fllwrs.com Open in urlscan Pro
107.170.36.69 Public Scan

URL:
http://fllwrs.com/
Submission: On March 06 via api (March 6th 2021, 11:28:45 am UTC) from SA

Summary HTTP 97 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 19 domains to perform 97 HTTP transactions. The main IP is 107.170.36.69, located in New York, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is fllwrs.com.

This is the only time fllwrs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	107.170.36.69 107.170.36.69	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 9	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
16	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	23.205.243.158 23.205.243.158	16625 (AKAMAI-AS) (AKAMAI-AS)
20	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	99.80.199.35 99.80.199.35	16509 (AMAZON-02) (AMAZON-02)
1 8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
97	20

3 107.170.36.69 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

fllwrs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 72.251.249.14 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vap1ams1.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

gslbeacon.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.243.158 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-243-158.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.199.35 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-199-35.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.137.69.120 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	471 KB
18	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	72 KB
11	lijit.com 1 redirects ap.lijit.com gslbeacon.lijit.com vap1ams1.lijit.com pxdrop.lijit.com	32 KB
7	ampproject.org cdn.ampproject.org	123 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	94 KB
4	googleapis.com fonts.googleapis.com	2 KB
4	googletagservices.com www.googletagservices.com	123 KB
4	google.com 1 redirects adservice.google.com www.google.com	726 B
3	fllwrs.com fllwrs.com	20 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	openx.net 2 redirects rtb.openx.net	763 B
2	google.de adservice.google.de	668 B
2	googleadservices.com partner.googleadservices.com	716 B
2	google-analytics.com www.google-analytics.com	17 KB
1	gemius.pl 1 redirects googlecm.hit.gemius.pl	324 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	456 B
1	everesttech.net 1 redirects pixel.everesttech.net	374 B
1	quantserve.com cms.quantserve.com	463 B
97	19

	Domain	Requested by
20	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net cdn.ampproject.org
16	pagead2.googlesyndication.com	fllwrs.com pagead2.googlesyndication.com ap.lijit.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	cm.g.doubleclick.net	1 redirects fllwrs.com googleads.g.doubleclick.net
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
7	ap.lijit.com	1 redirects fllwrs.com ap.lijit.com
5	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fllwrs.com	fllwrs.com
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	vap1ams1.lijit.com	fllwrs.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.google-analytics.com	fllwrs.com
1	googlecm.hit.gemius.pl	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	pxdrop.lijit.com	fllwrs.com
1	gslbeacon.lijit.com	ap.lijit.com
97	26

This site contains links to these domains. Also see Links.

Domain
fllwrs.freshdesk.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 14 frames:

Primary Page: http://fllwrs.com/
Frame ID: FEB49C6F010289DEA377D7A9FF7B1903
Requests: 16 HTTP requests in this frame

Frame: https://ap.lijit.com/sync
Frame ID: 90249DFD3479A7151790379A2212239A
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Frame ID: 98153FF01283BA9B453D72450576291F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7098019582&adk=4203217917&adf=3673058151&pi=t.ma~as.7098019582&w=300&lmt=1615030087&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615030087091&bpp=20&bdt=475&idt=83&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2804232628789&frm=20&pv=2&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QD9OFqT9SR&p=http%3A//fllwrs.com&dtd=126
Frame ID: 3D4E3320A69223D8FA3A253C435BB854
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=5851746840&adk=3459621094&adf=2970249784&pi=t.ma~as.5851746840&w=300&lmt=1615030087&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615030087112&bpp=2&bdt=497&idt=116&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2804232628789&frm=20&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ZPWuTYeGBr&p=http%3A//fllwrs.com&dtd=120
Frame ID: E2708DFCA707ED56866578238627F5B7
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&adk=1812271804&adf=3025194257&lmt=1615030087&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615030087115&bpp=1&bdt=500&idt=126&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=2804232628789&frm=20&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=131
Frame ID: 023E4204768352A66EBEF4F3202C8E3B
Requests: 1 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_168503_0e7676060d40449699bcbe6fd49d8f47&rand=4067&informer=9960408&type=fpads&loc=http%3A%2F%2Ffllwrs.com%2F&v=1.2
Frame ID: 2DB0012FDE883381CCDE0A4B0570B269
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125
Frame ID: E2CF726AB01B64FA7C9FE89A5C29AD22
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 00ADB814EB8D472D1DB384AD2D8B462C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 2BACE69DB1EA4A44618D0FF79A144213
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DE59DD44D42A6CF70E974403A48BE02D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
Frame ID: 8B0FADF5569051A6101AA1236881C1F8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js
Frame ID: E88A6AC968937C9F1E918267694623CE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: EDCAF15790AEE5A02DCB15F37D11091A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

97
Requests

94 %
HTTPS

52 %
IPv6

19
Domains

26
Subdomains

20
IPs

6
Countries

956 kB
Transfer

2478 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://fllwrs.freshdesk.com/
Title: help desk

Search URL Search Domain Scan URL

URL: http://www.facebook.com/fllwrs
Title: facebook page

Search URL Search Domain Scan URL

URL: http://twitter.com/_fllwrs
Title: @_fllwrs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250 HTTP 301
https://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250

Request Chain 4

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 5

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1448331547&utmhn=fllwrs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=fllwrs%20-%20keep%20track%20of%20who%20follows%20and%20unfollows%20you%20on%20twitter&utmhid=138066819&utmr=-&utmp=%2F&utmht=1615030086859&utmac=UA-19997787-1&utmcc=__utma%3D203250886.754607890.1615030087.1615030087.1615030087.1%3B%2B__utmz%3D203250886.1615030087.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1403790827&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1448331547&utmhn=fllwrs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=fllwrs%20-%20keep%20track%20of%20who%20follows%20and%20unfollows%20you%20on%20twitter&utmhid=138066819&utmr=-&utmp=%2F&utmht=1615030086859&utmac=UA-19997787-1&utmcc=__utma%3D203250886.754607890.1615030087.1615030087.1615030087.1%3B%2B__utmz%3D203250886.1615030087.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1403790827&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 80

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 83

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUIk-whRAXqUKd0PZ2cgmfqwUBtd9pq7WR9KglpkudWtGno_Pv6p4CBg9NZeFjR6goIC11M-oQPF1GJZiQkVu-EqpzkqQQ&google_gid=CAESEO0avwW_XpicPp32i2pVsHg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVOblNBQUFBRkFnQmh5YQ&google_push=AQvitUIk-whRAXqUKd0PZ2cgmfqwUBtd9pq7WR9KglpkudWtGno_Pv6p4CBg9NZeFjR6goIC11M-oQPF1GJZiQkVu-EqpzkqQQ

Request Chain 84

https://rtb.openx.net/sync/dds?google_gid=CAESEFQKV-DocDwEzZVdoJXP7h0&google_cver=1&google_push=AQvitUJQxdgjRMFF7D-pgFgQjQcWrKOVmVYSbp8IHK6aQmNhU0ZeS3XJFe9UnwMc0XeYYyPkx-1bHV-YYQo5xIUz_PZNijKLM0w HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEFQKV-DocDwEzZVdoJXP7h0&google_cver=1&google_push=AQvitUJQxdgjRMFF7D-pgFgQjQcWrKOVmVYSbp8IHK6aQmNhU0ZeS3XJFe9UnwMc0XeYYyPkx-1bHV-YYQo5xIUz_PZNijKLM0w&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJQxdgjRMFF7D-pgFgQjQcWrKOVmVYSbp8IHK6aQmNhU0ZeS3XJFe9UnwMc0XeYYyPkx-1bHV-YYQo5xIUz_PZNijKLM0w&google_hm=fVyo_6NfxOsgEIdJ_ORNig==

Request Chain 85

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBhafBajzc2OYuyBh95TeEs&google_cver=1&google_push=AQvitUJIfMyaWQH3NyjOKj8qjoe3gOrNmvwgcp7ZnuB7l-JQe9ptdI1Am4uFUzb8g77XiPVyJ5cTxlTkR6cXVsccXAOlKoCZHKM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBhafBajzc2OYuyBh95TeEs&google_cver=1&google_push=AQvitUJIfMyaWQH3NyjOKj8qjoe3gOrNmvwgcp7ZnuB7l-JQe9ptdI1Am4uFUzb8g77XiPVyJ5cTxlTkR6cXVsccXAOlKoCZHKM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=r2R12AYWTWC0InM45Zafaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJIfMyaWQH3NyjOKj8qjoe3gOrNmvwgcp7ZnuB7l-JQe9ptdI1Am4uFUzb8g77XiPVyJ5cTxlTkR6cXVsccXAOlKoCZHKM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=r2R12AYWTWC0InM45Zafaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJIfMyaWQH3NyjOKj8qjoe3gOrNmvwgcp7ZnuB7l-JQe9ptdI1Am4uFUzb8g77XiPVyJ5cTxlTkR6cXVsccXAOlKoCZHKM&google_tc=

Request Chain 86

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEPAJscCbH9ZQR-w_jSJlOQ&google_cver=1&google_push=AQvitUKcum9gLahNgjdx-p0I6cDXoGMD5rWZqKVC6zapb54XZhaVG3mAXwZFQW-CLVr093mJgobSC_JoF-4BZO0uX63eMPVRrSY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xYTjdSV00tOS1KMVg5&google_push=AQvitUKcum9gLahNgjdx-p0I6cDXoGMD5rWZqKVC6zapb54XZhaVG3mAXwZFQW-CLVr093mJgobSC_JoF-4BZO0uX63eMPVRrSY

Request Chain 87

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENU8JimFKc30DuTUquN6qrY&google_cver=1&google_push=AQvitUIByrsaqa6S5AUNxEja7e1Jl0QJ3N0oJBDHoFB-UAQxfHTVqQ8PY1Ic3VS_QbY8eCLHAkyixTOdy3yuFOFhZnIlB1r90tA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENU8JimFKc30DuTUquN6qrY&google_cver=1&google_push=AQvitUIByrsaqa6S5AUNxEja7e1Jl0QJ3N0oJBDHoFB-UAQxfHTVqQ8PY1Ic3VS_QbY8eCLHAkyixTOdy3yuFOFhZnIlB1r90tA&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YENnSBP4Pg64xLOu9CI9egAABHMAAAIB&google_gid=CAESENU8JimFKc30DuTUquN6qrY&google_cver=1&google_push=AQvitUIByrsaqa6S5AUNxEja7e1Jl0QJ3N0oJBDHoFB-UAQxfHTVqQ8PY1Ic3VS_QbY8eCLHAkyixTOdy3yuFOFhZnIlB1r90tA

Request Chain 88

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFRs9g339ku_qtxnEMtIcJ0&google_cver=1&google_push=AQvitUJHa5ELH9qcJ2tD3cJHnRuG9a0Oa5IC-tLGTPZRdF3fLZJ90R7kutX7XJs1Mhe7b8TiKszgyho8RllKe8R1wNrjF2rNCFdi HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJHa5ELH9qcJ2tD3cJHnRuG9a0Oa5IC-tLGTPZRdF3fLZJ90R7kutX7XJs1Mhe7b8TiKszgyho8RllKe8R1wNrjF2rNCFdi&google_hm=1hauyphhklghckbpywrqiwejptly

97 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
fllwrs.com/ 4 KB
2 KB 244ms
218ms Document
text/html 107.170.36.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://fllwrs.com/
Protocol: HTTP/1.1
Server: 107.170.36.69 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 83e5578ad7cbaa2edf1cc98a38a3c30066bd3b6051d300d9dbdd32a18db917a7

Request headers

Host: fllwrs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sat, 06 Mar 2021 11:28:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: fllwrs_sess=245b773fa37f4dba479f31f526c9a77c; expires=Sun, 07-Mar-2021 11:28:06 GMT; path=/
Content-Encoding: gzip

GET
H/1.1 200
OK css.css
fllwrs.com/assets/ 28 KB
6 KB 122ms
121ms Stylesheet
text/css 107.170.36.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://fllwrs.com/assets/css.css
Requested by: Host: fllwrs.com
URL: http://fllwrs.com/
Protocol: HTTP/1.1
Server: 107.170.36.69 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3b6c039bd159c7cd4069c94613e2b91c6eb0ea9ca38ce30d6a00f4afad77716

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:28:06 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Apr 2013 21:13:35 GMT
Server: nginx
ETag: W/"517304ff-7185"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK fllwrs-logo.png
fllwrs.com/assets/ 12 KB
12 KB 246ms
220ms Image
image/png 107.170.36.69
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fllwrs.com/assets/fllwrs-logo.png
Requested by: Host: fllwrs.com
URL: http://fllwrs.com/
Protocol: HTTP/1.1
Server: 107.170.36.69 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b51897307a1d7c8e9dbc0d68c0aef9371724b549bd47d46e8cf73f542ccce558

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:28:06 GMT
Last-Modified: Sat, 20 Apr 2013 21:13:35 GMT
Server: nginx
ETag: "517304ff-30b0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12464

GET
H/1.1

200
OK

fpi.js Show response
ap.lijit.com/www/delivery/
Redirect Chain

http://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250
https://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250

5 KB
3 KB

191ms
64ms

Script
text/javascript

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250
Requested by: Host: fllwrs.com
URL: http://fllwrs.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 11:28:07 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5f4932f3-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap1ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Location: https://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250
Content-length: 0

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
50 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fllwrs.com
URL: http://fllwrs.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 06 Mar 2021 11:28:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13215137272821469477
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 50479
X-XSS-Protection: 0
Expires: Sat, 06 Mar 2021 11:28:06 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: fllwrs.com
URL: http://fllwrs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6353
date: Sat, 06 Mar 2021 09:42:13 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 06 Mar 2021 11:42:13 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H3-Q050

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1448331547&utmhn=fllwrs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=fllwrs%20-...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1448331547&utmhn=fllwrs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=fllwrs%20...

35 B
378 B

38ms
24ms

Image
image/gif

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1448331547&utmhn=fllwrs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=fllwrs%20-%20keep%20track%20of%20who%20follows%20and%20unfollows%20you%20on%20twitter&utmhid=138066819&utmr=-&utmp=%2F&utmht=1615030086859&utmac=UA-19997787-1&utmcc=__utma%3D203250886.754607890.1615030087.1615030087.1615030087.1%3B%2B__utmz%3D203250886.1615030087.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1403790827&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: fllwrs.com
URL: http://fllwrs.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1448331547&utmhn=fllwrs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=fllwrs%20-%20keep%20track%20of%20who%20follows%20and%20unfollows%20you%20on%20twitter&utmhid=138066819&utmr=-&utmp=%2F&utmht=1615030086859&utmac=UA-19997787-1&utmcc=__utma%3D203250886.754607890.1615030087.1615030087.1615030087.1%3B%2B__utmz%3D203250886.1615030087.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1403790827&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame 9024 86 KB
20 KB 101ms
100ms Script
text/javascript 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/fpi.js?z=168503&width=300&height=250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 981a47bdf683f5af5ab3fbad953035c7335c5dbe1f3ff659ceb30bd9782c6cf4

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:28:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Aug 2020 16:38:47 GMT
Server: nginx
ETag: W/"5f493317-159f3"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap1ams1
Expires: Sun, 07 Mar 2021 11:28:07 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ 227 KB
85 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2539697311326124&plah=fllwrs.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87278
x-xss-protection: 0
server: cafe
etag: 4389487008424739880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 06 Mar 2021 11:28:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/ Frame 9815 11 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210303/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 05 Mar 2021 21:27:47 GMT
expires: Fri, 19 Mar 2021 21:27:47 GMT
content-type: text/html; charset=UTF-8
etag: 14371272352318978350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 5136
x-xss-protection: 0
age: 50420
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
258 B 66ms
66ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fllwrs.com&callback=_gfp_s_&client=ca-pub-2539697311326124

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2539697311326124&plah=fllwrs.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

62455a4ca2f232f694c208fff63fcfde9952b55fb3fdf5532a98fe704284fbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fllwrs.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 36ms
22ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fllwrs.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D4E 55 KB
20 KB 758ms
757ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7098019582&adk=4203217917&adf=3673058151&pi=t.ma~as.7098019582&w=300&lmt=1615030087&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615030087091&bpp=20&bdt=475&idt=83&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2804232628789&frm=20&pv=2&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QD9OFqT9SR&p=http%3A//fllwrs.com&dtd=126

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e03c4d49e0e369e182587b917141801a13e54d9df7bd883fcde7fd2c89556a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7098019582&adk=4203217917&adf=3673058151&pi=t.ma~as.7098019582&w=300&lmt=1615030087&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615030087091&bpp=20&bdt=475&idt=83&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2804232628789&frm=20&pv=2&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QD9OFqT9SR&p=http%3A//fllwrs.com&dtd=126
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Mar 2021 11:28:07 GMT
server: cafe
content-length: 20777
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 06-Mar-2021 11:43:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Mar 2021 11:28:07 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774803212306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:28:07 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E270 167 KB
20 KB 439ms
438ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=5851746840&adk=3459621094&adf=2970249784&pi=t.ma~as.5851746840&w=300&lmt=1615030087&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615030087112&bpp=2&bdt=497&idt=116&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2804232628789&frm=20&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ZPWuTYeGBr&p=http%3A//fllwrs.com&dtd=120

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31af78ccf5de9a0eaf9e5f6e0989e2eab4c77a323f573f9707349a7a18b2bb78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=5851746840&adk=3459621094&adf=2970249784&pi=t.ma~as.5851746840&w=300&lmt=1615030087&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615030087112&bpp=2&bdt=497&idt=116&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2804232628789&frm=20&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ZPWuTYeGBr&p=http%3A//fllwrs.com&dtd=120
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Mar 2021 11:28:07 GMT
server: cafe
content-length: 20005
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 06-Mar-2021 11:43:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Mar 2021 11:28:07 GMT
cache-control: private

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame 9024 158 B
549 B 66ms
64ms Script
application/x-javascript 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=168503&tid=c682e44618f74178b466d8068e24a45da608aa0a&mode=1&dmn=fllwrs.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 4d6a70b42e361bb2a4f8969606487cd1d5929bbae9cd7b80a355bab5601d3f5e

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:28:07 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 145

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 023E 0
161 B 16ms
16ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&adk=1812271804&adf=3025194257&lmt=1615030087&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615030087115&bpp=1&bdt=500&idt=126&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=2804232628789&frm=20&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=131

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2539697311326124&output=html&adk=1812271804&adf=3025194257&lmt=1615030087&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615030087115&bpp=1&bdt=500&idt=126&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=2804232628789&frm=20&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=131
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 06 Mar 2021 11:28:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 06-Mar-2021 11:43:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Mar 2021 11:28:07 GMT
cache-control: private

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame 9024 1 KB
1 KB 143ms
143ms Script
application/x-javascript 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=168503&tid=a_168503_0e7676060d40449699bcbe6fd49d8f47&cb=undefined&mode=1&flv=0.0.0&ifr=true&od=fllwrs.com&time=11%3A28%3A07&fd=1&be=sf&loc=http%3A%2F%2Ffllwrs.com%2F&orig_loc=http%3A%2F%2Ffllwrs.com%2F&abf=true&dpz=false&cv=undefined&dop=1&ndw=1&spif=true&btid=a_168503_0e7676060d40449699bcbe6fd49d8f47
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 60ff90e766973683360fe0cfd8f7b14155ed1b47e2b966e596ebb00009627830

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:28:07 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 711

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9024 97 KB
35 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/sync

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e09250d511edfe656fb5c533905329f2177ffd89809b7f90bacc21ed58f2f779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 06 Mar 2021 11:28:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 3018423530453600169
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 35339
X-XSS-Protection: 0
Expires: Sat, 06 Mar 2021 11:28:07 GMT

GET
H/1.1 204
No Content beacon
gslbeacon.lijit.com/ Frame 2DB0 0
0 167ms
54ms Document
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://gslbeacon.lijit.com/beacon?viewId=a_168503_0e7676060d40449699bcbe6fd49d8f47&rand=4067&informer=9960408&type=fpads&loc=http%3A%2F%2Ffllwrs.com%2F&v=1.2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: gslbeacon.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://fllwrs.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

Server: nginx
Date: Sat, 06 Mar 2021 11:28:07 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap5ams1

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame 9024 47 KB
5 KB 68ms
67ms Script
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=168503&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e6a33797b34bc82549e2765bf53a7f31aa0587f2e0ae1dc56a99817db6ede238

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 11:28:07 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap1ams1
Content-Type: application/json
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK impression
vap1ams1.lijit.com/addelivery/ Frame 9024 43 B
567 B 185ms
58ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap1ams1.lijit.com/addelivery/impression?i_data=7_q3-B8GyNHIFPW848hBbB435xfwQT3_5LB3c08RZD2FUlVEzZ5tYgZeeQVykUnf6ro2DaOTUpt2A_TBOder7mkxgTBMgtFMcIz537z8j5Na1TFY09gGKtVzGhR7F9KjeOMzE8nG_s5SNSTokX6JLIwLQTwfaqWYboj0-6i5YHLB_Iz5m7clQ3Tgprvx2DP8ICM23y5eSOLRcudptLkalTJLEuaqhTYG48FWCcCnpX1ZNYeAPKHVEv7n6p8OrsgpQYjD4nTlCHZAtmAm_OZ1sXxpRFK4W4zF-IysZbeLc3H2DXgUDpheh_gmRWZymqD2vKIG_MxmK5Rm&bannerid=20358&campaignid=232&endpoint=WATERFALL&zoneid=168503&tid=a_168503_0e7676060d40449699bcbe6fd49d8f47
Requested by: Host: fllwrs.com
URL: http://fllwrs.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 11:28:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK fp
vap1ams1.lijit.com/data/ Frame 9024 43 B
210 B 193ms
67ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap1ams1.lijit.com/data/fp?tid=a_168503_0e7676060d40449699bcbe6fd49d8f47&zoneid=168503&starttime=1615030087236&adcfg=4&adcfg_response=78&addelivery=87&addelivery_response=231&lgfired=239&beacon=242&container=245&EOL=246&ctstart=0&elapsed_ms=246
Requested by: Host: fllwrs.com
URL: http://fllwrs.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / podlogging
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:28:07 GMT
Server: nginx
X-Sovrn-Pod: ad_ap1ams1
X-Powered-By: podlogging
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ Frame 9024 227 KB
85 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2539697311326124&plah=fllwrs.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87278
x-xss-protection: 0
server: cafe
etag: 4389487008424739880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 06 Mar 2021 11:28:07 GMT

GET
H/1.1 204
No Content t.dhj Show response
pxdrop.lijit.com/1/d/ Frame 9024 0
604 B 118ms
90ms Script
application/javascript 23.205.243.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://pxdrop.lijit.com/1/d/t.dhj?dmn=fllwrs.com&GDPR_v2=undefined

Requested by

Host: fllwrs.com
URL: http://fllwrs.com/

Protocol

HTTP/1.1

Server

23.205.243.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-243-158.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:28:07 GMT
X-Content-Type-Options: nosniff
Edge-Log-Var: 2!z!c026!null!pxdrop.lijit.com!%2f1%2fd%2ft.dhj!&GDPR_v2=undefined!block_code=EEA
X-Robots-Tag: noindex, nofollow
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Cache-Control: private, max-age=3600
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
Expires: Sat, 06 Mar 2021 12:28:07 GMT

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame 9024 43 B
210 B 71ms
70ms Image
image/gif 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_168503_0e7676060d40449699bcbe6fd49d8f47&zoneid=168503&cid=18&geo=PL&all_tags=203%2C234%2C248%2C383%2C388%2C458%2C462%2C465%2C490%2C494%2C501%2C503%2C512%2C515%2C519%2C520%2C539%2C541%2C561%2C563%2C565%2C576%2C580%2C582%2C584%2C586%2C589%2C590&tss=94&fired_tags=590&count=1&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C32%2C32%2C8%2C32%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1&elapsed_ms=95
Requested by: Host: fllwrs.com
URL: http://fllwrs.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / podlogging
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 11:28:07 GMT
Server: nginx
X-Sovrn-Pod: ad_ap1ams1
X-Powered-By: podlogging
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 9024 12 B
458 B 140ms
77ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fllwrs.com&callback=_gfp_s_&client=ca-pub-2539697311326124&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9024 107 B
503 B 18ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fllwrs.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9024 107 B
123 B 17ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fllwrs.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E2CF 73 KB
24 KB 435ms
434ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e871eb4c0f7bbbf9cb1e6e856909fb722c35c6d4a6e0814897b5d99712e5e6ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Mar 2021 11:28:08 GMT
server: cafe
content-length: 24828
x-xss-protection: 0
set-cookie: IDE=AHWqTUl_It291BaUpawrtFF2ZrVKb7bcvN-DEw2QeSCSueJds-hCOL6Hx_--eQSTKVY; expires=Thu, 31-Mar-2022 11:28:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Mar 2021 11:28:08 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9024 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b75935bf5cd443bbcad490f7dabbe6e223a6b4c5e9cf70b728c2114671a88d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6463
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9024 74 KB
28 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774803212306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:28:07 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9024 17 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:28:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:28:07 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame E270 185 KB
53 KB 33ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=5851746840&adk=3459621094&adf=2970249784&pi=t.ma~as.5851746840&w=300&lmt=1615030087&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615030087112&bpp=2&bdt=497&idt=116&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2804232628789&frm=20&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ZPWuTYeGBr&p=http%3A//fllwrs.com&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 165893
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 13:23:14 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 00AD 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 06 Mar 2021 09:01:59 GMT
expires: Sun, 06 Mar 2022 09:01:59 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8768
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E270 12 KB
5 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 165893
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 13:23:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E270 87 KB
27 KB 26ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 165893
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 13:23:14 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E270 70 KB
16 KB 28ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 90116
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16397
x-xss-protection: 0
server: sffe
date: Fri, 05 Mar 2021 10:26:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2ccf127281514232"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Mar 2022 10:26:11 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E270 3 KB
1 KB 22ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 165893
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 13:23:14 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E270 40 KB
13 KB 24ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 165893
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Thu, 04 Mar 2021 13:23:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 13:23:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E270 664 B
451 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Mar 2021 09:29:23 GMT
server: ESF
date: Sat, 06 Mar 2021 11:28:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Mar 2021 11:28:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E270 2 KB
619 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Mar 2021 11:27:05 GMT
server: ESF
date: Sat, 06 Mar 2021 11:28:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Mar 2021 11:28:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E270 2 KB
619 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

527973c772e1e36060d372d6cdb00e4d6643ba81b37d23498588193504ab3a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Mar 2021 09:43:36 GMT
server: ESF
date: Sat, 06 Mar 2021 11:28:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Mar 2021 11:28:07 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E270 2 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 11110
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 07 Mar 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E270 295 B
389 B 9ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 43396
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 06 Mar 2021 23:24:51 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame E270 0
162 B 46ms
44ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cw_D7R2dDYLybD4iq-wb15pygCuyZoKdg35fR6sIL-uvS4LIBEAEgqYmbAmCViriCyAegAan1iIMDyAEJqQLfZU8CzPuzPqgDAcgDCKoEtQFP0E5sXbEzO-Q_Xn3ukQwN6faMU9O2a1qDoPP3gU7FDHQB9bG1uilGjkkUi5vn-AJ2nGPk-Jcyd-340_HRN9dIG9p1I_Pt5xojFZ6NpekE0LtgxNLmd116bBnKoWxiYJRa5znErtjoM5QtGKI92qsJ3EEnqeW5muhnWQjldpYpdnpE53XNEJXWLW9ItEAfKF-gdGH3ndKcobMv1P50o04DFiYEE4EgFeOd2M4ZIb2EiRU8pfdmwASAitzA3wKSBQQIBBgBkgUECAUYBKAGLoAHv4r3fKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBRD8trUB0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTI1Mzk2OTczMTEzMjYxMjQ&sigh=6YsXNiMlsdg&template_id=419&tpd=AGWhJmv0kZq2ecAzufEk_iKp0FaVMSLFW5qUezkdptk1lytvSQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=5851746840&adk=3459621094&adf=2970249784&pi=t.ma~as.5851746840&w=300&lmt=1615030087&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615030087112&bpp=2&bdt=497&idt=116&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2804232628789&frm=20&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ZPWuTYeGBr&p=http%3A//fllwrs.com&dtd=120
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 06 Mar 2021 11:28:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:28:07 GMT

GET
DATA 200
OK truncated
/ Frame E270 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd14c5d7a9ede413c8c9691f3b3461f2b4e8f885dcd32841c81a36fb683704e7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 3f13ec716138759d9bbd59b5fea9ce78.jpg
tpc.googlesyndication.com/sadbundle/14977493727944846073/images/ Frame E270 25 KB
25 KB 11ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14977493727944846073/images/3f13ec716138759d9bbd59b5fea9ce78.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8895283309d9e72688ce6ebb6b35835712fcb902f476b3266b96fab529c8693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 07:08:55 GMT
x-content-type-options: nosniff
age: 15552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25187
x-xss-protection: 0
last-modified: Sat, 28 Mar 2020 11:40:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Mar 2022 07:08:55 GMT

GET
H3-Q050 200 e21f7a9970fc995ebe0d76657fc3ce07.png
tpc.googlesyndication.com/sadbundle/14977493727944846073/images/ Frame E270 3 KB
3 KB 16ms
8ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14977493727944846073/images/e21f7a9970fc995ebe0d76657fc3ce07.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1181828d52c65a2032755afd6ecf67fd33c010a77cdf5d5d6f41826c5b80b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 01:20:35 GMT
x-content-type-options: nosniff
age: 209252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2821
x-xss-protection: 0
last-modified: Sat, 28 Mar 2020 11:40:26 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Mar 2022 01:20:35 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame E270 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75db69592337280529fdc6448185b1cb88a50dbe9b498718f45ba52907e8aba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 09:24:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:38 GMT
server: sffe
age: 180232
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15088
x-xss-protection: 0
expires: Fri, 04 Mar 2022 09:24:15 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame E270 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 12:56:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 167496
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 04 Mar 2022 12:56:31 GMT

GET
H3-Q050 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame E270 23 KB
23 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 04:06:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 199293
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 04 Mar 2022 04:06:34 GMT

GET
H3-Q050 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012101070013000/ 20 KB
8 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-host-v0.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa6baeae3cb3f5723d40c311888b0da77590b8dc1353c5c7c6e944e7f6c346ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 348101
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7295
x-xss-protection: 0
server: sffe
date: Tue, 02 Mar 2021 10:46:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f6fcef8ec3898355"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 10:46:26 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E270 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 08:22:57 GMT
x-content-type-options: nosniff
server: cafe
age: 11110
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 07 Mar 2021 08:22:57 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E270 295 B
320 B 11ms
11ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Mar 2021 23:24:51 GMT
x-content-type-options: nosniff
server: cafe
age: 43396
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 06 Mar 2021 23:24:51 GMT

GET
H3-Q050 200 QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 00AD 14 KB
5 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 58419
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5600
x-xss-protection: 0
expires: Sat, 05 Mar 2022 19:14:28 GMT

GET
H3-Q050 200 14053574117839953549
tpc.googlesyndication.com/simgad/ Frame 3D4E 68 KB
68 KB 13ms
12ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14053574117839953549

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7098019582&adk=4203217917&adf=3673058151&pi=t.ma~as.7098019582&w=300&lmt=1615030087&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615030087091&bpp=20&bdt=475&idt=83&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2804232628789&frm=20&pv=2&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QD9OFqT9SR&p=http%3A//fllwrs.com&dtd=126

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

660d9b43ff8d8da6573a7579757dd2a1af5081893eda1f1318c375712e974a3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 16:51:37 GMT
x-content-type-options: nosniff
age: 326191
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69248
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 16:14:44 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 16:51:37 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 3D4E 18 KB
7 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:25:54 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 3D4E 3 KB
2 KB 20ms
11ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:27:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:27:37 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D4E 110 KB
33 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:28:08 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 3D4E 14 KB
6 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6140
x-xss-protection: 0
server: cafe
etag: 17031075750977984330
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:27:54 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 3D4E 26 KB
11 KB 19ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 06:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10963
x-xss-protection: 0
server: cafe
etag: 5048180228173261443
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 06:59:51 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3D4E 0
0 51ms
47ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmeVpR2dDYJ37DoL-zQbbrIz4D7O-6dth-KiQlckN2dkeEAEgqYmbAmCViriCyAegAZyv-6gCyAEDqAMByAPJBKoEpwFP0G3Ez5CD9AIOnWOFZzThKarOhBhtBllAwBEg6R5OHZJHy-a7CoTHpz7OMoZZQqreBoz9IB0N3kM721uj8cYQWUi_F6a8mv8w814WNM-XJcV9KzJAOqW4IrP2WKoP2Vmi99NDHwn1a_VTUoL-i8oaGfwUKD9pc8kXqcHawNs9tDJdYcUsnQAONvBY87GxcwlV_UK3ktEPlJ2xGB06IDoruWq4d7iDdMAElqW52q8DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgOAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJr9NdIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0yNTM5Njk3MzExMzI2MTI0&sigh=cXwtasu4Jt8&tpd=AGWhJmtV-eelflZWuqX9l619ZeoAArQSVl5unJuGaD_-Mu5uOA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7098019582&adk=4203217917&adf=3673058151&pi=t.ma~as.7098019582&w=300&lmt=1615030087&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615030087091&bpp=20&bdt=475&idt=83&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2804232628789&frm=20&pv=2&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QD9OFqT9SR&p=http%3A//fllwrs.com&dtd=126
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 06 Mar 2021 11:28:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2BAC 143 B
169 B 7ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7098019582&adk=4203217917&adf=3673058151&pi=t.ma~as.7098019582&w=300&lmt=1615030087&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615030087091&bpp=20&bdt=475&idt=83&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2804232628789&frm=20&pv=2&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QD9OFqT9SR&p=http%3A//fllwrs.com&dtd=126
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl_It291BaUpawrtFF2ZrVKb7bcvN-DEw2QeSCSueJds-hCOL6Hx_--eQSTKVY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7098019582&adk=4203217917&adf=3673058151&pi=t.ma~as.7098019582&w=300&lmt=1615030087&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615030087091&bpp=20&bdt=475&idt=83&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2804232628789&frm=20&pv=2&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QD9OFqT9SR&p=http%3A//fllwrs.com&dtd=126

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 06 Mar 2021 10:34:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3215
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3D4E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f145f124f18ca512554c1d2df603e116d5d2f0998798ca3f9d112af3e75dc36c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame E2CF 4 KB
685 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Mar 2021 11:26:19 GMT
server: ESF
date: Sat, 06 Mar 2021 11:28:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Mar 2021 11:28:08 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame E2CF 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:27:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:27:18 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame E2CF 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 2412555088240638002
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:25:54 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame E2CF 3 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:27:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:27:37 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2CF 110 KB
33 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:28:08 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame E2CF 14 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6140
x-xss-protection: 0
server: cafe
etag: 17031075750977984330
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Mar 2021 11:27:54 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame E2CF 0
0 16ms
13ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS15tv4rdlubHs3-U3KQ1Uma0cQjcVXkSOEiqHlEQa1wxNY6gJBY_d7f32B1W_5Y1LAycOJ11_Ywt_qfCY_Tx1W6q2akg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame E2CF 26 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 14:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 07:11:17 GMT
server: sffe
age: 75482
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Thu, 03 Jun 2021 14:30:06 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12932000509767338009/ Frame E2CF 13 KB
13 KB 13ms
8ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12932000509767338009/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1836f89bb7a73057159737ff31dbeaed9bd5e6a585f0d76d8224718c7323ac1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 11:44:45 GMT
x-content-type-options: nosniff
age: 344603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13499
x-xss-protection: 0
last-modified: Wed, 05 Aug 2020 12:53:33 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Mar 2022 11:44:45 GMT

GET
DATA 200
OK truncated
/ Frame E2CF 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame E2CF 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CInE4R2dDYP_fJ4P3zQaf7ovoAdm8-_hg3N-u0-EN2qy-vYwOEAEgqYmbAmCViriCyAegAYeiqdwCyAEJqAMByAPLBKoEsAFP0ARNuMk8akldQyEFTNMUwuenlKp-EKA7bmPfFO6eCmlv-x20kbcsW4s18fu16WvkEuIb-G8OnPn0dWYkc-RAQL9SU6cOaQF4xbYEauXAq8hmJ312qEcYcfE691To9EnskbuiT6G96BFIOzPvEKKL3tgZJvhEYx1Hfq0t4QT0xn5hwe2Jborc_qX1dkrN69FALNdSk7lsNZlX0A23wwRSbCUc8htPugY1vcr7eKO8GsAE66uY3I8DkgUECAQYAZIFBAgFGASgBi6AB9j9-N0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOPAEdIICQiA4YAQEAEYH4AKAcgLAdgTDIgUAdAVAYAXAbIXGgoYCAASFHB1Yi0yNTM5Njk3MzExMzI2MTI0&sigh=p3f5pEIaMtA&template_id=5000&tpd=AGWhJms2MVyi2Fj6Rd_AS-tY34eClnomHdLbP8A6FtsO3SUFkA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 06 Mar 2021 11:28:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DE59 1 KB
854 B 8ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 06 Mar 2021 03:14:09 GMT
expires: Sun, 07 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 29639
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E2CF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d05abd0360a8040decfe2b5118d887ef0e645b1f5d872c466ef8e5cd44499f62

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E2CF 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 406829
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:27:39 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E2CF 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 405381
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 01 Mar 2022 18:51:47 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2BAC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

40ms
39ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl_It291BaUpawrtFF2ZrVKb7bcvN-DEw2QeSCSueJds-hCOL6Hx_--eQSTKVY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 06 Mar 2021 11:28:08 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 06-Mar-2021 12:28:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Mar 2021 11:28:08 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 06 Mar 2021 11:28:08 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B0F 14 KB
5 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 58420
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5600
x-xss-protection: 0
expires: Sat, 05 Mar 2022 19:14:28 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame DE59 35 B
463 B 32ms
11ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFE7t0gKUOGDK1K3_0hN8mI&google_cver=1&google_push=AQvitULH69K7mGGG-jstLmXm8jabWh5vRz9WJBMU1xzTXc6-dkM2f_ZlNJ9Iy7D8d5m0X52m8jTvSiVZF2z9WN-Lr8OSXYL3j20

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame DE59
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUIk-whRAXqUKd0PZ2cgmfqwUBtd9pq7WR9Kglp...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVOblNBQUFBRkFnQmh5YQ&google_push=AQvitUIk-whRAXqUKd0PZ2cgmfqwUBtd9pq7WR9KglpkudWtGno_Pv6p4CBg9NZeFjR6goIC11M-oQPF1GJZiQkVu-EqpzkqQQ

170 B
484 B

112ms
58ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVOblNBQUFBRkFnQmh5YQ&google_push=AQvitUIk-whRAXqUKd0PZ2cgmfqwUBtd9pq7WR9KglpkudWtGno_Pv6p4CBg9NZeFjR6goIC11M-oQPF1GJZiQkVu-EqpzkqQQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUVOblNBQUFBRkFnQmh5YQ&google_push=AQvitUIk-whRAXqUKd0PZ2cgmfqwUBtd9pq7WR9KglpkudWtGno_Pv6p4CBg9NZeFjR6goIC11M-oQPF1GJZiQkVu-EqpzkqQQ
Date: Sat, 06 Mar 2021 11:28:08 GMT
Server: Apache
Connection: keep-alive
Content-Length: 389
Content-Type: text/html; charset=iso-8859-1

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame DE59
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEFQKV-DocDwEzZVdoJXP7h0&google_cver=1&google_push=AQvitUJQxdgjRMFF7D-pgFgQjQcWrKOVmVYSbp8IHK6aQmNhU0ZeS3XJFe9UnwMc0XeYYyPkx-1bHV-YYQo5xIUz_PZNijKLM0w
https://rtb.openx.net/sync/dds?google_gid=CAESEFQKV-DocDwEzZVdoJXP7h0&google_cver=1&google_push=AQvitUJQxdgjRMFF7D-pgFgQjQcWrKOVmVYSbp8IHK6aQmNhU0ZeS3XJFe9UnwMc0XeYYyPkx-1bHV-YYQo5xIUz_PZNijKLM0w&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJQxdgjRMFF7D-pgFgQjQcWrKOVmVYSbp8IHK6aQmNhU0ZeS3XJFe9UnwMc0XeYYyPkx-1bHV-YYQo5xIUz_PZNijKLM0w&google_hm=fVyo_6NfxOsgEIdJ_ORNig==

170 B
213 B

2032ms
2032ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJQxdgjRMFF7D-pgFgQjQcWrKOVmVYSbp8IHK6aQmNhU0ZeS3XJFe9UnwMc0XeYYyPkx-1bHV-YYQo5xIUz_PZNijKLM0w&google_hm=fVyo_6NfxOsgEIdJ_ORNig==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:08 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJQxdgjRMFF7D-pgFgQjQcWrKOVmVYSbp8IHK6aQmNhU0ZeS3XJFe9UnwMc0XeYYyPkx-1bHV-YYQo5xIUz_PZNijKLM0w&google_hm=fVyo_6NfxOsgEIdJ_ORNig==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: sbi5flkoj650dv5n8ucogurudn4pmac7

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame DE59
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=r2R12AYWTWC0InM45Zafaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=r2R12AYWTWC0InM45Zafaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

51ms
51ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=r2R12AYWTWC0InM45Zafaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJIfMyaWQH3NyjOKj8qjoe3gOrNmvwgcp7ZnuB7l-JQe9ptdI1Am4uFUzb8g77XiPVyJ5cTxlTkR6cXVsccXAOlKoCZHKM&google_tc=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=r2R12AYWTWC0InM45Zafaw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJIfMyaWQH3NyjOKj8qjoe3gOrNmvwgcp7ZnuB7l-JQe9ptdI1Am4uFUzb8g77XiPVyJ5cTxlTkR6cXVsccXAOlKoCZHKM&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 650
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame DE59
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEPAJscCbH9ZQR-w_jSJlOQ&google_cver=1&google_push=AQvitUKcum9gLahNgjdx-p0I6cDXoGMD5rWZqKVC6zapb54XZhaVG3mAXwZFQW-CLVr093mJgob...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xYTjdSV00tOS1KMVg5&google_push=AQvitUKcum9gLahNgjdx-p0I6cDXoGMD5rWZqKVC6zapb54XZhaVG3mAXwZFQW-CLVr093mJgobSC_JoF-4BZO0uX63eMPVRrSY

170 B
190 B

116ms
59ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xYTjdSV00tOS1KMVg5&google_push=AQvitUKcum9gLahNgjdx-p0I6cDXoGMD5rWZqKVC6zapb54XZhaVG3mAXwZFQW-CLVr093mJgobSC_JoF-4BZO0uX63eMPVRrSY

Requested by

Host: fllwrs.com
URL: http://fllwrs.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S0xYTjdSV00tOS1KMVg5&google_push=AQvitUKcum9gLahNgjdx-p0I6cDXoGMD5rWZqKVC6zapb54XZhaVG3mAXwZFQW-CLVr093mJgobSC_JoF-4BZO0uX63eMPVRrSY
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame DE59
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENU8JimFKc30DuTUquN6qrY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENU8JimFKc30DuTUquN6qrY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YENnSBP4Pg64xLOu9CI9egAABHMAAAIB&google_gid=CAESENU8JimFKc30DuTUquN6qrY&google_cver=1&google_push=AQvitUIByrsaqa6S5AUNxEja7e1Jl0QJ3N0oJ...

170 B
190 B

2039ms
2039ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YENnSBP4Pg64xLOu9CI9egAABHMAAAIB&google_gid=CAESENU8JimFKc30DuTUquN6qrY&google_cver=1&google_push=AQvitUIByrsaqa6S5AUNxEja7e1Jl0QJ3N0oJBDHoFB-UAQxfHTVqQ8PY1Ic3VS_QbY8eCLHAkyixTOdy3yuFOFhZnIlB1r90tA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 11:28:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YENnSBP4Pg64xLOu9CI9egAABHMAAAIB&google_gid=CAESENU8JimFKc30DuTUquN6qrY&google_cver=1&google_push=AQvitUIByrsaqa6S5AUNxEja7e1Jl0QJ3N0oJBDHoFB-UAQxfHTVqQ8PY1Ic3VS_QbY8eCLHAkyixTOdy3yuFOFhZnIlB1r90tA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Sat, 06 Mar 2021 11:28:08 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame DE59
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFRs9g339ku_qtxnEMtIcJ0&google_cver=1&google_push=AQvitUJHa5ELH9qcJ2tD3cJH...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJHa5ELH9qcJ2tD3cJHnRuG9a0Oa5IC-tLGTPZRdF3fLZJ90R7kutX7XJs1Mhe7b8TiKszgyho8RllKe8R1wNrjF2rNCFdi&google_hm=1hauyphhklghckbpy...

170 B
190 B

126ms
60ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJHa5ELH9qcJ2tD3cJHnRuG9a0Oa5IC-tLGTPZRdF3fLZJ90R7kutX7XJs1Mhe7b8TiKszgyho8RllKe8R1wNrjF2rNCFdi&google_hm=1hauyphhklghckbpywrqiwejptly

Requested by

Host: fllwrs.com
URL: http://fllwrs.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:08 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUJHa5ELH9qcJ2tD3cJHnRuG9a0Oa5IC-tLGTPZRdF3fLZJ90R7kutX7XJs1Mhe7b8TiKszgyho8RllKe8R1wNrjF2rNCFdi&google_hm=1hauyphhklghckbpywrqiwejptly
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Fri, 05 Mar 2021 11:28:08 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DE59 0
236 B 171ms
59ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KCExGvatNfeZ6vyxUwZ-8QVOzqrGq2_L09DbC_X0QCPCc-0DV2lm1pz5DjynfjlS6DBPB_RQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:28:08 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js Show response
pagead2.googlesyndication.com/bg/ Frame E88A 14 KB
5 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=7642897688&adk=249844711&adf=2696324440&pi=t.ma~as.7642897688&w=300&lmt=1615030087&url=http%3A%2F%2Ffllwrs.com%2F&ea=0&flash=0&wgl=1&dt=1615030087501&bpp=17&bdt=440&idt=102&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd5719471ec576bee-229f843201a70011%3AT%3D1615030087%3ART%3D1615030087%3AS%3DALNI_Ma9Y-JL7Y65SXo9bfLPv7e6rF2WDA&correlator=2804232628789&frm=23&ife=1&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=693241341&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=330&ady=322&biw=1600&bih=1200&isw=300&ish=250&ifk=3969492067&scr_x=0&scr_y=0&eid=44736525%2C21066922&oid=3&pvsid=971183182803702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.vztzb2fkvzi5&fsb=1&dtd=125

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 58420
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5600
x-xss-protection: 0
expires: Sat, 05 Mar 2022 19:14:28 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fe65509fa3a370bb7899c73a949b36d6e1bfc444979db3eef37e389c5ed6f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6597
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 06 Mar 2021 11:28:08 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame EDCA 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fllwrs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fllwrs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 06 Mar 2021 09:01:59 GMT
expires: Sun, 06 Mar 2022 09:01:59 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8769
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9024 0
46 B 42ms
41ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=971183182803702&bg=!QUKlQgHNAAWsVXnBrDsAKQB2-DxadIlJRhtZdpN5o8TOT1maz3GyqRy_KDNyxFqKq1lgPcurM9qJAgAAA4FSAAAAD2gBBwoA51_p0AyMdUPKQXZfCOoQKDt66VSpHbu65hyuu6SOMcJt9koV8m2hC1vfqW9GxI0Tlr_a1VwYQM6DCKPFbPxlBySB872rhdTezG04ShIlO7oQZQU6FcKgkIAlOY8urWrlQjg7PZb1eP4NFxUFwZlAKeUPm6n2VBzVz1H2I7cEctibe2lTEpfDznP1UcnfOeRSeg9rwEFgpr0BT0qH9X9APTb8GsiGfiNsRu063lB9PGjMisIVlSJpvEWyK2GbLZMGgR8mw4R-TKl5AV_MsM1jng6fROVgi3Xnew-kFgxdCtTuEPAINcf0-pkCF1pjz-ao0RxPUuAVYmGDmZBqtmkdAJKPcgp2TJonP4-syBUP7puv-Q1v6dGsyFLrr8UBEIn0zJRt8a1UTAQsRjvkI984sfLPeOc2zCv5gPtNfUbRisBhO967inxycudgbB-AP5rIL1Kp66KnUiYH-YaF1LFnKNxUzZ8OF0psXnDTjbufyAOkNn5f9po6b5qPmQZ-90P0-dZy6GhPnPTF4zzjC16HxUiLN1XHfySX0dd3k5lR4rfCRbYJNJE0IwWWi7Ga82VTY7rkAHUiyGZMd04VY6AZfTQ6mR9DWH9W2IT80-SvtikoWUfVhhPfTexqGH36OgX_cC-vVIF5CH6FoNF6s2crmwPkJH-Ux-z5oqQdKJ2slAK8xNLlZDKobHZvS5Ha56J4IFDm5Ridz1bcy3bAOV_2qksTQxsJ43NwbR7-wGKVf-rwe2YvGm2s2MmmeCT_cvNlNBwhEnYHnzUTmx9K-2nNUeiXac1cVWiDLC8tN6MHIX_m69dzidShXzY2BtXHmDn9HkwZq2cBUu-5AUm9i6val7E7DtJl37xWknS9AFTSI6ZlTCDP2AZ0Ncs8bhuscioJr6nMp_FoQygq4rfKHDXBrqdADBJckeVFFeiXtmlJMJzNoCc-LU7-TZsgREX_-wThvVAnT6u55GBHjv31ZmThMleoCSRnakehgZDf0YqIrKigvKAeFBs-PcVXPPouz5kE6yo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js Show response
pagead2.googlesyndication.com/bg/ Frame EDCA 14 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWXpP8FLyYCGlxnPzoMr5rJIAXavW_gIWeGSjtejoMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 19:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 58420
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5600
x-xss-protection: 0
expires: Sat, 05 Mar 2022 19:14:28 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E270 42 B
94 B 40ms
40ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssh4-wYtJexbisKyaC1JkQyll92TdE1XrKfjPavr_gO-m1leermRHmv_ZPA_BOPwK8YnebwrVO19ljXfbCmkawNmaqXTgmjAuUGT-zaq7yAU5GfTXtMX6xWrh5ROw&sai=AMfl-YTv1E2x9UYo6E7dN5nGC3d9F-96QujZOH-UsfwmMRwRZEZEftMrAyjLSfeYR-9JxDl9i3Yi2cvzGHIC&sig=Cg0ArKJSzDuS0SAZjVLKEAE&id=ampim&o=970,322&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1007&mtos=0,0,1007,1007,1007&tos=0,0,1007,0,0&tfs=216&tls=1223&g=100&h=100&tt=1224&r=v&avms=ampa&adk=3459621094

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=3735904011687848&bg=!dnWldTbNAAWsVXnBrDsAKQB2-DxabRgsTkxvd8MJgDxFHXBbj8aE_zyNQqwjHZZQOgElx1gFIFaRAgAAALBSAAAAEGgBBwoBhKbgamI7dlSyJ-2WK4jnDpdeymejRXXyHh0NqY7EppAAgCapPLxepgs-RYDHxQVeEQw6xrDgRasYBepo_BJLQOpUMTo3womYlEsLW3Y6rnNUPabzMGTgkIwVSqk4j0q9OHEQyWczB5pRPt0gpSdQFMx0taNeZtHJkY3B88kQnqKu6UDmk2zXaIeiJKeU6bB8M8o2-F-8rLIci6ev7deUir1qNDgmWfSsT5AnWjB_KKAs0FQAOGk1Ay8_qT24UsbX8y2GkFSjnOrAWD8DyRXb9rBTf3l4bSzjUsOInHc64ztuqxhsd5B14_o6XQ5uaqcQ3UQBSOEUXL3dVQuM_C1DyhAkJhXmFPekthXQRJSIMLJq7BX2qVtCmuIf3KbPWkCjPhnL6wG-2rAsf46CedWcrvQkP84Z4F9a9BWHzLkZTcD-BSZlOKjy92v28ma6ILKQE1PV3leNMarme8OPIDM4yYg-Wy60knWdWlxiMcsbNuo4ZtDWlVnLvYjYPZ9Y3V8pXUGZIFeZAhEdBldtrYHvp2p72nKG5F8TBTdYwCLDNjukQIoJztx7IyTskDj8CyjPUIkkgr3-yYm4nnUGNT56vUKbc0hnktAHulz5kxZg-riUuhEmIPvVGsj4GY8cfP9IpwteDtV8pp8gPui9f8nbTe_u6ZpszmpLC7TJpQ4KFnterUW0lYKVrpbdNRBQQ0h_ALXx1_vDXfTxFfafR4s1R-yC9wneX02KXriq9iqquNVrg4WAKht65KKsPuZADjwo-u73uGD1t1GF94K07quICA2yc0dl2J84LZ0kiPn4VUglkr07vWnSeA4n3TUJxBwMdxxzaapGgcupTD1_sLzpRqHFbCmX9urGgRKTvQEzdanibCEzm3NbkLpmOWsCHqPsgdshZ48c9J3CEtbSAe3G2gLNEAfjOnfGytCnLyzeluTEEuGklJX258sL0MVhMVHYRg_SsW0PG5LlRiPtw8vFdnVi5ZHYucvSE6dYq12Lcz05vo3Ja6OQhLD1I5QqeLFlmtyJDflxFV6idEowHoEP3AtSnYF1dXhC7iql5qUTF6Ne31u5vvNBwDBGrMoXjNGkSUitAZuBGpyQc4T92Q-5yk9QXoIpNdz-6UyGanD0ynAxCjszdd2SdELPlq1wRYEwrpEl5EDP7sjDAXhrK6LSOZs4fNUFAAOXpUCyh59tR4PGuEX7FtK3sEC0Rv53VvWMhVZ7Wa3r4SA4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fllwrs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3D4E 42 B
89 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTLtiXOsQWYf1G39unEJXW30euWb16dVWdVkzv7ymAv3sxS5GkS80-7EUzATOoyr3VcJwKkMl5NJ-vWtPOFHRmtm1kA3MvjYVVFagvx63JwSVxZGWR76W80v2lSw&sai=AMfl-YQWXw5psWe7VpRW83Mfxd03bbb5wogNJl4cUW4vOc7s7pc7s4iMx1rxcUL6JmzywVMQywsTQFMGE_0I&sig=Cg0ArKJSzHkChQSvbIrhEAE&id=osdim&mcvt=1005&p=322,650,572,950&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4203217917&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615030087224&dlt=764&rpt=64&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E2CF 42 B
66 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJzEf8_4XL90Y0cpyjU4kotRDtwNg2PnQ0yjEFB5SUAOeWaDHy4GKVbNADKPS95LE6zRwVgGcoypisoAq92-QUF9gVXizRlaUrwGuV47ITTgXi7ok-bRjIlUU9-A&sai=AMfl-YRi2mJ8VxnS6UOl1sCOQERCCcYRqyOu6xPvj6XA5_AqbDbslqYq-MdkvXY2zjKboh_f715_DS3OpLP6TZnnUO4P968mStKLLZPz408T85q-QvQrbZmUjTC5R3FR&sig=Cg0ArKJSzMBk2cOBuRcBEAE&cid=CAASF-Ro5KU4uzaN12vis0IUnqwK0-iptyp2&id=osdim&mcvt=1015&p=0,0,250,300&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=249844711&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615030087639&dlt=516&rpt=60&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 11:28:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2539697311326124&output=html&h=250&slotname=5851746840&adk=3459621094&adf=2970249784&pi=t.ma~as.5851746840&w=300&lmt=1615030087&psa=0&format=300x250&url=http%3A%2F%2Ffllwrs.com%2F&flash=0&wgl=1&dt=1615030087112&bpp=2&bdt=497&idt=116&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2804232628789&frm=20&pv=1&ga_vid=754607890.1615030087&ga_sid=1615030087&ga_hid=138066819&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=322&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21069710&oid=3&pvsid=3735904011687848&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=ZPWuTYeGBr&p=http%3A//fllwrs.com&dtd=120

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ap.lijit.com
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
fllwrs.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
gslbeacon.lijit.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
pxdrop.lijit.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
vap1ams1.lijit.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
107.170.36.69
142.250.185.226
142.250.186.66
185.64.190.78
2.18.234.21
216.52.2.48
23.205.243.158
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2004
35.186.253.211
69.173.144.139
72.251.249.14
79.137.69.120
99.80.199.35
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1836f89bb7a73057159737ff31dbeaed9bd5e6a585f0d76d8224718c7323ac1c
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6
31af78ccf5de9a0eaf9e5f6e0989e2eab4c77a323f573f9707349a7a18b2bb78
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
4165e93fc14bc980869719cfce832be6b2480176af5bf80859e1928ed7a3a0c3
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b9b5737c8859fa4566da81b0d34c3084f0d83ee7dc2ac8afab3c4ed45685d9a
4d6a70b42e361bb2a4f8969606487cd1d5929bbae9cd7b80a355bab5601d3f5e
4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
527973c772e1e36060d372d6cdb00e4d6643ba81b37d23498588193504ab3a38
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
60ff90e766973683360fe0cfd8f7b14155ed1b47e2b966e596ebb00009627830
62455a4ca2f232f694c208fff63fcfde9952b55fb3fdf5532a98fe704284fbe6
660d9b43ff8d8da6573a7579757dd2a1af5081893eda1f1318c375712e974a3b
758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4
75db69592337280529fdc6448185b1cb88a50dbe9b498718f45ba52907e8aba3
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e5578ad7cbaa2edf1cc98a38a3c30066bd3b6051d300d9dbdd32a18db917a7
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8fe65509fa3a370bb7899c73a949b36d6e1bfc444979db3eef37e389c5ed6f63
981a47bdf683f5af5ab3fbad953035c7335c5dbe1f3ff659ceb30bd9782c6cf4
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3b6c039bd159c7cd4069c94613e2b91c6eb0ea9ca38ce30d6a00f4afad77716
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b51897307a1d7c8e9dbc0d68c0aef9371724b549bd47d46e8cf73f542ccce558
b75935bf5cd443bbcad490f7dabbe6e223a6b4c5e9cf70b728c2114671a88d22
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
cd14c5d7a9ede413c8c9691f3b3461f2b4e8f885dcd32841c81a36fb683704e7
d05abd0360a8040decfe2b5118d887ef0e645b1f5d872c466ef8e5cd44499f62
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
e03c4d49e0e369e182587b917141801a13e54d9df7bd883fcde7fd2c89556a28
e09250d511edfe656fb5c533905329f2177ffd89809b7f90bacc21ed58f2f779
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a33797b34bc82549e2765bf53a7f31aa0587f2e0ae1dc56a99817db6ede238
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
e871eb4c0f7bbbf9cb1e6e856909fb722c35c6d4a6e0814897b5d99712e5e6ae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1181828d52c65a2032755afd6ecf67fd33c010a77cdf5d5d6f41826c5b80b76
f145f124f18ca512554c1d2df603e116d5d2f0998798ca3f9d112af3e75dc36c
f8895283309d9e72688ce6ebb6b35835712fcb902f476b3266b96fab529c8693
fa6baeae3cb3f5723d40c311888b0da77590b8dc1353c5c7c6e944e7f6c346ac

fllwrs.com Open in urlscan Pro 107.170.36.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

97 Requests

94 %HTTPS

52 %IPv6

19 Domains

26 Subdomains

20 IPs

6 Countries

956 kBTransfer

2478 kBSize

0 Cookies

3 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fllwrs.com Open in urlscan Pro
107.170.36.69 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

94 %
HTTPS

52 %
IPv6

19
Domains

26
Subdomains

20
IPs

6
Countries

956 kB
Transfer

2478 kB
Size

0
Cookies

97 HTTP transactions
4 data transactions