtqIB6akyPZw4YM0PC-KgYOx9YOy7YUFJ6-grdorGBB08RChrLNh5VRfZ4xGNuW5jGGsbOQ7nYIYw7Qadfe2btVEoQI9PEse2Lu7ZYMmoJcuFtODwynaBGAc477Cfv1Xavejo2MsBDzoLp7yzo09nEq85CQYwmZXgO62PdR3DsZnsmhLfDdDV6FKFFOS5z-D2-Rs_Z97EWz5CGAEJSMvtc9fppFaqgI-SbaQlEivtGTuOSxAVHwcptagAGxh7-x-tV9a4xT21_dzejuCofSdGMtRIjx8YYqwQd4mbi2tGbpAz1Hgq1CVLOM&sai=AMfl-YSUm_JwZXDCdtkJmf2184oRcMq7ASV0uyrFAW7IdoSzcI8zCKLiKG8xImSzaoNr2260Gk20o5rcr_6IqKLWRLdWjqRcJ-zSx60Xgx8EsRNeBMKICrOIlKsJMiO5N4c&sig=Cg0ArKJSzMRZc6XcYDSLEAE&adurl=

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 19:12:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Apr 2021 19:12:52 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame F029 2 KB
1 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 May 2021 19:09:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F029 116 KB
35 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631691980669"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36080
x-xss-protection: 0
expires: Thu, 29 Apr 2021 19:12:52 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F029 0
0 15ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6k_x0VisfH63L538ZrLgx77NOL15bRx91vqZqTVpmxx5Mt_hNHgw-GWtz-6z6DxNDth1E
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 7469709938915533293
tpc.googlesyndication.com/simgad/ Frame F029 71 KB
71 KB 19ms
18ms Image
image/gif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7469709938915533293

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28858865a537d43a070e45e7e3a024bbf3c39aca0d614e13ba98a6b840c6aea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 20:56:44 GMT
x-content-type-options: nosniff
age: 598568
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73030
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 01:44:16 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 20:56:44 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1FFA 0
0 67ms
65ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLbUJAf1vJ9F6n8FhrhejC1_CKUpxwdi0qu9i44Fs__15QUaybbacdHZ-JLkn1jIPp1rtyG6WwFPhWa-PxYcjqszGvQWTZhig0JAZkNZooBEOGidABv9_SJF7GfEfdblD8yuRj7Sg8OKADsg6vRoNOwGsyV4CnjQc_7f21NaWDioAoriJIctTjRUtSJNxqRvtbnqN0eZScqcCmYmouwuLpO_8UG6n-VOD8MQOSo6X8QWmiy_AUM34O8dz5PtkjtdAcEBAZ_6R5BLuqqw_kaNvQ2yNPYtKuj8XLoKJp6j-f6kCFGUR_ATuLSCcD2SNwzw&sai=AMfl-YSBbW-cmcQkA9gJNcA7eJ_L9c6LS9rtbRO-cPawjdiZI-hcaQ2_N44wS_rnnqE6uvvTxTD2LPWeyplV1nX6bIja0c25DYIuGSB9dDsY_I4jd81tFPAMut5Xaw1CGU8&sig=Cg0ArKJSzAdmDLV5KQ2-EAE&adurl=

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 19:12:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Apr 2021 19:12:52 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 1FFA 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 May 2021 19:09:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FFA 116 KB
35 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631691980669"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36080
x-xss-protection: 0
expires: Thu, 29 Apr 2021 19:12:52 GMT

GET
H3-29 200 6309385615867232995
tpc.googlesyndication.com/simgad/ Frame 1FFA 121 KB
121 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6309385615867232995

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df365d08c727387b571d59655b485d3a58b1aa8742a1272ce36bc01a2d2403e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 12:00:19 GMT
x-content-type-options: nosniff
age: 25953
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124068
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 02:09:27 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Apr 2022 12:00:19 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4CF2 0
0 67ms
66ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulQdHGB7wmBkfasMhkQqJppk7hoJIEd32I9244W63MHdqes07-WwS0Na6W1P_BOeAaNL8kFbT_sNwsrWHK8NgadSkN18YytEMePMUQ9Nn358l9D57dkQctX_LmhVaCS470ep_DC50HTOGWfLRp4tGmW906L9RBJAQjBQUNE0ar4UjC3LablVMt-Vv9jGXDhQPRcNjnrPNeDHFwUIy29YBWzTXYpKrcy2Ok3k2fH-I7BeJOZ1ttCZyX-NHnqtd0gTKjC20leXJ1VRVaLMJmdCyXTOsFHqdfW_3Wd2GdcX8qLnkoy91X_ug-dZHuFz1dNQO8zBBMPw&sai=AMfl-YSoU94BoOg8pXJTf97cdj8Xpxx19p7_fBlLJJggz4Tfk-vbIPuhfZmcYPmZH2di5WhhDqaY2ScyXKTq7LH7dxi0aox7dm88IUcc1lYHyOrDlJuDi6f1eMxbhFP-p3Y&sig=Cg0ArKJSzKEOJRab_B6cEAE&adurl=

Requested by

Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 19:12:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Apr 2021 19:12:52 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 4CF2 2 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 May 2021 19:09:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4CF2 116 KB
35 KB 23ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631691980669"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36080
x-xss-protection: 0
expires: Thu, 29 Apr 2021 19:12:52 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 4CF2 0
0 21ms
13ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTpEmhgX6jqw19ogo1bu8HFdgysSllf1AwhF-f1TJ2brfPCNLtzDMcj6aJ99JeiwAVwSdV
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 3380022024257038582
tpc.googlesyndication.com/simgad/ Frame 4CF2 149 KB
149 KB 15ms
8ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3380022024257038582

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71f6370ded0f5a997483bfe27e7f51d8f447ced88c5d27293115b5812147871f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 21:22:06 GMT
x-content-type-options: nosniff
age: 597046
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 152373
x-xss-protection: 0
last-modified: Sat, 13 Feb 2021 02:08:15 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 21:22:06 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631702402874"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Thu, 29 Apr 2021 19:12:52 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 2F4A 102 B
131 B 17ms
14ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldtha8UAAAAACgsWFQdkpCpj-NQWGhYFtnpnxEM&co=aHR0cHM6Ly9iaWdwaWN0dXJlLm5ldDo0NDM.&hl=en&type=image&v=dpzVjBAupwRfx3UzvXRnnAKb&theme=light&size=normal&cb=qaj24ufktjqw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 29 Apr 2021 19:12:52 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4CF2 0
0 119ms
80ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssByIo7cCV5uNjF2-sLmI-ldG-G33pV1nqM6ElXd7Jx0TZjRbEaGyDbBALvqcRsEwPE6rkVgriUVYF-HINv7I89T93PaLPFX4mn_1AifemmP2_EyRX3q5JlZpEuO0yqRvwGB0hF9RzQNlo6wjfhMzy4SGGeFtSigfZIPDcEeTmUZBD1mFO2Tk8GcjtZsh0kQxxMM_EDxM2lkWpAQmmS655czQVqwZbtNIm7wfbp1zLg7GWIJsnFn6ufXvAhXrZKCsYkp8FOUVpANY3bPRBt3s_XTohzp6mKnLfcbal7TD_TAfivCt3kqIQHnN6BgT8EDSQtKyJjcyg8&sai=AMfl-YT5pzg-zAySq5TL23rE9QA_EB6BJjMwTJGTxr7sEjb4UQU3KJlfqjZsmtd4x1KT7RyTqaNDmuZXdvVgiJQm27Vy4BffnL0DQ6GOSrdHGhdPsMxdbbIfWEeJippKHZc&sig=Cg0ArKJSzHRNIpoNF5DEEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 19:12:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Apr 2021 19:12:53 GMT

GET
DATA 200
OK truncated
/ Frame 4CF2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8492456ebe15e50098e48577a1e679d25f14b3a67f073896a6f245e5f707ffc2

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F029 0
0 86ms
73ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzY2iYIZgnsIMbPgY4RS-VcS7ua0anWmaoftsHHl0PPdiRvkEX-dMFx28K_OS6WitGwPBKi3KfNIJeZb0Uww8NRVFEkrcETj3eQIR3Kg4fnX3F7132yL9Y94jeHZxjbkSb_L5oZyo866v45M6tErePUhb1i2_BDxQQkC7_k6GkRpUFCgf2q5HBhmtfTpoi_AATA-bEXMVrDTSmza3hW9wOTN0prugivz-Wfr0BaeQPgaugDG29Qibw8Adq3QNFxg5jz5nd7eSDLPIui5-ZFCoPKihorEAjupXFXuiB8ZmmzGuEh_IZ2Pl1utu8QQ&sai=AMfl-YQ4sEXY2zSBiXOYK1pNnvjEAlfF2rPN30KohPqYQTXaS1JIWoMMqR34N7lDQ9ftAlVn-Ssz2eE63HJhTZucuMZOoIOJv6Dgcjh9FbvQNsf_6dnVP5RJ-M2WdK_DI_M&sig=Cg0ArKJSzEbvGDtESZwQEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 19:12:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Apr 2021 19:12:53 GMT

GET
DATA 200
OK truncated
/ Frame F029 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08c5a6af512b0a1e0bbd5fe06b023fdfe614a4335540a07a0f5c0a6eae9bd162

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1FFA 0
0 68ms
68ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXO_wdEuR5sMRTLRpwjACxypcaVeXIQFHuYXaniEBfLBNMZUx_Wbb8l2F119nte2P70_HRT2pCGki5EjLVL1oi30sWmgOvy2G7shxeBWScMv4Dwhe7sDoLoJUuSafrx7OBIAT83W2bzsAF_-tNHdMap2qSP3sBYJLsmX2fwRfs26J5IfFY7-aifb7BEU_9ROBo8jdE_Wv26dg9AAAHKfOg1CZjy7DBsg5hi0pr5hcJ-fE3SD21su0hX9gK97hG-4odKs0B4CpLlgclzOuRmO2LcTjCEcwGI4XlnZMdfBIc5lfk2EFCOwwyp125KblIGzwW&sai=AMfl-YTMmST9C0YdaCVuHUZnY0GUBH1iFCGAca-d-heDuKRyL_m0BW6CII_Z1FL2XVxGcnW0oFOTycchLd0FJl4pnpPvhYeyV8jUWySdhQuATV5_pjNcfYKSRvOg3qv7AN4&sig=Cg0ArKJSzHwW51uxbFaMEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 19:12:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Apr 2021 19:12:53 GMT

GET
DATA 200
OK truncated
/ Frame 1FFA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4be367d36388455c7814ca8741d1506e3c74f142c4949ae1e4976d8e314791a9

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 34C8 7 KB
1 KB 51ms
51ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6Ldtha8UAAAAACgsWFQdkpCpj-NQWGhYFtnpnxEM&cb=9kvdt9iq4pkj

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ba688bc8aaf01ce1ca24b9dedf36a345f287b56a08c6d46a2547b9f0be7c63f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZFP6zmX0semUa6FIUtNhRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6Ldtha8UAAAAACgsWFQdkpCpj-NQWGhYFtnpnxEM&cb=9kvdt9iq4pkj
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bigpicture.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bigpicture.net/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Apr 2021 19:12:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-ZFP6zmX0semUa6FIUtNhRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 34C8 51 KB
25 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6Ldtha8UAAAAACgsWFQdkpCpj-NQWGhYFtnpnxEM&cb=9kvdt9iq4pkj

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
age: 12538
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:43:55 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 34C8 334 KB
131 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&k=6Ldtha8UAAAAACgsWFQdkpCpj-NQWGhYFtnpnxEM&cb=9kvdt9iq4pkj

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 11:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26171
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133604
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 04:04:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 11:56:42 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 28ms
28ms Fetch
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 19:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 4949004360050638907
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 29 Apr 2021 19:12:54 GMT

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 682ms
141ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bigpicture.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 600
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Type: text/plain
Content-Length: 0
Date: Thu, 29 Apr 2021 19:12:54 GMT
Server: Apache

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
307 B 141ms
141ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

8f78cfd70561bfbb767311940126a4ccdfe36f1b955a5fd385df8617bca6417a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 29 Apr 2021 19:12:54 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 36ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdcc7a7f6d23a7d7f126c4c796df35d974bb1b7427e6223975f60192637fd3c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 19:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7047
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4CF2 42 B
64 B 54ms
41ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspcGlaeaE09LHWwRoqDVvLe4OT-DthR5XnBv1yazeLkadmnUqrotz2KT6Pazf90lQiwz7JyX1uRNVtzpG6GMTw7oO35X3IKJLZmbl5nKs&sig=Cg0ArKJSzGxNlmCBPtNIEAE&id=lidar2&mcvt=1013&p=903,1069,1503,1369&mtos=0,0,1013,1013,1013&tos=0,0,1013,0,0&v=20210428&bin=7&avms=nio&bs=1600,1200&mc=0.5&app=0&itpl=3&adk=3722502495&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619723572924&dlt=0&rpt=272&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 19:12:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F029 42 B
64 B 52ms
42ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9jqk6E4CbvbnGj4KipXsZaaX9VIozwzlP9BYgJnj-tV0FKimRy9GSrWBg0js0e91kdsiZ-6l3Us0y2L5_q8BzUS4aAhfMFKDQqXsnRnU&sig=Cg0ArKJSzEksn0XzuQutEAE&id=lidar2&mcvt=1016&p=0,315,90,1285&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20210428&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1233848927&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619723572921&dlt=0&rpt=283&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 19:12:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3-29 200 gpt.js
www.googletagservices.com/tag/js/ 0
0 30ms
14ms Fetch
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "857 / 999 of 1000 / last-modified: 1619694510"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21253
x-xss-protection: 0
expires: Thu, 29 Apr 2021 19:12:54 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060933

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 29 Apr 2021 19:12:54 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 41 KB
13 KB 25ms
6ms Script
text/javascript 2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: bigpicture.net
URL: https://bigpicture.net/users/attack-titan-season-4-episode-9-full-episodes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f55b80216d81f421d8da8c69ae09068b1231e4b0fb6d3912eae8d147b5232d9c

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RbvMQlISgmBBsnMKx1p.bqgidE6ZF3W8
Content-Encoding: gzip
ETag: "4748055dbdd5649bb8f3f2a9b89f85b1"
x-amz-request-id: 0TYC7TY00BPM4X39
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12978
x-amz-id-2: xC3iFrWUEgHG0SuvuCH6nQBOaU1a4splR14HQ6mRp3SvQuveQvqOiaFUYYgTfWzs3RoZtaGAtsk=
Last-Modified: Wed, 14 Apr 2021 13:35:10 GMT
Server: AmazonS3
Date: Thu, 29 Apr 2021 19:12:54 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2B44 12 KB
5 KB 12ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bigpicture.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bigpicture.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 29 Apr 2021 18:53:21 GMT
expires: Fri, 29 Apr 2022 18:53:21 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1173
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/4DX4R3Y2BFEZDFCDNYO7Y6/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

6ms
6ms

Script
application/javascript

2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8C_4p5S6NLuKOM2fXKpm7asomxwPn3IL
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: A6E4D842C4F3666B
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 1Pslf+Y9QwUHIZmwUo95w2CKA8MTrgZpbGBRFLUwAevxRDJ3euWTGuAJ2AJ78njOjdUd48ZsKSg=
Last-Modified: Tue, 19 Jan 2021 16:25:36 GMT
Server: AmazonS3
Date: Thu, 29 Apr 2021 19:12:54 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Thu, 29 Apr 2021 19:12:54 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/4DX4R3Y2BFEZDFCDNYO7Y6/YIFVWRU5YRFLVFJG27NJ7M/ 4 KB
2 KB 265ms
249ms Script
text/javascript 2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/4DX4R3Y2BFEZDFCDNYO7Y6/YIFVWRU5YRFLVFJG27NJ7M/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: bAD4EMlhUB3BsHbZvYLP80OmarxWRkDY
Content-Encoding: gzip
ETag: "33ed216ef4569e95a97e55fb39d91d38"
x-amz-request-id: ZMRCMPVKZF7YB4G7
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1800
x-amz-id-2: waEwGi+G22gE/KvTLQEuME5sgfDC8F/lfScnPFL9s+QYYxXILyNeE/kw4G4mPS2h4PvQSMUGRYI=
Last-Modified: Thu, 29 Apr 2021 06:08:38 GMT
Server: AmazonS3
Date: Thu, 29 Apr 2021 19:12:54 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/4DX4R3Y2BFEZDFCDNYO7Y6/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/4DX4R3Y2BFEZDFCDNYO7Y6?_s=ff3e8cee65b6d07f16d5f4a11460743a&_b=2
https://d.adroll.com/consent/check/4DX4R3Y2BFEZDFCDNYO7Y6/?_s=ff3e8cee65b6d07f16d5f4a11460743a&_b=2

385 B
477 B

57ms
51ms

Script
application/javascript

54.74.23.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/4DX4R3Y2BFEZDFCDNYO7Y6/?_s=ff3e8cee65b6d07f16d5f4a11460743a&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.23.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-23-153.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ff3b08c1ef887b1feeb4d6d74225ed4db5b94a6e71fe65795caa2f628cf5cf54

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:12:54 GMT
server: nginx/1.18.0
content-length: 385
content-type: application/javascript

Redirect headers

location: https://d.adroll.com/consent/check/4DX4R3Y2BFEZDFCDNYO7Y6/?_s=ff3e8cee65b6d07f16d5f4a11460743a&_b=2
date: Thu, 29 Apr 2021 19:12:54 GMT
server: nginx/1.18.0
content-length: 105

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1FFA 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueA8No0GHvSogXM-0cYGMiMn2qoFpg2QxkLFEoIoQzRRiMSJC7oAc9jMMPzOleskhMAJG96Ws_FEeM0vae243hC5qSpQCm2a7ARKsai1g&sig=Cg0ArKJSzGnjg-lLh6QQEAE&id=lidar2&mcvt=1011&p=271,1069,871,1369&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20210428&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1074950782&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619723572923&dlt=0&rpt=266&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 19:12:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B44 14 KB
6 KB 24ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 17:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 5124
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
expires: Fri, 29 Apr 2022 17:47:30 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
446 B 62ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042601&jk=3443936752896198&bg=!6eql6q7NAAZLnZBaS507ACkAdvg8WucwZ0XhGeoHWD2VqFl_TzGHJxdfiJgEu9ETgtolArHyH8IebwIAAACCUgAAAA1oAQcKAGhfQ0bi-G64TTzbwo5J1idF1u97_nSc4reMVw4gYocjkIdk2zLpNwDOaoxt_oh70Z7F6WqBFGTXu_pwryJ0J9OqLnWvFBtxOWf5pnEI6WE-aB1zqf4qB8vDNym0IVxfVodu9jewZbchTpkCGKTajxL4FYLFy0-Yyk3GLxkQdGrIGY1Jf-avj9mugPyFquBSKcKX5vtxwW7jo2fKabyV_y02oKJL4NSlCkbzVtqdpaBd2EjtP_qSXiZs-WR6UYaRPidVEAmEBq6Zav6aStbiBUkVrtcHLPiwRKblodZehDyM1r6TaEnbVt46QS5ZWTWWJFusWxeUYkeFB-im6cXT8TWebCl2zjtQAqJQ-746OYO81v4NbjTEhoe0d-D34piHGYOHdVIAitZ12nePRUPxbxxut5jTN_bCM7hwk-JDW6vYMswVVwOR2rV1j__SAqYh1O-DRKx3_mBKnhvQKxWwbmT7bBW8XLVMSteyZm_Y2xu7cddGGPam4OOKq_N3pOkiO6hHRF28CN_qgiT0FjgVmHrAG7ApRmxqvdSRjTc8wBJRZRxCCnN9_v7_Of3vufNlEUrYDkXYiZ5cxkqvY72orNREWdv9cnM7Nf3tvtM-JU6BFuVr1WFW5bp-yJ_XFoHWgpRN_fWKoaYQ5m9ebYi6Z80jcN7U0Vtw2T1Y8TuNUXVTbgJmi02kXrdJrq-eM8a7GbhFAqPkAR1pp0CiOLZA5DhFDP-dHJGVZtksBQJTFWtC2VyK8XUCMqAVfpH26QERuc7KFsQf53Y4TB-55D5PBozalBCwdt-znLb1ew7toVm57uFYGXE9po6VMDbzfvKCU6rR4uY2KY-xQsgnuw8WzyAqNPsV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 19:12:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 397 KB
55 KB 18ms
6ms Script
application/javascript 2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7sDcLvGKTPrh8xIq2f5DynXc_Mi9vQVX
Content-Encoding: gzip
ETag: "1f2c64002f8e1b6eb56c304c2e892afb"
x-amz-request-id: A69171E1B091337A
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 55575
x-amz-id-2: yoIlukz3YEvOBK1HxwlkbNJJLFooR6oknblZSheWVr9zxlfX0UE6Ma9blKUgz71LTXOgFW39Yjs=
Last-Modified: Mon, 07 Dec 2020 23:59:35 GMT
Server: AmazonS3
Date: Thu, 29 Apr 2021 19:12:54 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK favicon-32x32.png
nextroll.com/ 2 KB
2 KB 1153ms
173ms Image
image/png 54.235.108.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nextroll.com/favicon-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.108.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-108-207.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 19:12:55 GMT
Via: 1.1 vegur
Last-Modified: Tue, 27 Apr 2021 00:51:13 GMT
Server: Apache
Etag: "64f-5c0e9a8a74240"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1615

POST
H/1.1 200 p Show response
olytics.omeda.com/olytics/segments/ 762 B
1 KB 340ms
339ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

ad46b58b0d7e33df923b302027c60ce25f71f40562a05b08b6d1eaf6e6fce954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 29 Apr 2021 19:12:55 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 / Show response
olytics.omeda.com/olytics/segments/form/check/ 20 B
313 B 137ms
136ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/form/check/

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 29 Apr 2021 19:12:55 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 cswitch Show response
olytics.omeda.com/olytics/segments/ 86 B
379 B 139ms
139ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/cswitch

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

db3f8d5711b5e51d495a448ea0569bdf66ea2ad62edc9a7b18abda549e3d017f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bigpicture.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 29 Apr 2021 19:12:55 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 p
olytics.omeda.com/olytics/segments/ Frame 0
0 778ms
136ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bigpicture.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Thu, 29 Apr 2021 19:12:55 GMT
Server: Apache

OPTIONS
H/1.1 200 /
olytics.omeda.com/olytics/segments/form/check/ Frame 0
0 782ms
133ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/form/check/
Protocol: HTTP/1.1
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bigpicture.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Thu, 29 Apr 2021 19:12:55 GMT
Server: Apache

OPTIONS
H/1.1 200 cswitch
olytics.omeda.com/olytics/segments/ Frame 0
0 782ms
137ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/cswitch
Protocol: HTTP/1.1
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bigpicture.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Thu, 29 Apr 2021 19:12:55 GMT
Server: Apache

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bigpicture.net/	1970-01-20 02:40:59	Name: oly_anon_id Value: %22d915677b-258c-4154-86f9-18dea3ddc7ea%22
.bigpicture.net/	1970-01-20 11:26:35	Name: _ga Value: GA1.2.1501611605.1619723573
.bigpicture.net/	1970-01-20 02:40:59	Name: oly_enc_id Value: null
.bigpicture.net/	1970-01-20 03:16:59	Name: __gads Value: ID=72b62f7962d0ebf2-22a2cdadf6c700cf:T=1619723572:S=ALNI_MZFehe7F30Tss8gLLCcFDY_B2j4SQ
.bigpicture.net/	1970-01-19 17:55:23	Name: _gat Value: 1
.bigpicture.net/	1970-01-19 17:56:49	Name: _gid Value: GA1.2.868418421.1619723573

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://bigpicture.net/sites/default/files/js/js_BQBHaqlxAGzMRpU03pwDGuxiy_5zTttEn6OYl44bL7E.js(Line 38) Message: Browser width is between 980px and 1159px
console-api	log	URL: https://bigpicture.net/sites/default/files/js/js_BQBHaqlxAGzMRpU03pwDGuxiy_5zTttEn6OYl44bL7E.js(Line 38) Message: sample function is working
console-api	log	URL: https://bigpicture.net/sites/default/files/js/js_BQBHaqlxAGzMRpU03pwDGuxiy_5zTttEn6OYl44bL7E.js(Line 38) Message: Document Ready
console-api	log	URL: https://bigpicture.net/sites/default/files/js/js_BQBHaqlxAGzMRpU03pwDGuxiy_5zTttEn6OYl44bL7E.js(Line 38) Message: enter small-screen breakpoint
console-api	log	URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js(Line 46) Message: olytics fire called

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
assets.juicer.io
bigpicture.net
code.jquery.com
d.adroll.com
d.adroll.mgr.consensu.org
e8617e317d5cec4448c618f592524a91.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
nextroll.com
olytics.omeda.com
oqs.omeda.com
pagead2.googlesyndication.com
s.adroll.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.186.66
2001:4de0:ac18::1:a:2b
204.180.130.159
204.180.130.165
2606:4700:20::681a:d57
2a00:1450:4001:801::2003
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:829::2003
2a00:1450:400c:c00::9a
2a02:26f0:6c00::210:baab
54.235.108.207
54.74.23.153
74.121.193.66
0500476aa971006ccc469534de9c031aec62cbfe734edb449fa398978e1b2fb1
082870f056fca60cc0970ceedeaed31344e3897b8895383117ccfa4150d6e576
08c5a6af512b0a1e0bbd5fe06b023fdfe614a4335540a07a0f5c0a6eae9bd162
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e06b3b8ed8d91022c8192923eb0d0a913596d088312b8bdc0c3b6dd2361627a
23327e8f769ecb08b5479e9eeb49696ccae7f1a33bcbbc3b78cab6e0c40ba57e
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
28858865a537d43a070e45e7e3a024bbf3c39aca0d614e13ba98a6b840c6aea3
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
354043e4e6f0251e6e57d59a8f30b562f59dc6cb2ad47a4d38363c8cdf9cc4e4
38b73173ab77e5733c6a19e60efb65ab23bc8a9c584a761198234606ee167b71
3c5b6bb603a4f7556b94532674f3847b430b9495afbb3a4dcfe5ba718baa59ad
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
454e469f584d84800fbf5a4a4041660eff90f8ab6a7a52ba33c3f9725cad0370
4be367d36388455c7814ca8741d1506e3c74f142c4949ae1e4976d8e314791a9
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558
65609d41c0f157e31e3222874703753ee416002d1c14019d25731ffae5deb7b5
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a6c491f6e842a42eb973eeb3773b23eb5a07818c593db8b330fd8f1a3b4b2a5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71f6370ded0f5a997483bfe27e7f51d8f447ced88c5d27293115b5812147871f
72107f78d157f4a9feb82c3d4e05a7ae490db41d4cb8a82fcabc6b663fa8b33d
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
742e31da6a7a6d42bec34d380d68984209d15dd2a0d71340c0457e5d869e7140
75db69592337280529fdc6448185b1cb88a50dbe9b498718f45ba52907e8aba3
8492456ebe15e50098e48577a1e679d25f14b3a67f073896a6f245e5f707ffc2
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a
8c79f09d1e74eadaf897561f5d70265ed2884663d34ad9c4d7f2aebff3b85a6b
8f78cfd70561bfbb767311940126a4ccdfe36f1b955a5fd385df8617bca6417a
98190df3dbe81118cde191895dfbe06c5f0793670108bdeadd4df4d02d532542
9ad63e7a642eaccd5939a5372b9683a710eb4e501adbd9fe185ea87998110d4d
9add5ba237759d9ca358e691eb563b24c4bfabd7579bdc5e70c12be292d63cea
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a649642ea247c1e5ca5f713f8fa416c53c2b6175df13a996a6a10aaf2e5e86f4
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
ac474926f1b8ad8a7a17ea4b965a353805c66060fb1ec4e444c5028f54b5bdae
ad46b58b0d7e33df923b302027c60ce25f71f40562a05b08b6d1eaf6e6fce954
ad783a726274b4c25a25c9b96077b2d5d9512213e931c284af332aa8171a2102
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b27da639c863cee9cd70d9fce8c7ba26fcf4c1915a1afe0bce37520d6d18f89c
b97ff1109b709bf33a4a7593782b6f5f0fe56b3b46ef504dba244a9026c3fdbe
ba688bc8aaf01ce1ca24b9dedf36a345f287b56a08c6d46a2547b9f0be7c63f5
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bf40c262b047615208bc2d84984e7854b8a2ec9801f1c6e99c0b79a9f32380b5
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf
c9a09821fbb96fee7f89ef07769fbfb6eb8ba9eb31bdd16d2a3f71ea78d2a5a1
cdcc7a7f6d23a7d7f126c4c796df35d974bb1b7427e6223975f60192637fd3c8
d17c5960d10953cc9057006480986d62c352bfd9fa78db9cf222307b414bc747
d20c7339276da5a8f28f8cd5436015c702c02a7d028319fb810524fa69a94e35
db3f8d5711b5e51d495a448ea0569bdf66ea2ad62edc9a7b18abda549e3d017f
df365d08c727387b571d59655b485d3a58b1aa8742a1272ce36bc01a2d2403e8
e032c8e55b4b26c609faf703458a0ddbc952316a8bc421fb64e65d86df9e2c61
e3312d0c97a3d206cc02da170c4a412fe957e3fc33027533cadaf852293a83e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2554304acc687068f6dd84b750d742d1233e7ab21bf29837c68dfafc15dcc86
f55b80216d81f421d8da8c69ae09068b1231e4b0fb6d3912eae8d147b5232d9c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
ff3b08c1ef887b1feeb4d6d74225ed4db5b94a6e71fe65795caa2f628cf5cf54

bigpicture.net Open in urlscan Pro 74.121.193.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

92 Requests

97 %HTTPS

74 %IPv6

16 Domains

23 Subdomains

24 IPs

5 Countries

1920 kBTransfer

5139 kBSize

6 Cookies

10 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bigpicture.net Open in urlscan Pro
74.121.193.66 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

97 %
HTTPS

74 %
IPv6

16
Domains

23
Subdomains

24
IPs

5
Countries

1920 kB
Transfer

5139 kB
Size

6
Cookies

92 HTTP transactions
2 data transactions