urlscan.io logo urlscan.io
SecurityTrails logo

www.imgburn.com Open in urlscan Pro
144.217.253.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.imgburn.com/index.php?act=installation_complete
Effective URL: https://www.imgburn.com/index.php?act=installation_complete
Submission: On August 29 via api from DE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 3 countries across 21 domains to perform 160 HTTP transactions. The main IP is 144.217.253.21, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is www.imgburn.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 3rd 2023. Valid for: 3 months.
This is the only time www.imgburn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 144.217.253.21 16276 (OVH)
1 69.16.175.10 20446 (STACKPATH...)
33 142.251.40.226 15169 (GOOGLE)
9 31.13.71.7 32934 (FACEBOOK)
4 72.21.91.66 15133 (EDGECAST)
2 142.251.40.232 15169 (GOOGLE)
9 142.251.40.98 15169 (GOOGLE)
2 104.244.42.200 13414 (TWITTER)
11 142.251.41.1 15169 (GOOGLE)
6 8 142.250.80.2 15169 (GOOGLE)
6 10 192.40.39.223 27381 (CASALE-MEDIA)
5 7 68.67.160.186 29990 (ASN-APPNEX)
2 23.215.130.168 20940 (AKAMAI-ASN1)
23 142.251.32.102 15169 (GOOGLE)
4 142.250.80.66 15169 (GOOGLE)
2 34.233.238.237 14618 (AMAZON-AES)
2 52.20.97.221 14618 (AMAZON-AES)
8 34.117.228.201 396982 (GOOGLE-CL...)
2 104.17.24.14 13335 (CLOUDFLAR...)
2 142.251.40.170 15169 (GOOGLE)
6 142.251.40.131 15169 (GOOGLE)
1 31.13.71.36 32934 (FACEBOOK)
1 31.13.80.12 32934 (FACEBOOK)
1 142.250.72.100 15169 (GOOGLE)
160 25
28    144.217.253.21 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns541007.ip-144-217-253.net
www.imgburn.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
33    142.251.40.226 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
pagead2.googlesyndication.com
partner.googleadservices.com
www.googletagservices.com
9    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
4    72.21.91.66 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    142.251.40.232 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f8.1e100.net
ssl.google-analytics.com
9    142.251.40.98 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
googleads.g.doubleclick.net
2    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
11    142.251.41.1 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f1.1e100.net
tpc.googlesyndication.com
8    142.250.80.2 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
cm.g.doubleclick.net
10    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
7    68.67.160.186 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    23.215.130.168 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-215-130-168.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
23    142.251.32.102 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f6.1e100.net
s0.2mdn.net
4    142.250.80.66 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
googleads4.g.doubleclick.net
2    34.233.238.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-238-237.compute-1.amazonaws.com
tracker.samplicio.us
2    52.20.97.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-97-221.compute-1.amazonaws.com
vid1051.d41.co
8    34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com
rtb0.doubleverify.com
tps.doubleverify.com
rtbc-ue1.doubleverify.com
tpsc-ue1.doubleverify.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    142.251.40.170 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f10.1e100.net
fonts.googleapis.com
6    142.251.40.131 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net
fonts.gstatic.com
1    31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com
www.facebook.com
1    31.13.80.12 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-yyz1.fbcdn.net
scontent-yyz1-1.xx.fbcdn.net
1    142.250.72.100 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
41 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
408 KB
28 imgburn.com
www.imgburn.com
70 KB
23 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 328
292 KB
21 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
cm.g.doubleclick.net — Cisco Umbrella Rank: 242
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371
105 KB
10 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 511
rtb0.doubleverify.com — Cisco Umbrella Rank: 793
tps.doubleverify.com — Cisco Umbrella Rank: 521
rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 2398
tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 1513
206 KB
10 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594
7 KB
8 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 821
scontent-yyz1-1.xx.fbcdn.net — Cisco Umbrella Rank: 40004
158 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
5 KB
6 gstatic.com
fonts.gstatic.com
93 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1014
syndication.twitter.com — Cisco Umbrella Rank: 1273
150 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
67 KB
2 d41.co
vid1051.d41.co — Cisco Umbrella Rank: 14508
1 KB
2 samplicio.us
tracker.samplicio.us — Cisco Umbrella Rank: 2106
605 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 222
113 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 483
17 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
88 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
15 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1120
333 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 736
33 KB
160 21
Domain Requested by
30 pagead2.googlesyndication.com www.imgburn.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
28 www.imgburn.com 1 redirects www.imgburn.com
23 s0.2mdn.net www.imgburn.com
s0.2mdn.net
11 tpc.googlesyndication.com googleads.g.doubleclick.net
www.imgburn.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
7 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
7 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
6 fonts.gstatic.com fonts.googleapis.com
4 googleads4.g.doubleclick.net www.imgburn.com
4 platform.twitter.com www.imgburn.com
platform.twitter.com
2 tpsc-ue1.doubleverify.com cdn.doubleverify.com
2 rtbc-ue1.doubleverify.com cdn.doubleverify.com
2 tps.doubleverify.com cdn.doubleverify.com
2 fonts.googleapis.com s0.2mdn.net
2 cdnjs.cloudflare.com s0.2mdn.net
2 rtb0.doubleverify.com cdn.doubleverify.com
2 vid1051.d41.co googleads.g.doubleclick.net
2 tracker.samplicio.us googleads.g.doubleclick.net
2 cdn.doubleverify.com www.imgburn.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 syndication.twitter.com platform.twitter.com
www.imgburn.com
2 ssl.google-analytics.com www.imgburn.com
2 connect.facebook.net www.imgburn.com
connect.facebook.net
1 www.google.com tpc.googlesyndication.com
1 scontent-yyz1-1.xx.fbcdn.net www.facebook.com
1 www.facebook.com connect.facebook.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 code.jquery.com www.imgburn.com
160 30
Subject Issuer Validity Valid
imgburn.com
cPanel, Inc. Certification Authority		 2023-08-03 -
2023-11-01		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-07 -
2023-09-05		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-31 -
2024-01-30		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.samplicio.us
Amazon RSA 2048 M01		 2022-11-16 -
2023-12-15		 a year crt.sh
*.d41.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-21 -
2024-03-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 17 frames:

Primary Page: https://www.imgburn.com/index.php?act=installation_complete
Frame ID: B736534BB4840DFC5D4B38BDD352F91E
Requests: 43 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.imgburn.com
Frame ID: 26C27A047DC70BF657099DFBFB623108
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Frame ID: 36FAE7A974D86E17BED92017D87B044E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=15&slotname=2600873847&adk=2038149097&adf=861312774&pi=t.ma~as.2600873847&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894840&bpp=240&bdt=206&idt=454&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&correlator=6339338955503&frm=20&pv=2&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HXSy7mbjkG&p=https%3A//www.imgburn.com&dtd=484
Frame ID: ACFC806DA2E6FB0D58C7E7A76FD5460D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=600&slotname=8247945657&adk=386267200&adf=1084831798&pi=t.ma~as.8247945657&w=160&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894846&bpp=236&bdt=212&idt=487&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=118&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mPUpxSqOW9&p=https%3A//www.imgburn.com&dtd=500
Frame ID: 98EA06154827C16767DE3B9608D90B3C
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=90&slotname=7670992764&adk=3136083826&adf=3911310050&pi=t.ma~as.7670992764&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894968&bpp=115&bdt=334&idt=383&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847%2C8247945657&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=553&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wD6OOAlKAz&p=https%3A//www.imgburn.com&dtd=392
Frame ID: 20ADB99BB5D00616AD3FDBEF2036491F
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&adk=1812271804&adf=3025194257&lmt=1693338095&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&ea=0&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312895126&bpp=3&bdt=492&idt=240&shv=r20230828&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2600873847%2C8247945657%2C7670992764&nras=1&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=261
Frame ID: 9F607D46F2782523059D591277DE9DBC
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: CE7850F0BA2B92494F725A2019E24A80
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIY8_au8QEwAQ&v=APEucNVCBmiN8qeuR1mIs0HWjVuwK9h1XYdQ-bdsj2AKCsGdn0DMy5rTYERC5qiLF1NZlvje8KjZ5k8J3oiVZlh5q_FLq5A54Q
Frame ID: 9B9B4C2CE3D18C2C63A6E80BC14A6054
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIYn5mv8QEwAQ&v=APEucNXu4pXxCydRGwSRMpsyhi7idC0TVjJ52RfEO5BTt5QOw2HlITWjf5SgnrLZNsSxtukXivPB_Q3O4zOpchOXkZ0hUjXYwg
Frame ID: AA45A212D0F23BCF43D794729C56E98D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 93710832D77EAF84E8AF775AE2E6F9B3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
Frame ID: 3092C0CE9A533D0234034C81F41A28F7
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 944726B176699AE7FEF4E85B563265EA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Frame ID: B3D32A961806E12926F8B91CC8553523
Requests: 16 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d744f68d585dc%26domain%3Dwww.imgburn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.imgburn.com%252Ff1ec7a11d7c6af4%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FImgBurn%2F214193761928924&locale=en_US&sdk=joey&show_faces=false&stream=false&width=180
Frame ID: 110B2B4CD4D146BC0C0B4EF895540960
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C83A71C5C77EE788976024AFB55C2DDB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 84AF092206A601DA92F5FB755DC04FB3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Official ImgBurn Website

Page URL History Show full URLs

  1. http://www.imgburn.com/index.php?act=installation_complete HTTP 301
    https://www.imgburn.com/index.php?act=installation_complete Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

160
Requests

95 %
HTTPS

0 %
IPv6

21
Domains

30
Subdomains

25
IPs

3
Countries

1824 kB
Transfer

5047 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.imgburn.com/index.php?act=installation_complete HTTP 301
    https://www.imgburn.com/index.php?act=installation_complete Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2ypUva2Yf8xEHYLtZw9jQ&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2ypUva2Yf8xEHYLtZw9jQ&google_cver=1&C=1
Request Chain 63
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO3nf9eVSz55en8YDuFYKAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1
Request Chain 64
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELbiplSeSlxa42S432ulwUg&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELbiplSeSlxa42S432ulwUg%26google_cver%3D1
Request Chain 65
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1ODU4NzA1Nzk5MDg4NzI0NA%3D%3D
Request Chain 69
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1&C=1
Request Chain 70
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO3nf9eVSz55en8YDuFYKAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1
Request Chain 71
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELbiplSeSlxa42S432ulwUg&google_cver=1
Request Chain 72
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQyNDM5MjcyMzM5MzYxNTU0Ng%3D%3D

160 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.imgburn.com/
Redirect Chain
  • http://www.imgburn.com/index.php?act=installation_complete
  • https://www.imgburn.com/index.php?act=installation_complete
18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
4b9e9b63816c81258931956a81cd4a03439017fd0c8f4f29f64167f6c65a047c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 29 Aug 2023 12:41:34 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
267
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 29 Aug 2023 12:41:34 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.imgburn.com/index.php?act=installation_complete
Server
Apache
default.css
www.imgburn.com/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.imgburn.com/css/default.css
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
9217b4f3f43e3a4686bcde329f2bbc4ecdb7efbc4aa2af3e544ce98bbf38bacf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 13 Jun 2013 08:02:10 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2361
jquery-1.11.1.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.1.min.js
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://www.imgburn.com/
Origin
https://www.imgburn.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:34 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:01 GMT
server
nginx
etag
W/"62f659d5-1762a"
surrogate-control
max-age=315360000;hw-h2proxy
vary
Accept-Encoding
x-hw
1693312894.cdn4-pxy210-yyz02.tr2.evs,1693312894.cds008.tr2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000,public
accept-ranges
bytes
content-length
33202
cookieAlert.js
www.imgburn.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.imgburn.com/js/cookieAlert.js
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
2e6c6fbaa22611f8c7ca79db04c84f1d42123e7100cd796f669341abd1ba0c0c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Tue, 29 Jan 2013 15:15:07 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1877
logo.png
www.imgburn.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/logo.png
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
6669319df8337d661291bd53d55194e641451ea7844d724b74223fafa49d55dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:54:45 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6174
ddigest_230.png
www.imgburn.com/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/ddigest_230.png
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
f092b9753e893c2cec10b5c9361dcbb6d54bac1e91c755b6efec6608527c0674

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Fri, 10 Aug 2007 11:22:54 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
13387
spacer.gif
www.imgburn.com/images/ 		43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/spacer.gif
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:55:49 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
43
navigationbar_left.gif
www.imgburn.com/images/ 		650 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/navigationbar_left.gif
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
9853c108e9edbaf92a99a84d6a2f5c14ef2d3d42a261e10ed11f6447728fabfb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:54:55 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
650
navigationbar_right.gif
www.imgburn.com/images/ 		649 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/navigationbar_right.gif
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
709f99ffaad4389d0c20264789a77cf39e9b97cc835b5d100150a75693121c8b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:55:01 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
649
show_ads.js
pagead2.googlesyndication.com/pagead/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
dd2210e5557969b599853e3608fc2229c117c5924e34a6ec6eae05ba4682356b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7890
x-xss-protection
0
server
cafe
etag
671114152238852135
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:41:34 GMT
titlebar_left.gif
www.imgburn.com/images/ 		843 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/titlebar_left.gif
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
b80c64c1ac8f55500b76cb6b15a2df506ce9e6d10295c25d322d77fd3a28d64a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:55:51 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
843
titlebar_logo.gif
www.imgburn.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/titlebar_logo.gif
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
9854c17b5120c23f852dc1d4bce066a527d5a5a0a52ed80988ca0ae84010ba2c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:55:52 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1144
titlebar_right.gif
www.imgburn.com/images/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/titlebar_right.gif
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
0941f710568921801462e05fe1361e9a5997b8b6b7b05cfdd237418df34dc7cb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:55:54 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
832
paypal.gif
www.imgburn.com/images/ 		857 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/paypal.gif
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
5bc1c3f12817995ae13efa46ab18a273304d703a7058f28e8912b8c0373486dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:55:04 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
857
flag_usd.png
www.imgburn.com/images/ 		609 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/flag_usd.png
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Fri, 09 Apr 2010 14:34:16 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
609
flag_gbp.png
www.imgburn.com/images/ 		599 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/flag_gbp.png
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Fri, 09 Apr 2010 14:34:16 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
599
flag_eur.png
www.imgburn.com/images/ 		479 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/flag_eur.png
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
75bd9bf0f8d27cff7b8005c1a1808d75923ab1ee606f7220b4b35616e3e5a8ad

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Fri, 09 Apr 2010 14:34:15 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
479
ddigest_130.png
www.imgburn.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/ddigest_130.png
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
4722e924735b58f39ac0a3c55729b4296af857871b1b8b9bfd41b76c2c9116d4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Fri, 10 Aug 2007 11:22:52 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
4025
award_betanews.png
www.imgburn.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/award_betanews.png
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
cf4a74833bd4342242b2070117adef83478d99089f8c862d91607ed5f128bd4f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:54:26 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
6109
award_majorgeeks_certified.png
www.imgburn.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/award_majorgeeks_certified.png
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
2183232ebccb9bfc99400afbc36867dc7f30dfe56769ed4fa77e658c0a2c1f5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Tue, 07 Dec 2010 13:20:48 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
6681
award_softpedia_pick.png
www.imgburn.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/award_softpedia_pick.png
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
a95cc0201c6489b1864618962521ffbd1840bad283d8b9287c3afce9243c7579

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Wed, 17 Mar 2010 14:01:14 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4829
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
843e1cb488da2ab89dfaea18ebc447ba54e29c4106506980006f9590d49eb517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Aug 2023 12:41:34 GMT
content-md5
4D5/sisy741IMGdHB9NXMQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-debug
dytiePqfBsimOfSly3EH/u3Z/k5kW48jwNba7R+yUVzZtD0C1jRd+yaeECOn4wz6cNeZcWjVhFhMbvu5SidsFA==
x-fb-content-md5
ee3ce3215a415633a0171e0f242f4882
cross-origin-opener-policy
same-origin-allow-popups
etag
"34233e9d2feb17c52cb551ea5b5e6aa8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:48:41 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.21.91.66 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (cha/81BD) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Content-Encoding
gzip
Age
1024
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (cha/81BD)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
footerbar_left.gif
www.imgburn.com/images/ 		129 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/footerbar_left.gif
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
96d9bcc207eb270d935826c6c0b0d1fbfc8710e24bc25e28da24ed689c6c3279

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:54:37 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
129
footerbar_middle.gif
www.imgburn.com/images/ 		91 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/footerbar_middle.gif
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
b27549963419c16d7f9d1d211cd40e7891b414350f282e63f66a13c5386dfc08

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:54:38 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
91
footerbar_right.gif
www.imgburn.com/images/ 		129 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/footerbar_right.gif
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
0b143c641aaf926fbb1defb2265069a0da0e3e560977e437fce8ed0a998b1287

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:54:39 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
129
ub_offer.css
www.imgburn.com/css/ 		657 B
897 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.imgburn.com/css/ub_offer.css
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
46536fdf0a92c9cf204628be890a76f6a7d14cf083c67a517a8141435d23e74f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Mon, 15 Mar 2010 22:02:38 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
657
up.gif
www.imgburn.com/images/ 		340 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/up.gif
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
ba23e4f4f677ce22e5bf3a617d92fef7b9da8a5b3c675e226cd3cfdd364f38d9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:55:56 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
340
logo_disc.png
www.imgburn.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/logo_disc.png
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
7f046207bd9fad0240def375b892fb6d19b01001cd7af11cd295ab412f9d4b94

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:35 GMT
Last-Modified
Thu, 02 Sep 2010 11:01:00 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
7092
navigationbar_middle.gif
www.imgburn.com/images/ 		154 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/navigationbar_middle.gif
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
e9b26284942613ea0c4b783cc4e910ab3dedd2d1971329a473f180f8f7c43f4a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/index.php?act=installation_complete
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:54:59 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
154
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.232 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Aug 2023 11:53:26 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2888
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Tue, 29 Aug 2023 13:53:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
b3042834511405e3128d5362a72042bc74036638136cc63bf32f76b15c2bf032
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50912
x-xss-protection
0
server
cafe
etag
681784006896311755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:41:34 GMT
all.js
connect.facebook.net/en_US/ 		303 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=f70a98b14c1e1cc1533daf1676503eae
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
a914ef021ed94a976b5bf73dbcee8cbc8799ae0773e187d3aa53a986e14cbac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.imgburn.com/
Origin
https://www.imgburn.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 29 Aug 2023 12:41:34 GMT
content-md5
4W+OWqwxgz259bDT+8M+kg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87174
x-fb-debug
RUGQ1lRpPPZd+aIVTwBeNHZqbDO9JpbYqebXV80bkLOpqBnjRRPsiwoTW7cNPVJesPtBoa9b05038qXzzGb7mg==
x-fb-content-md5
3d3550d0582ab01d295454610c7b58d8
cross-origin-opener-policy
same-origin-allow-popups
etag
"271338d4151aa3120ec5c89e9c179cba"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 28 Aug 2024 08:15:35 GMT
titlebar_middle.gif
www.imgburn.com/images/ 		153 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.imgburn.com/images/titlebar_middle.gif
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/css/default.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.217.253.21 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns541007.ip-144-217-253.net
Software
Apache /
Resource Hash
7474fdf726e2a5b3781427c31d0227c10015a41fbb2848c3b4f4ae7ce357bb44

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/css/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:34 GMT
Last-Modified
Thu, 09 Aug 2007 19:55:53 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
153
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=273963689&utmhn=www.imgburn.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=The%20Official%20ImgBurn%20Website&utmhid=637353611&utmr=-&utmp=%2Findex.php%3Fact%3Dinstallation_complete&utmht=1693312894903&utmac=UA-18479560-1&utmcc=__utma%3D28837924.325450137.1693312895.1693312895.1693312895.1%3B%2B__utmz%3D28837924.1693312895.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1633877169&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.232 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 26C2 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.imgburn.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.21.91.66 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (cha/81BD) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.imgburn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1063129
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Tue, 29 Aug 2023 12:41:35 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (cha/81BD)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/ 		391 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
f116cc07babc112c8dadc2cdc058517b23d64b802c71924e52f978b822d53b6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134464
x-xss-protection
0
server
cafe
etag
10129633420705813256
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:41:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/ Frame 36FA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imgburn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
81313
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 14:06:22 GMT
etag
9878862242593084568
expires
Mon, 11 Sep 2023 14:06:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
settings
syndication.twitter.com/ Frame 26C2 		870 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=565e481d19adaf8ae1b10954884d18c8dcb61f1d
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.imgburn.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-response-time
6
date
Tue, 29 Aug 2023 12:41:34 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 29 Aug 2023 12:41:35 GMT
server
tsa_b
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
f3a3976a9fd3732f
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
0b0a6a61d19aa44f570f483a937c788efa1f7a5d6c5b6fb864f0f20be2751dc7
content-length
338
cookie.js
partner.googleadservices.com/gampad/ 		389 B
333 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.imgburn.com&callback=_gfp_s_&client=ca-pub-0434161978769668
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ceeff8a1f84324442615b8f13f4a115a2771b770edf414617ed2f5a1679949df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame ACFC 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=15&slotname=2600873847&adk=2038149097&adf=861312774&pi=t.ma~as.2600873847&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894840&bpp=240&bdt=206&idt=454&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&correlator=6339338955503&frm=20&pv=2&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=139&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HXSy7mbjkG&p=https%3A//www.imgburn.com&dtd=484
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imgburn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:41:35 GMT
expires
Tue, 29 Aug 2023 12:41:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 98EA 		20 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=600&slotname=8247945657&adk=386267200&adf=1084831798&pi=t.ma~as.8247945657&w=160&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894846&bpp=236&bdt=212&idt=487&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=118&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mPUpxSqOW9&p=https%3A//www.imgburn.com&dtd=500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
28821730b1acfbab78d3bc54ce6acc4585c3f2bff2034c5924a16cdd6bcb5352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imgburn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
9248
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:41:35 GMT
expires
Tue, 29 Aug 2023 12:41:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 20AD 		20 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=90&slotname=7670992764&adk=3136083826&adf=3911310050&pi=t.ma~as.7670992764&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894968&bpp=115&bdt=334&idt=383&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847%2C8247945657&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=553&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wD6OOAlKAz&p=https%3A//www.imgburn.com&dtd=392
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
87ba9934605c0a9d899190e95bbf1ad03f765060c24fbbbae07ab5f6d2660117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imgburn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
9244
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:41:35 GMT
expires
Tue, 29 Aug 2023 12:41:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9F60 		0
142 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&adk=1812271804&adf=3025194257&lmt=1693338095&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&ea=0&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312895126&bpp=3&bdt=492&idt=240&shv=r20230828&mjsv=m202308230101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2600873847%2C8247945657%2C7670992764&nras=1&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=261
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imgburn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:41:35 GMT
expires
Tue, 29 Aug 2023 12:41:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=cookieWarningBox&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
button.e7f9415a2e000feaab02c86dd5802747.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.21.91.66 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (cha/81BD) /
Resource Hash
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:35 GMT
Content-Encoding
gzip
Age
1064830
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2618
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (cha/81BD)
Etag
"506673dbdb9085e7201e137e893cc152+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
follow_button.2b2d73daf636805223fb11d48f3e94f7.en.html
platform.twitter.com/widgets/ Frame CE78 		40 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.21.91.66 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (cha/81BD) /
Resource Hash
2a19f79bd2859fb1dffdd7c8643dc5e58fc7a9b7fb493d68359f400c420467b3

Request headers

Referer
https://www.imgburn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1064817
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14965
Content-Type
text/html; charset=utf-8
Date
Tue, 29 Aug 2023 12:41:35 GMT
Etag
"4fdb0b5f121db02fe652a6f4fe49d886+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:07 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (cha/81BD)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1693312895446%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=565e481d19adaf8ae1b10954884d18c8dcb61f1d
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-response-time
7
date
Tue, 29 Aug 2023 12:41:34 GMT
strict-transport-security
max-age=631138519
last-modified
Tue, 29 Aug 2023 12:41:35 GMT
server
tsa_b
vary
Origin
content-type
image/gif
x-transaction-id
3c2897b8bc5b9cd1
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
0b0a6a61d19aa44f570f483a937c788efa1f7a5d6c5b6fb864f0f20be2751dc7
content-length
43
truncated
/ Frame CE78 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dyd3_ZIpj6RiYeVPz7y2E4IXpR9e3zLtnAlJizaLL-LASenWiKKIri6WCZbnGfw7SEOAsEcSgJziAc4EEedr9HMuTWCQl1KfipNXzTbnFIH0GMrdo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=600&slotname=8247945657&adk=386267200&adf=1084831798&pi=t.ma~as.8247945657&w=160&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894846&bpp=236&bdt=212&idt=487&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=118&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mPUpxSqOW9&p=https%3A//www.imgburn.com&dtd=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5166746245246191039&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=600&slotname=8247945657&adk=386267200&adf=1084831798&pi=t.ma~as.8247945657&w=160&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894846&bpp=236&bdt=212&idt=487&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=118&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mPUpxSqOW9&p=https%3A//www.imgburn.com&dtd=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 98EA 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=600&slotname=8247945657&adk=386267200&adf=1084831798&pi=t.ma~as.8247945657&w=160&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894846&bpp=236&bdt=212&idt=487&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=118&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mPUpxSqOW9&p=https%3A//www.imgburn.com&dtd=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:41:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 98EA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=600&slotname=8247945657&adk=386267200&adf=1084831798&pi=t.ma~as.8247945657&w=160&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894846&bpp=236&bdt=212&idt=487&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=118&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mPUpxSqOW9&p=https%3A//www.imgburn.com&dtd=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.1 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
82012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 13:54:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 98EA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=600&slotname=8247945657&adk=386267200&adf=1084831798&pi=t.ma~as.8247945657&w=160&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894846&bpp=236&bdt=212&idt=487&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=118&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mPUpxSqOW9&p=https%3A//www.imgburn.com&dtd=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.1 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
82012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 13:54:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 98EA 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=600&slotname=8247945657&adk=386267200&adf=1084831798&pi=t.ma~as.8247945657&w=160&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894846&bpp=236&bdt=212&idt=487&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=118&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mPUpxSqOW9&p=https%3A//www.imgburn.com&dtd=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:41:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 20AD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DkWmgGhaU-TATH2W1ohGMF4WTycBVRXnVwWAFKHXnpMWRHSfWXiHPAaC9NVECTXkqwy6SH-isfBlKbD6aa2sSVL4rcttFGuDynirp4awjvmAIf1NQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=90&slotname=7670992764&adk=3136083826&adf=3911310050&pi=t.ma~as.7670992764&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894968&bpp=115&bdt=334&idt=383&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847%2C8247945657&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=553&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wD6OOAlKAz&p=https%3A//www.imgburn.com&dtd=392
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 20AD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=832633140656312879&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=90&slotname=7670992764&adk=3136083826&adf=3911310050&pi=t.ma~as.7670992764&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894968&bpp=115&bdt=334&idt=383&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847%2C8247945657&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=553&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wD6OOAlKAz&p=https%3A//www.imgburn.com&dtd=392
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 20AD 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=90&slotname=7670992764&adk=3136083826&adf=3911310050&pi=t.ma~as.7670992764&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894968&bpp=115&bdt=334&idt=383&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847%2C8247945657&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=553&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wD6OOAlKAz&p=https%3A//www.imgburn.com&dtd=392
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:41:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 20AD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=90&slotname=7670992764&adk=3136083826&adf=3911310050&pi=t.ma~as.7670992764&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894968&bpp=115&bdt=334&idt=383&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847%2C8247945657&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=553&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wD6OOAlKAz&p=https%3A//www.imgburn.com&dtd=392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.1 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
82012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 13:54:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 20AD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=90&slotname=7670992764&adk=3136083826&adf=3911310050&pi=t.ma~as.7670992764&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894968&bpp=115&bdt=334&idt=383&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847%2C8247945657&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=553&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wD6OOAlKAz&p=https%3A//www.imgburn.com&dtd=392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.1 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
82012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 13:54:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 20AD 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=90&slotname=7670992764&adk=3136083826&adf=3911310050&pi=t.ma~as.7670992764&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894968&bpp=115&bdt=334&idt=383&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847%2C8247945657&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=553&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wD6OOAlKAz&p=https%3A//www.imgburn.com&dtd=392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:41:35 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9B9B 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIY8_au8QEwAQ&v=APEucNVCBmiN8qeuR1mIs0HWjVuwK9h1XYdQ-bdsj2AKCsGdn0DMy5rTYERC5qiLF1NZlvje8KjZ5k8J3oiVZlh5q_FLq5A54Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=600&slotname=8247945657&adk=386267200&adf=1084831798&pi=t.ma~as.8247945657&w=160&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894846&bpp=236&bdt=212&idt=487&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=118&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mPUpxSqOW9&p=https%3A//www.imgburn.com&dtd=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=600&slotname=8247945657&adk=386267200&adf=1084831798&pi=t.ma~as.8247945657&w=160&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894846&bpp=236&bdt=212&idt=487&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=118&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mPUpxSqOW9&p=https%3A//www.imgburn.com&dtd=500
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:41:35 GMT
expires
Tue, 29 Aug 2023 12:41:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame AA45 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIYn5mv8QEwAQ&v=APEucNXu4pXxCydRGwSRMpsyhi7idC0TVjJ52RfEO5BTt5QOw2HlITWjf5SgnrLZNsSxtukXivPB_Q3O4zOpchOXkZ0hUjXYwg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=90&slotname=7670992764&adk=3136083826&adf=3911310050&pi=t.ma~as.7670992764&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894968&bpp=115&bdt=334&idt=383&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847%2C8247945657&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=553&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wD6OOAlKAz&p=https%3A//www.imgburn.com&dtd=392
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=90&slotname=7670992764&adk=3136083826&adf=3911310050&pi=t.ma~as.7670992764&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894968&bpp=115&bdt=334&idt=383&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847%2C8247945657&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=553&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wD6OOAlKAz&p=https%3A//www.imgburn.com&dtd=392
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:41:35 GMT
expires
Tue, 29 Aug 2023 12:41:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 9B9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2ypUva2Yf8xEHYLtZw9jQ&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2ypUva2Yf8xEHYLtZw9jQ&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK2ypUva2Yf8xEHYLtZw9jQ&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIY8_au8QEwAQ&v=APEucNVCBmiN8qeuR1mIs0HWjVuwK9h1XYdQ-bdsj2AKCsGdn0DMy5rTYERC5qiLF1NZlvje8KjZ5k8J3oiVZlh5q_FLq5A54Q
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEK2ypUva2Yf8xEHYLtZw9jQ&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 9B9B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO3nf9eVSz55en8YDuFYKAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIY8_au8QEwAQ&v=APEucNVCBmiN8qeuR1mIs0HWjVuwK9h1XYdQ-bdsj2AKCsGdn0DMy5rTYERC5qiLF1NZlvje8KjZ5k8J3oiVZlh5q_FLq5A54Q
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 9B9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELbiplSeSlxa42S432ulwUg&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELbiplSeSlxa42S432ulwUg%26google_cver%3D1
43 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELbiplSeSlxa42S432ulwUg%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIY8_au8QEwAQ&v=APEucNVCBmiN8qeuR1mIs0HWjVuwK9h1XYdQ-bdsj2AKCsGdn0DMy5rTYERC5qiLF1NZlvje8KjZ5k8J3oiVZlh5q_FLq5A54Q
Protocol
H2
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
an-x-request-uuid
b7205905-3d1a-4965-bdce-23e7b7f1e183
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.19.213.88; 37.19.213.88; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
an-x-request-uuid
9ec04bf8-5342-4174-b60e-5c93bb011efd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELbiplSeSlxa42S432ulwUg%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
37.19.213.88; 37.19.213.88; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9B9B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1ODU4NzA1Nzk5MDg4NzI0NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1ODU4NzA1Nzk5MDg4NzI0NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIY8_au8QEwAQ&v=APEucNVCBmiN8qeuR1mIs0HWjVuwK9h1XYdQ-bdsj2AKCsGdn0DMy5rTYERC5qiLF1NZlvje8KjZ5k8J3oiVZlh5q_FLq5A54Q
Protocol
H3
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
an-x-request-uuid
112dc37b-774a-4038-8afc-498e990b5235
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc1ODU4NzA1Nzk5MDg4NzI0NA%3D%3D
x-proxy-origin
37.19.213.88; 37.19.213.88; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3174529809480&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3174529809480&version=m202307240101&ct=76&x=1&cor=5166746245246191000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 98EA 		107 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEE9OHZNrL3sbrRqSSdXQgykEndOeQZtn1Z142BKfTbBe7bXyONebu58Hgxqeo3QPel0vRBTLf-_2Pc6zc4sycbZ5hZQ6Rm6r7CX7Yd0K-kkQoin_UYED5Jfnj7ko_tZwhYkwZ9n2JmFAdgbo1P4LL6nE2Y3LGbo6wllI7Y8YzinumWYA&dbm_d=AKAmf-Al8BoCK8YLDKFbjnMaFgcb9CaFc7hfMZN6Uu-Ei2YI3_1G_2JLbzCmkrd-vFcC-XX7rF2Sl4CdxZhNYGonS6PCNwOpKJzl33KsPOqcjo2vaLG6Htht-yPeqiAEId_ZLKhV1Z2KmBHNiVLlRvx-6T_Gs9xvinFFNem5RR8-_9NeO1MmfoD1e56khjiLtcmrMf6zEDIZF3m7DnENAfHiu96nskUuJWBrwM48T67VFiBOrmcJK-g39mjca81y8PkUbrS_xlvODGkx9FgkHfEbhyReUtPOIrhssh3B096_SMS-ctFUK32TNNtqLR42sLfUaYScZsgtSQumbVhn6yyvNHk97uxaopU0kfYwqkDBQyLfwCMdKBD2z36OzJIcUGXqvbioQBoTMrHYciz4M9z6-gba_ZY9JgsHTWhgEZuQhQ56Eez7Sj2c9B1inVBzNI3xYkzEFL0OBjPrZ8Yx8rVWobF-Ks77XTP6UcqOPft7im_1NnBx_2aBDPfAwMiqkOcp9_W6tW6Wr3TO2hgecWJ5QvoJnOMYRf3n5JJrtkEFwMOqZtZxk-kDX08P_fdMyBDMJVbV8uPsK_n51k35k3PmKtdNsfFadJ96mTWfbPhbC_iQNleZzjgYYjLFF1qo-yh4trgub5r3vgRNTXMJ837M8pv9nCUVyxZwZ4Ioqulut7OoI-Tew8Ocwjif2WznPq5Ut2ks4132ZhefaRnohSA7OIjWcu-03tO9BVyCpOOrnBtmqr8Qj5qSiw2pX9svoi9OjBOOL69zVYosWFjoHLvOa9kZoLEWuODN7GQmxgIGNC91DWJbM80Hby0JCxwsf-tPeYNYG50994_bpnqjd3JUJ0kjyQLfa85SQdLBSd-dYZoSFgy6k5uT6czi3dURnEa5CP-gRklL1be0ap3I8m9opSSxg_JEL1wpE5314maEPIK-wI_0dAYYayo7U9WzLKEMkRkNv3E4RHuBs1X_tJh878mgmENdB7yYHdfitbfqxV_UHIwCOCMXQtmvpEbqlbEbbVcbRhajNNTFTKLo2CqflhiYvYAP-7mXjAAMF_xS8YexnPUp6eej_Ui9mXb4UjezeR39-MDr0Oj_K9bLCj0SoS6yQScDMlQxhs4DcSM5mrdyqCVQ-yjblujm0giJNNdvdFgvnCW7UoNAYQ_dFcaaUHB7-97Brh_7NmZhRSll_mB97jzLINJrbFGdQizv3tllD3hlUqKisXtTptiJGXWcONOTNpUrdQhi-ne7GMvLlTzb5pJnmsLQB1b9hxtmWWsx5r8hFafj7-eSZ-VV8YXV5qqswDkyj8fyaW00abuzYXhwise-R7CB7USznsYfdAFAgv7LrjdIhrSKgIee3Bru9ePmwp4ydhubWLI5K0SeYV99zio527xTcDdMBpSkxXshM1dwU3Q5Mhk-jzbt-RlSUHijZm3-6q76SazP4Ge6-A8fbKih57gqOJVJLvaJ3ZCjMnK_5Zs60CUQwAOv_NX_tkAawaAd4r0B8GgviIqtLSO6BdLkxbkKl9vtKk_tfMvrho3rJ3cLieUZv0AWOy0RxusaO0QvTSXc9XL0ITCSMyI4koxjk68YyWAT7HOEKun3T8GewwHBxK48iVO9N1i-n8aSehIPdRZa4SDkC2TdsL5ftXCfByG7OnKWOLLB9xmbjZVMjU-C6ewv93iZjgsbi7vgJ1yGVqDmqnkADZozem-moLVQurGkA0hH6EaR2cpqk5I6ALsiwguLK1t_O3FRw3OfyDvDzGZvYtvU9sq-EWupqXqgk8ERzAIrqbuDUpaG5IvxDI8DMorhLZOcSFdlj6qGVk5xk34HT4MVK-S7vOQ5GGHM4wyeVMRsHS78RKsV1J85fMZnPELeKYL0S_1j7MvUTGL25HnWkf63pO9-lWDp53XHch6chN7L5e8aMOZTJwqenwNbNSv1WE6uqpyHrUS0yxSa_PVf5lfFoUMukNoFipMqNy8GX2bgl13L8n9SSgQE2Nbncekta52bjLJSD0RXYjKY6-ClBFJGNzWYfjxPUh7TdbFqSpDO7xf8282MVXcl40EoBUQkLBzhaUGKngo2bobZwaIv1rpQQDA7v5lQZ2yONgGsE0pqbjmZHzPbXFezIMfUfF3pIZnTCML8JGN4H7tNWJmXxoA2HkkwnUd_F-LGS6ixNeGAMWq0YUyuu7SYxKUNymq9bCcn3R5t7JO3Ph8Qlqx4fOethmml5LWFPnZbb8v0bhA_6KimFNmaWscuGPwZjBWsitSK7nHWV2MJRE6-2unuopNNuKwJeTpxlKEvBCd2WvXe9tXQLPRsBNcax7l2NR1RdCEIXwoeARt_W71D1emEZg1XuxzZkJARjtrm9-0BrifgmPLOgf-biwVcyJOdxKJo1qf-V7Icflu0jOQhB56PLyHR-9z90wNStMnhJRpDLLwf7x1MQYrqm5_BjY-7hzEEXIWKkRCH8Lrnx9mK5BwN3UQv6Fr8gqy3iANZTbbVFqhq9UAJci-jWj2oNdv1DC3E4Ohw3nipZbAsCcDxUxOFjXXnE8bFAo-IqcJSfZDUxvqBhXkzq5EwHhgU6TNm6BxK9mUTKgT5n213sA-SEAZL_ixsc3V-L_S2OlfIcSlv2iq_2XqDfGtRmrBElDwpyTxSdjfiTCpIrG20bZoUrUQ1bIz1aHm09oWs28pJCQh4fGYwJe56eicdcH1rPvKqJr19wXUISu_7YPdVoxYCUJkAUscjsUTFDipvP06-yxpp7TTcjFEycAxGlQoycxuw_pgTHw-WhGHtign5XiwUT5EQ3CPZSqdfEo0PlFm8IThvC6hOQs2hpr8Rsa4ldfSLxmLxBTQt9dYIUzo16txonHvmzXx1wzAmAcvL6-ORwnZgSXXcBJHIY4rTaJ-3B-8ckGqa_5QmjUl93Wa0ndnk1IzOggjRL9E84DGw0d6sgLNMmbs0ywOHPMMJTmBdjCmE1omLZtsUAFiEcshcuFLBDp9yb0c5_X3c5ycKxOpOm6hujJpIWgfD1nFc-xuGtFvCj-X2wbDFtGbf9sHTaLQ6ApYehowfJntHlrmmsemBZ2nONHgnRuWPUtmR11RS-FIq5Ndp6wYpOOaEnP7uZb8Mx5qixqdhQ-Pys-7GMKWhi-GNZdgxqxXWbFLOeZhFuGgdYvg_n9hOnqg1up1XB9m_u6UXJ88zuhoTvg2VuAPsKbSZYRj561EvrkRvwQenlD8EvYhM7Sfs3R2ZIbbB7YuSj02NijAPROpj1_26es03Bowd5juA5EZrh12HHLX8wFagaR6WrjawpBGK2uROkIhqjN73x_ilL4M-orwH7kMWl347QGtiQOr7wV4fhWelyKFJpxmhuOcntXHZtKBezLtmbqtWEpjZeVvBlPPpCA5_IQ7ETadXsKW8IR0CEQxcnY2Vfq0hyynCQXh2tB1AHYc0DMMNM7mYIbR_L_15N9Priqfmrio_083xpvSnj6Wdp4EWsDEQ1d-UFSCPdJXxcO5OF-q8d9ey2FRxtt98TXFyP9tZf5uVZdJsfy5gGPds3POQtqTWT4JU_gPd_LdP-75YldMSwhq4ZswG7gW2hovm2Ms&cid=CAQSGwBpAlJWxs2FjQPEE6LoV_fCBHVrxoXui8hmlxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.imgburn.com%2F&ds=l&xdt=1&iif=1&cor=5166746245246191000&adk=250412560&idt=80&cac=0&dtd=53
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
dd9a6b5d5c367036f66988e53c798cb33de2b452c6e984bd9bbe6d0951bd47ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=600&slotname=8247945657&adk=386267200&adf=1084831798&pi=t.ma~as.8247945657&w=160&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894846&bpp=236&bdt=212&idt=487&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=118&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mPUpxSqOW9&p=https%3A//www.imgburn.com&dtd=500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40813
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AA45
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1&C=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIYn5mv8QEwAQ&v=APEucNXu4pXxCydRGwSRMpsyhi7idC0TVjJ52RfEO5BTt5QOw2HlITWjf5SgnrLZNsSxtukXivPB_Q3O4zOpchOXkZ0hUjXYwg
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame AA45
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO3nf9eVSz55en8YDuFYKAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIYn5mv8QEwAQ&v=APEucNXu4pXxCydRGwSRMpsyhi7idC0TVjJ52RfEO5BTt5QOw2HlITWjf5SgnrLZNsSxtukXivPB_Q3O4zOpchOXkZ0hUjXYwg
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGWVwsgnlfDUQidK9lfJ0iU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AA45
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELbiplSeSlxa42S432ulwUg&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELbiplSeSlxa42S432ulwUg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIYn5mv8QEwAQ&v=APEucNXu4pXxCydRGwSRMpsyhi7idC0TVjJ52RfEO5BTt5QOw2HlITWjf5SgnrLZNsSxtukXivPB_Q3O4zOpchOXkZ0hUjXYwg
Protocol
H2
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
an-x-request-uuid
947bf51f-7fcb-474e-bc47-62470006d8e9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.19.213.88; 37.19.213.88; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELbiplSeSlxa42S432ulwUg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AA45
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQyNDM5MjcyMzM5MzYxNTU0Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQyNDM5MjcyMzM5MzYxNTU0Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CGUQm_XizAIYn5mv8QEwAQ&v=APEucNXu4pXxCydRGwSRMpsyhi7idC0TVjJ52RfEO5BTt5QOw2HlITWjf5SgnrLZNsSxtukXivPB_Q3O4zOpchOXkZ0hUjXYwg
Protocol
H3
Server
142.250.80.2 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
an-x-request-uuid
40ee0d3e-d4ee-4de0-8409-27452d4dd567
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQyNDM5MjcyMzM5MzYxNTU0Ng%3D%3D
x-proxy-origin
37.19.213.88; 37.19.213.88; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 20AD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6282414244521&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 20AD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6282414244521&version=m202307240101&ct=76&x=1&cor=832633140656312800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 20AD 		107 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCc_DyZ66aO884rDVJu6ubPmHYKjN5usGMUyRYWjSZaSOIoDIb0FD7YUVEc5N4HdOW3QCpPtrE-ilerTECkB-1_C5imKkpvjb5tPn_z1kNVQ5Dv2U-BBtrgjhrN_6A9R4OP9ro9X8sELtsWFqyt61STtF3nTVNqWmd4S6tWZl22NPSJk8&dbm_d=AKAmf-C-aMIwCrZfzrTmKFegOdHYhG9bOKRlSgMShpuZeeOO8axcfxdhxhSf8QIHKB9wQRqsOkA71WybWVPFDRGsjIKSlqqq3ic9yLExEaqoZ2peBd-0L7IoZANYa5fHDF2c30v1uUYEzco5yTNkomWRWsuRNO0xl7SN2olL_aPs38E5wIa9PnOHkl3XkIME0FT31XY1IIjAyr9_l_OcnnY-0Gkayz-D0eZpzG0bFDkVRTms4RfIMkm40l6YUcJfFLbAnb9rvZ9wyWjLOyvmFJ3KFqfj7rO7boRjQqKbbgxpV0Px_R9oftc8scOkSSLBSIZjGd6Z-kbdiwA_rIJgX-oeomOEYKjjughxRHFUj4mfCis0ABzpcNJ1LO337p3UU6owCKtZnEofHUYkYigD0AWkg2b-3Eix_aIunnfvOrJW4GctTfR6L42Pjl6fku4oyLk85HfLqfMPE7ew6LUnfyAQU1438ujAZKtmA6YXO7ad_njDGbyT5vX66Dc1m7K8uVP_2tELHODi2jbmExXzROVVVKQwLmG8QwOn64SshTeAW8AC1MIrWGcVt2UXPUJAus12gi6CAGLie7bVUcliz8aI7IUPfPm-BzkXz9VWYlfZ6KGoCza4uHYahHwmkEHEh87lgi_de0_Ng1z1W0FRszj0QsY4bwPtRzRWNB1ifly1ynF35oS9FV9e8RBRHGly5kgAPvhvCxHJ_2kwlJg7lrgjg4zY_0uglEA9T6pQZqdQYrOrKY1Y81XFjV1A3ba9cfn_IZ0SRi6uN0UHIo8Tfon3y814J573NvVkl3qhzS_7M86QJByppS7kmahYRd9PWWDTMjEcPOqTloumzhHTeA7AGMN9lQ2-WG31NcfLHo794HO18RqwWd0VzI3q68rbOrG8KJg2CdHBSq1bIvLE4sVb-qmSP01fQI5PkrG_Z0qcZJa3smovGBhU49QIOpJ0pMMXwK0zM0JpATh2GT6EdI6_-OxbzLSE5TJvVwJGJF1mT0r6eZwfaVcahTWW993MCZBfMort8AxaXNO9-JaInleq6Ls_68RL2u_hwOLA2CYK6w1rS83-ym755e-iNMpTW3d3HdwjJCLBItOu0lIkOf_OjJ_0wy4GoIkV0LaEPKm0topBMi7C7MFSbKJ4nxmA3ojkrc4sFGleAq0QXPgshKQWDpI1NROTrQa7ELEXMpk5dVM_Zfarh63tdwdGpnLQt9o3PykHQcU0isuZxB8SmcBkyFbw_dhQwPykkoLrh9hMX-lWlwTH_bNII4OyZmeqUu0hKR6Gqb4yL3L-PMJxVRWcZ_frbKBNpiC6yNPLN6OJKGxtsNUdcPlRP4uydSclP_E65eCA2qzSM8DenhF7gBdkGym_azRNG9ZL7JjNea2jzP4t-6ZgP6QwisYxVQJ9VneCQ2P2RNKlNl6Dp7yHLG_mqZ3ZxR8fiN4Y0-eEGKRoJfZiRRD1q_hBHm2kgL5hG0ygXofnMCX9mk3DD3q_dN5vier8uBHfGVUf-U45m9gPQjrFe8MqG7ic6K93kCqovVfXw-LINxncpYHt6bYQPY-Lsp4SgfFBgvuSjnlYQlZJN5QZArwhAz3TeGp7KWu7LFnlXvW7YvKymkdQ6hn2q_E0Poyu8ajaroDkNyYzyUrvS9Igio8HAXxDZelvKj-UhvyGhSLORb21fewTnSQw6rHFNNmVpIriE4RHswtw_QE7wlScFMm5pswChJ--57L2jKbiiMdPVZ9v00wzYrhH3fIBwplnhOKZR3lyxgFqinArHMjhTTqP3sx6NEFX7dMAdDutuZML2fmiDo3x2ZH7S-HrMmFotC7Y0apVNfYUxEGdb6Ys_-WchzpLOl3trFPkIAGN-7o3YwOx5jwGZqVWAuMMHBHg5iZTLmRn7LJzxceCUPihaBf_o8amM4ZOHkriT4Qnsmz1oaNMVUnF4TU009n0NGtlvMUiq6UkwlO4y6ImC1-KUtlbCEFDOLjKd9w2IIVGIC8CU9UEcsLmn6GKYUvvMegs8JRVvjmLWfO2mUhpk3Luzm3zkOQlKhG6F4HYoh3FxrT-JWxvH4pTpvdiGiiNvaFIEwtpKE9QgqcrzLMfPeDQ5mwBGb5rAZHtBiBylFmrbH5kxk-aMtWjD3jf_kN4EbVw8B4NiIpV8iCP3BI5Co6AKR7Gfu9lQ16U0g5ixUOOlsy87CZd7QxMZ3JlRiKOhYuKS0oRpCljDlr6Mp1MdIqxOp41bUp0N8TIUss6WQOuCnBWmLiyd38b4L_07S5y-JKjy7vhOOdoezhXA7BJoN3tTcRMZ_159eOmfWnWgu2K_jIC1Ti2pQUcJCZKOWxr3vcxs6AlrodLsVJqTcnMhhRFGufEfN0O1_UUzhZ_y7az0GhhbotsJ6VH3HWXenkXUa8nE65l9bKYqehf8PntT0iS78J9mUEmCa5GitbWCNpm-dE-epO0ZgPs5ZjFBHa_ufGlOlqQfbBR8Aik6w15PrmnijDztO4AdTaE_L0IFUoN8wDft_xdVN2A9AwZ3uuAcSpfarCcle-FQBqnj80S_K6BW9MOIhWuComsBe4f5RPMMcAUA6wyFJSVt9h2xlv0avgzcfGrZI3ogrd_x-n4EHDIgJa9eg1eYigvMEYZMGsYuK427mtx1UzAP9OWvGLpiGd1aoaVqyZhIis9emBS049T8XfmSCUt8_kiCcT90CfB5zmBW2EHq96-DFp_Nnpy3oPsjsEvGDgJjkSQKTly7ip3ouiHtgrQ9yfzLu-Awlgrd-SMUEW5fHuQrsEYLbm9IEHfCxKVgDyWY0LIU-jqZI726K4ifewHlbvDThev9hDjOkraXb7i08HKNf_fRGZW4TSZY94uK25nHbjXwlAGjRVHcW4mzJ4hwQq-cO-EjVQHpnNYy1mePcz8wvPzZFhjAOXosUcZoydN3G63pnVYYroqxE7gs3cQqmIOc3eGki8p3QTJv6qQ5k2znI04f_E-HNbFZp4QIJYJ2MgHv-1rHIxnZ3n-W9Px17AsGbLFfBcAyAWggqPVzOhhhylcvno2JK_3YESehObx7xOXazHhpjropxGdqpIvv2_NhPbwqZ3jLvyIA2cjuTp8bZ60WJ3fFZZCcqSbKcWtFnB0S6LjMacFgXLIOa82Wm1enryICyfl73nW4QcVrKZk5L5kkk0OodB4zWDDzQYqDro8SgHz6-xkyiLWpoL7fsdHknx3TLpkQa53JInkYVJZuPrhjmc2aeYl8eU_jnp9M5wJb5qOh4aMCpUjhjw3uN6GislzmzbnReUzUYNoMKcx-M5kxuCFXPyDzJhIMCQwQ9J062J1GwWZKzbyviGL9DohgsVMbYxTveicxmY_HbmMKQxx84hz41VVUZbfNpTEhUr3FC_0Ray_BgyG9NWjqrDA0hzqESIqnttqUlbYo-kTRTomAeznN0zI80cWxt3-qsDWjlY3q0XLUotQtd-C8LUCQ_NyvX4MbIEV5hxtZuNW-5CJUHC7e20pSYMGYbYWmnybFmbOMgXJDaxRaF-bU8O-cpvuOe5kOgd6zkdZxNcjJOJ4GRFdRz7kaCZqoBP49X1hGxFy0DegLRseTC0&cid=CAQSGwBpAlJWk_xyB0TLxm_IvKNV78IneKOg6Z2-fRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.imgburn.com%2F&ds=l&xdt=1&iif=1&cor=832633140656312800&adk=1964084972&idt=129&cac=0&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
ffb8b69cad0d748f2fd5bf7cd2e84fbb56604f8dc1297045804343ba83a25ba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=90&slotname=7670992764&adk=3136083826&adf=3911310050&pi=t.ma~as.7670992764&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894968&bpp=115&bdt=334&idt=383&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847%2C8247945657&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=553&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wD6OOAlKAz&p=https%3A//www.imgburn.com&dtd=392
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41012
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbm.js
cdn.doubleverify.com/ Frame 98EA 		428 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbm.js
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.215.130.168 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-130-168.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
7bd887208f90811f69029f99399a0740203702cc1cad617faf33f8b8dd62c475

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Aug 2023 08:01:59 GMT
Server
UploadServer
ETag
"c2cbb3f5444a791f1cabd6c980f8bfcb"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=900,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103235
Expires
Thu, 24 Aug 2023 08:18:24 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 98EA 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 05:54:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 05:54:03 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame 98EA 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEE9OHZNrL3sbrRqSSdXQgykEndOeQZtn1Z142BKfTbBe7bXyONebu58Hgxqeo3QPel0vRBTLf-_2Pc6zc4sycbZ5hZQ6Rm6r7CX7Yd0K-kkQoin_UYED5Jfnj7ko_tZwhYkwZ9n2JmFAdgbo1P4LL6nE2Y3LGbo6wllI7Y8YzinumWYA&dbm_d=AKAmf-Al8BoCK8YLDKFbjnMaFgcb9CaFc7hfMZN6Uu-Ei2YI3_1G_2JLbzCmkrd-vFcC-XX7rF2Sl4CdxZhNYGonS6PCNwOpKJzl33KsPOqcjo2vaLG6Htht-yPeqiAEId_ZLKhV1Z2KmBHNiVLlRvx-6T_Gs9xvinFFNem5RR8-_9NeO1MmfoD1e56khjiLtcmrMf6zEDIZF3m7DnENAfHiu96nskUuJWBrwM48T67VFiBOrmcJK-g39mjca81y8PkUbrS_xlvODGkx9FgkHfEbhyReUtPOIrhssh3B096_SMS-ctFUK32TNNtqLR42sLfUaYScZsgtSQumbVhn6yyvNHk97uxaopU0kfYwqkDBQyLfwCMdKBD2z36OzJIcUGXqvbioQBoTMrHYciz4M9z6-gba_ZY9JgsHTWhgEZuQhQ56Eez7Sj2c9B1inVBzNI3xYkzEFL0OBjPrZ8Yx8rVWobF-Ks77XTP6UcqOPft7im_1NnBx_2aBDPfAwMiqkOcp9_W6tW6Wr3TO2hgecWJ5QvoJnOMYRf3n5JJrtkEFwMOqZtZxk-kDX08P_fdMyBDMJVbV8uPsK_n51k35k3PmKtdNsfFadJ96mTWfbPhbC_iQNleZzjgYYjLFF1qo-yh4trgub5r3vgRNTXMJ837M8pv9nCUVyxZwZ4Ioqulut7OoI-Tew8Ocwjif2WznPq5Ut2ks4132ZhefaRnohSA7OIjWcu-03tO9BVyCpOOrnBtmqr8Qj5qSiw2pX9svoi9OjBOOL69zVYosWFjoHLvOa9kZoLEWuODN7GQmxgIGNC91DWJbM80Hby0JCxwsf-tPeYNYG50994_bpnqjd3JUJ0kjyQLfa85SQdLBSd-dYZoSFgy6k5uT6czi3dURnEa5CP-gRklL1be0ap3I8m9opSSxg_JEL1wpE5314maEPIK-wI_0dAYYayo7U9WzLKEMkRkNv3E4RHuBs1X_tJh878mgmENdB7yYHdfitbfqxV_UHIwCOCMXQtmvpEbqlbEbbVcbRhajNNTFTKLo2CqflhiYvYAP-7mXjAAMF_xS8YexnPUp6eej_Ui9mXb4UjezeR39-MDr0Oj_K9bLCj0SoS6yQScDMlQxhs4DcSM5mrdyqCVQ-yjblujm0giJNNdvdFgvnCW7UoNAYQ_dFcaaUHB7-97Brh_7NmZhRSll_mB97jzLINJrbFGdQizv3tllD3hlUqKisXtTptiJGXWcONOTNpUrdQhi-ne7GMvLlTzb5pJnmsLQB1b9hxtmWWsx5r8hFafj7-eSZ-VV8YXV5qqswDkyj8fyaW00abuzYXhwise-R7CB7USznsYfdAFAgv7LrjdIhrSKgIee3Bru9ePmwp4ydhubWLI5K0SeYV99zio527xTcDdMBpSkxXshM1dwU3Q5Mhk-jzbt-RlSUHijZm3-6q76SazP4Ge6-A8fbKih57gqOJVJLvaJ3ZCjMnK_5Zs60CUQwAOv_NX_tkAawaAd4r0B8GgviIqtLSO6BdLkxbkKl9vtKk_tfMvrho3rJ3cLieUZv0AWOy0RxusaO0QvTSXc9XL0ITCSMyI4koxjk68YyWAT7HOEKun3T8GewwHBxK48iVO9N1i-n8aSehIPdRZa4SDkC2TdsL5ftXCfByG7OnKWOLLB9xmbjZVMjU-C6ewv93iZjgsbi7vgJ1yGVqDmqnkADZozem-moLVQurGkA0hH6EaR2cpqk5I6ALsiwguLK1t_O3FRw3OfyDvDzGZvYtvU9sq-EWupqXqgk8ERzAIrqbuDUpaG5IvxDI8DMorhLZOcSFdlj6qGVk5xk34HT4MVK-S7vOQ5GGHM4wyeVMRsHS78RKsV1J85fMZnPELeKYL0S_1j7MvUTGL25HnWkf63pO9-lWDp53XHch6chN7L5e8aMOZTJwqenwNbNSv1WE6uqpyHrUS0yxSa_PVf5lfFoUMukNoFipMqNy8GX2bgl13L8n9SSgQE2Nbncekta52bjLJSD0RXYjKY6-ClBFJGNzWYfjxPUh7TdbFqSpDO7xf8282MVXcl40EoBUQkLBzhaUGKngo2bobZwaIv1rpQQDA7v5lQZ2yONgGsE0pqbjmZHzPbXFezIMfUfF3pIZnTCML8JGN4H7tNWJmXxoA2HkkwnUd_F-LGS6ixNeGAMWq0YUyuu7SYxKUNymq9bCcn3R5t7JO3Ph8Qlqx4fOethmml5LWFPnZbb8v0bhA_6KimFNmaWscuGPwZjBWsitSK7nHWV2MJRE6-2unuopNNuKwJeTpxlKEvBCd2WvXe9tXQLPRsBNcax7l2NR1RdCEIXwoeARt_W71D1emEZg1XuxzZkJARjtrm9-0BrifgmPLOgf-biwVcyJOdxKJo1qf-V7Icflu0jOQhB56PLyHR-9z90wNStMnhJRpDLLwf7x1MQYrqm5_BjY-7hzEEXIWKkRCH8Lrnx9mK5BwN3UQv6Fr8gqy3iANZTbbVFqhq9UAJci-jWj2oNdv1DC3E4Ohw3nipZbAsCcDxUxOFjXXnE8bFAo-IqcJSfZDUxvqBhXkzq5EwHhgU6TNm6BxK9mUTKgT5n213sA-SEAZL_ixsc3V-L_S2OlfIcSlv2iq_2XqDfGtRmrBElDwpyTxSdjfiTCpIrG20bZoUrUQ1bIz1aHm09oWs28pJCQh4fGYwJe56eicdcH1rPvKqJr19wXUISu_7YPdVoxYCUJkAUscjsUTFDipvP06-yxpp7TTcjFEycAxGlQoycxuw_pgTHw-WhGHtign5XiwUT5EQ3CPZSqdfEo0PlFm8IThvC6hOQs2hpr8Rsa4ldfSLxmLxBTQt9dYIUzo16txonHvmzXx1wzAmAcvL6-ORwnZgSXXcBJHIY4rTaJ-3B-8ckGqa_5QmjUl93Wa0ndnk1IzOggjRL9E84DGw0d6sgLNMmbs0ywOHPMMJTmBdjCmE1omLZtsUAFiEcshcuFLBDp9yb0c5_X3c5ycKxOpOm6hujJpIWgfD1nFc-xuGtFvCj-X2wbDFtGbf9sHTaLQ6ApYehowfJntHlrmmsemBZ2nONHgnRuWPUtmR11RS-FIq5Ndp6wYpOOaEnP7uZb8Mx5qixqdhQ-Pys-7GMKWhi-GNZdgxqxXWbFLOeZhFuGgdYvg_n9hOnqg1up1XB9m_u6UXJ88zuhoTvg2VuAPsKbSZYRj561EvrkRvwQenlD8EvYhM7Sfs3R2ZIbbB7YuSj02NijAPROpj1_26es03Bowd5juA5EZrh12HHLX8wFagaR6WrjawpBGK2uROkIhqjN73x_ilL4M-orwH7kMWl347QGtiQOr7wV4fhWelyKFJpxmhuOcntXHZtKBezLtmbqtWEpjZeVvBlPPpCA5_IQ7ETadXsKW8IR0CEQxcnY2Vfq0hyynCQXh2tB1AHYc0DMMNM7mYIbR_L_15N9Priqfmrio_083xpvSnj6Wdp4EWsDEQ1d-UFSCPdJXxcO5OF-q8d9ey2FRxtt98TXFyP9tZf5uVZdJsfy5gGPds3POQtqTWT4JU_gPd_LdP-75YldMSwhq4ZswG7gW2hovm2Ms&cid=CAQSGwBpAlJWxs2FjQPEE6LoV_fCBHVrxoXui8hmlxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.imgburn.com%2F&ds=l&xdt=1&iif=1&cor=5166746245246191000&adk=250412560&idt=80&cac=0&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 09:04:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
13004
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 09:04:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 98EA 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEE9OHZNrL3sbrRqSSdXQgykEndOeQZtn1Z142BKfTbBe7bXyONebu58Hgxqeo3QPel0vRBTLf-_2Pc6zc4sycbZ5hZQ6Rm6r7CX7Yd0K-kkQoin_UYED5Jfnj7ko_tZwhYkwZ9n2JmFAdgbo1P4LL6nE2Y3LGbo6wllI7Y8YzinumWYA&dbm_d=AKAmf-Al8BoCK8YLDKFbjnMaFgcb9CaFc7hfMZN6Uu-Ei2YI3_1G_2JLbzCmkrd-vFcC-XX7rF2Sl4CdxZhNYGonS6PCNwOpKJzl33KsPOqcjo2vaLG6Htht-yPeqiAEId_ZLKhV1Z2KmBHNiVLlRvx-6T_Gs9xvinFFNem5RR8-_9NeO1MmfoD1e56khjiLtcmrMf6zEDIZF3m7DnENAfHiu96nskUuJWBrwM48T67VFiBOrmcJK-g39mjca81y8PkUbrS_xlvODGkx9FgkHfEbhyReUtPOIrhssh3B096_SMS-ctFUK32TNNtqLR42sLfUaYScZsgtSQumbVhn6yyvNHk97uxaopU0kfYwqkDBQyLfwCMdKBD2z36OzJIcUGXqvbioQBoTMrHYciz4M9z6-gba_ZY9JgsHTWhgEZuQhQ56Eez7Sj2c9B1inVBzNI3xYkzEFL0OBjPrZ8Yx8rVWobF-Ks77XTP6UcqOPft7im_1NnBx_2aBDPfAwMiqkOcp9_W6tW6Wr3TO2hgecWJ5QvoJnOMYRf3n5JJrtkEFwMOqZtZxk-kDX08P_fdMyBDMJVbV8uPsK_n51k35k3PmKtdNsfFadJ96mTWfbPhbC_iQNleZzjgYYjLFF1qo-yh4trgub5r3vgRNTXMJ837M8pv9nCUVyxZwZ4Ioqulut7OoI-Tew8Ocwjif2WznPq5Ut2ks4132ZhefaRnohSA7OIjWcu-03tO9BVyCpOOrnBtmqr8Qj5qSiw2pX9svoi9OjBOOL69zVYosWFjoHLvOa9kZoLEWuODN7GQmxgIGNC91DWJbM80Hby0JCxwsf-tPeYNYG50994_bpnqjd3JUJ0kjyQLfa85SQdLBSd-dYZoSFgy6k5uT6czi3dURnEa5CP-gRklL1be0ap3I8m9opSSxg_JEL1wpE5314maEPIK-wI_0dAYYayo7U9WzLKEMkRkNv3E4RHuBs1X_tJh878mgmENdB7yYHdfitbfqxV_UHIwCOCMXQtmvpEbqlbEbbVcbRhajNNTFTKLo2CqflhiYvYAP-7mXjAAMF_xS8YexnPUp6eej_Ui9mXb4UjezeR39-MDr0Oj_K9bLCj0SoS6yQScDMlQxhs4DcSM5mrdyqCVQ-yjblujm0giJNNdvdFgvnCW7UoNAYQ_dFcaaUHB7-97Brh_7NmZhRSll_mB97jzLINJrbFGdQizv3tllD3hlUqKisXtTptiJGXWcONOTNpUrdQhi-ne7GMvLlTzb5pJnmsLQB1b9hxtmWWsx5r8hFafj7-eSZ-VV8YXV5qqswDkyj8fyaW00abuzYXhwise-R7CB7USznsYfdAFAgv7LrjdIhrSKgIee3Bru9ePmwp4ydhubWLI5K0SeYV99zio527xTcDdMBpSkxXshM1dwU3Q5Mhk-jzbt-RlSUHijZm3-6q76SazP4Ge6-A8fbKih57gqOJVJLvaJ3ZCjMnK_5Zs60CUQwAOv_NX_tkAawaAd4r0B8GgviIqtLSO6BdLkxbkKl9vtKk_tfMvrho3rJ3cLieUZv0AWOy0RxusaO0QvTSXc9XL0ITCSMyI4koxjk68YyWAT7HOEKun3T8GewwHBxK48iVO9N1i-n8aSehIPdRZa4SDkC2TdsL5ftXCfByG7OnKWOLLB9xmbjZVMjU-C6ewv93iZjgsbi7vgJ1yGVqDmqnkADZozem-moLVQurGkA0hH6EaR2cpqk5I6ALsiwguLK1t_O3FRw3OfyDvDzGZvYtvU9sq-EWupqXqgk8ERzAIrqbuDUpaG5IvxDI8DMorhLZOcSFdlj6qGVk5xk34HT4MVK-S7vOQ5GGHM4wyeVMRsHS78RKsV1J85fMZnPELeKYL0S_1j7MvUTGL25HnWkf63pO9-lWDp53XHch6chN7L5e8aMOZTJwqenwNbNSv1WE6uqpyHrUS0yxSa_PVf5lfFoUMukNoFipMqNy8GX2bgl13L8n9SSgQE2Nbncekta52bjLJSD0RXYjKY6-ClBFJGNzWYfjxPUh7TdbFqSpDO7xf8282MVXcl40EoBUQkLBzhaUGKngo2bobZwaIv1rpQQDA7v5lQZ2yONgGsE0pqbjmZHzPbXFezIMfUfF3pIZnTCML8JGN4H7tNWJmXxoA2HkkwnUd_F-LGS6ixNeGAMWq0YUyuu7SYxKUNymq9bCcn3R5t7JO3Ph8Qlqx4fOethmml5LWFPnZbb8v0bhA_6KimFNmaWscuGPwZjBWsitSK7nHWV2MJRE6-2unuopNNuKwJeTpxlKEvBCd2WvXe9tXQLPRsBNcax7l2NR1RdCEIXwoeARt_W71D1emEZg1XuxzZkJARjtrm9-0BrifgmPLOgf-biwVcyJOdxKJo1qf-V7Icflu0jOQhB56PLyHR-9z90wNStMnhJRpDLLwf7x1MQYrqm5_BjY-7hzEEXIWKkRCH8Lrnx9mK5BwN3UQv6Fr8gqy3iANZTbbVFqhq9UAJci-jWj2oNdv1DC3E4Ohw3nipZbAsCcDxUxOFjXXnE8bFAo-IqcJSfZDUxvqBhXkzq5EwHhgU6TNm6BxK9mUTKgT5n213sA-SEAZL_ixsc3V-L_S2OlfIcSlv2iq_2XqDfGtRmrBElDwpyTxSdjfiTCpIrG20bZoUrUQ1bIz1aHm09oWs28pJCQh4fGYwJe56eicdcH1rPvKqJr19wXUISu_7YPdVoxYCUJkAUscjsUTFDipvP06-yxpp7TTcjFEycAxGlQoycxuw_pgTHw-WhGHtign5XiwUT5EQ3CPZSqdfEo0PlFm8IThvC6hOQs2hpr8Rsa4ldfSLxmLxBTQt9dYIUzo16txonHvmzXx1wzAmAcvL6-ORwnZgSXXcBJHIY4rTaJ-3B-8ckGqa_5QmjUl93Wa0ndnk1IzOggjRL9E84DGw0d6sgLNMmbs0ywOHPMMJTmBdjCmE1omLZtsUAFiEcshcuFLBDp9yb0c5_X3c5ycKxOpOm6hujJpIWgfD1nFc-xuGtFvCj-X2wbDFtGbf9sHTaLQ6ApYehowfJntHlrmmsemBZ2nONHgnRuWPUtmR11RS-FIq5Ndp6wYpOOaEnP7uZb8Mx5qixqdhQ-Pys-7GMKWhi-GNZdgxqxXWbFLOeZhFuGgdYvg_n9hOnqg1up1XB9m_u6UXJ88zuhoTvg2VuAPsKbSZYRj561EvrkRvwQenlD8EvYhM7Sfs3R2ZIbbB7YuSj02NijAPROpj1_26es03Bowd5juA5EZrh12HHLX8wFagaR6WrjawpBGK2uROkIhqjN73x_ilL4M-orwH7kMWl347QGtiQOr7wV4fhWelyKFJpxmhuOcntXHZtKBezLtmbqtWEpjZeVvBlPPpCA5_IQ7ETadXsKW8IR0CEQxcnY2Vfq0hyynCQXh2tB1AHYc0DMMNM7mYIbR_L_15N9Priqfmrio_083xpvSnj6Wdp4EWsDEQ1d-UFSCPdJXxcO5OF-q8d9ey2FRxtt98TXFyP9tZf5uVZdJsfy5gGPds3POQtqTWT4JU_gPd_LdP-75YldMSwhq4ZswG7gW2hovm2Ms&cid=CAQSGwBpAlJWxs2FjQPEE6LoV_fCBHVrxoXui8hmlxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.imgburn.com%2F&ds=l&xdt=1&iif=1&cor=5166746245246191000&adk=250412560&idt=80&cac=0&dtd=53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:54:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
82016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 13:54:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 98EA 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.1 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
19165
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Aug 2024 07:22:11 GMT
truncated
/ Frame 98EA 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ca88fc8ca11586bc5c6955177f88d2c2064428a04294d9604b6072fd098b1b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
dvbm.js
cdn.doubleverify.com/ Frame 20AD 		428 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbm.js
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.215.130.168 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-215-130-168.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
7bd887208f90811f69029f99399a0740203702cc1cad617faf33f8b8dd62c475

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:41:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Aug 2023 08:01:59 GMT
Server
UploadServer
ETag
"c2cbb3f5444a791f1cabd6c980f8bfcb"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=900,no-transform
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103235
Expires
Thu, 24 Aug 2023 08:18:24 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 20AD 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 05:54:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 05:54:03 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame 20AD 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCc_DyZ66aO884rDVJu6ubPmHYKjN5usGMUyRYWjSZaSOIoDIb0FD7YUVEc5N4HdOW3QCpPtrE-ilerTECkB-1_C5imKkpvjb5tPn_z1kNVQ5Dv2U-BBtrgjhrN_6A9R4OP9ro9X8sELtsWFqyt61STtF3nTVNqWmd4S6tWZl22NPSJk8&dbm_d=AKAmf-C-aMIwCrZfzrTmKFegOdHYhG9bOKRlSgMShpuZeeOO8axcfxdhxhSf8QIHKB9wQRqsOkA71WybWVPFDRGsjIKSlqqq3ic9yLExEaqoZ2peBd-0L7IoZANYa5fHDF2c30v1uUYEzco5yTNkomWRWsuRNO0xl7SN2olL_aPs38E5wIa9PnOHkl3XkIME0FT31XY1IIjAyr9_l_OcnnY-0Gkayz-D0eZpzG0bFDkVRTms4RfIMkm40l6YUcJfFLbAnb9rvZ9wyWjLOyvmFJ3KFqfj7rO7boRjQqKbbgxpV0Px_R9oftc8scOkSSLBSIZjGd6Z-kbdiwA_rIJgX-oeomOEYKjjughxRHFUj4mfCis0ABzpcNJ1LO337p3UU6owCKtZnEofHUYkYigD0AWkg2b-3Eix_aIunnfvOrJW4GctTfR6L42Pjl6fku4oyLk85HfLqfMPE7ew6LUnfyAQU1438ujAZKtmA6YXO7ad_njDGbyT5vX66Dc1m7K8uVP_2tELHODi2jbmExXzROVVVKQwLmG8QwOn64SshTeAW8AC1MIrWGcVt2UXPUJAus12gi6CAGLie7bVUcliz8aI7IUPfPm-BzkXz9VWYlfZ6KGoCza4uHYahHwmkEHEh87lgi_de0_Ng1z1W0FRszj0QsY4bwPtRzRWNB1ifly1ynF35oS9FV9e8RBRHGly5kgAPvhvCxHJ_2kwlJg7lrgjg4zY_0uglEA9T6pQZqdQYrOrKY1Y81XFjV1A3ba9cfn_IZ0SRi6uN0UHIo8Tfon3y814J573NvVkl3qhzS_7M86QJByppS7kmahYRd9PWWDTMjEcPOqTloumzhHTeA7AGMN9lQ2-WG31NcfLHo794HO18RqwWd0VzI3q68rbOrG8KJg2CdHBSq1bIvLE4sVb-qmSP01fQI5PkrG_Z0qcZJa3smovGBhU49QIOpJ0pMMXwK0zM0JpATh2GT6EdI6_-OxbzLSE5TJvVwJGJF1mT0r6eZwfaVcahTWW993MCZBfMort8AxaXNO9-JaInleq6Ls_68RL2u_hwOLA2CYK6w1rS83-ym755e-iNMpTW3d3HdwjJCLBItOu0lIkOf_OjJ_0wy4GoIkV0LaEPKm0topBMi7C7MFSbKJ4nxmA3ojkrc4sFGleAq0QXPgshKQWDpI1NROTrQa7ELEXMpk5dVM_Zfarh63tdwdGpnLQt9o3PykHQcU0isuZxB8SmcBkyFbw_dhQwPykkoLrh9hMX-lWlwTH_bNII4OyZmeqUu0hKR6Gqb4yL3L-PMJxVRWcZ_frbKBNpiC6yNPLN6OJKGxtsNUdcPlRP4uydSclP_E65eCA2qzSM8DenhF7gBdkGym_azRNG9ZL7JjNea2jzP4t-6ZgP6QwisYxVQJ9VneCQ2P2RNKlNl6Dp7yHLG_mqZ3ZxR8fiN4Y0-eEGKRoJfZiRRD1q_hBHm2kgL5hG0ygXofnMCX9mk3DD3q_dN5vier8uBHfGVUf-U45m9gPQjrFe8MqG7ic6K93kCqovVfXw-LINxncpYHt6bYQPY-Lsp4SgfFBgvuSjnlYQlZJN5QZArwhAz3TeGp7KWu7LFnlXvW7YvKymkdQ6hn2q_E0Poyu8ajaroDkNyYzyUrvS9Igio8HAXxDZelvKj-UhvyGhSLORb21fewTnSQw6rHFNNmVpIriE4RHswtw_QE7wlScFMm5pswChJ--57L2jKbiiMdPVZ9v00wzYrhH3fIBwplnhOKZR3lyxgFqinArHMjhTTqP3sx6NEFX7dMAdDutuZML2fmiDo3x2ZH7S-HrMmFotC7Y0apVNfYUxEGdb6Ys_-WchzpLOl3trFPkIAGN-7o3YwOx5jwGZqVWAuMMHBHg5iZTLmRn7LJzxceCUPihaBf_o8amM4ZOHkriT4Qnsmz1oaNMVUnF4TU009n0NGtlvMUiq6UkwlO4y6ImC1-KUtlbCEFDOLjKd9w2IIVGIC8CU9UEcsLmn6GKYUvvMegs8JRVvjmLWfO2mUhpk3Luzm3zkOQlKhG6F4HYoh3FxrT-JWxvH4pTpvdiGiiNvaFIEwtpKE9QgqcrzLMfPeDQ5mwBGb5rAZHtBiBylFmrbH5kxk-aMtWjD3jf_kN4EbVw8B4NiIpV8iCP3BI5Co6AKR7Gfu9lQ16U0g5ixUOOlsy87CZd7QxMZ3JlRiKOhYuKS0oRpCljDlr6Mp1MdIqxOp41bUp0N8TIUss6WQOuCnBWmLiyd38b4L_07S5y-JKjy7vhOOdoezhXA7BJoN3tTcRMZ_159eOmfWnWgu2K_jIC1Ti2pQUcJCZKOWxr3vcxs6AlrodLsVJqTcnMhhRFGufEfN0O1_UUzhZ_y7az0GhhbotsJ6VH3HWXenkXUa8nE65l9bKYqehf8PntT0iS78J9mUEmCa5GitbWCNpm-dE-epO0ZgPs5ZjFBHa_ufGlOlqQfbBR8Aik6w15PrmnijDztO4AdTaE_L0IFUoN8wDft_xdVN2A9AwZ3uuAcSpfarCcle-FQBqnj80S_K6BW9MOIhWuComsBe4f5RPMMcAUA6wyFJSVt9h2xlv0avgzcfGrZI3ogrd_x-n4EHDIgJa9eg1eYigvMEYZMGsYuK427mtx1UzAP9OWvGLpiGd1aoaVqyZhIis9emBS049T8XfmSCUt8_kiCcT90CfB5zmBW2EHq96-DFp_Nnpy3oPsjsEvGDgJjkSQKTly7ip3ouiHtgrQ9yfzLu-Awlgrd-SMUEW5fHuQrsEYLbm9IEHfCxKVgDyWY0LIU-jqZI726K4ifewHlbvDThev9hDjOkraXb7i08HKNf_fRGZW4TSZY94uK25nHbjXwlAGjRVHcW4mzJ4hwQq-cO-EjVQHpnNYy1mePcz8wvPzZFhjAOXosUcZoydN3G63pnVYYroqxE7gs3cQqmIOc3eGki8p3QTJv6qQ5k2znI04f_E-HNbFZp4QIJYJ2MgHv-1rHIxnZ3n-W9Px17AsGbLFfBcAyAWggqPVzOhhhylcvno2JK_3YESehObx7xOXazHhpjropxGdqpIvv2_NhPbwqZ3jLvyIA2cjuTp8bZ60WJ3fFZZCcqSbKcWtFnB0S6LjMacFgXLIOa82Wm1enryICyfl73nW4QcVrKZk5L5kkk0OodB4zWDDzQYqDro8SgHz6-xkyiLWpoL7fsdHknx3TLpkQa53JInkYVJZuPrhjmc2aeYl8eU_jnp9M5wJb5qOh4aMCpUjhjw3uN6GislzmzbnReUzUYNoMKcx-M5kxuCFXPyDzJhIMCQwQ9J062J1GwWZKzbyviGL9DohgsVMbYxTveicxmY_HbmMKQxx84hz41VVUZbfNpTEhUr3FC_0Ray_BgyG9NWjqrDA0hzqESIqnttqUlbYo-kTRTomAeznN0zI80cWxt3-qsDWjlY3q0XLUotQtd-C8LUCQ_NyvX4MbIEV5hxtZuNW-5CJUHC7e20pSYMGYbYWmnybFmbOMgXJDaxRaF-bU8O-cpvuOe5kOgd6zkdZxNcjJOJ4GRFdRz7kaCZqoBP49X1hGxFy0DegLRseTC0&cid=CAQSGwBpAlJWk_xyB0TLxm_IvKNV78IneKOg6Z2-fRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.imgburn.com%2F&ds=l&xdt=1&iif=1&cor=832633140656312800&adk=1964084972&idt=129&cac=0&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 09:04:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
13005
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 09:04:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 20AD 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCc_DyZ66aO884rDVJu6ubPmHYKjN5usGMUyRYWjSZaSOIoDIb0FD7YUVEc5N4HdOW3QCpPtrE-ilerTECkB-1_C5imKkpvjb5tPn_z1kNVQ5Dv2U-BBtrgjhrN_6A9R4OP9ro9X8sELtsWFqyt61STtF3nTVNqWmd4S6tWZl22NPSJk8&dbm_d=AKAmf-C-aMIwCrZfzrTmKFegOdHYhG9bOKRlSgMShpuZeeOO8axcfxdhxhSf8QIHKB9wQRqsOkA71WybWVPFDRGsjIKSlqqq3ic9yLExEaqoZ2peBd-0L7IoZANYa5fHDF2c30v1uUYEzco5yTNkomWRWsuRNO0xl7SN2olL_aPs38E5wIa9PnOHkl3XkIME0FT31XY1IIjAyr9_l_OcnnY-0Gkayz-D0eZpzG0bFDkVRTms4RfIMkm40l6YUcJfFLbAnb9rvZ9wyWjLOyvmFJ3KFqfj7rO7boRjQqKbbgxpV0Px_R9oftc8scOkSSLBSIZjGd6Z-kbdiwA_rIJgX-oeomOEYKjjughxRHFUj4mfCis0ABzpcNJ1LO337p3UU6owCKtZnEofHUYkYigD0AWkg2b-3Eix_aIunnfvOrJW4GctTfR6L42Pjl6fku4oyLk85HfLqfMPE7ew6LUnfyAQU1438ujAZKtmA6YXO7ad_njDGbyT5vX66Dc1m7K8uVP_2tELHODi2jbmExXzROVVVKQwLmG8QwOn64SshTeAW8AC1MIrWGcVt2UXPUJAus12gi6CAGLie7bVUcliz8aI7IUPfPm-BzkXz9VWYlfZ6KGoCza4uHYahHwmkEHEh87lgi_de0_Ng1z1W0FRszj0QsY4bwPtRzRWNB1ifly1ynF35oS9FV9e8RBRHGly5kgAPvhvCxHJ_2kwlJg7lrgjg4zY_0uglEA9T6pQZqdQYrOrKY1Y81XFjV1A3ba9cfn_IZ0SRi6uN0UHIo8Tfon3y814J573NvVkl3qhzS_7M86QJByppS7kmahYRd9PWWDTMjEcPOqTloumzhHTeA7AGMN9lQ2-WG31NcfLHo794HO18RqwWd0VzI3q68rbOrG8KJg2CdHBSq1bIvLE4sVb-qmSP01fQI5PkrG_Z0qcZJa3smovGBhU49QIOpJ0pMMXwK0zM0JpATh2GT6EdI6_-OxbzLSE5TJvVwJGJF1mT0r6eZwfaVcahTWW993MCZBfMort8AxaXNO9-JaInleq6Ls_68RL2u_hwOLA2CYK6w1rS83-ym755e-iNMpTW3d3HdwjJCLBItOu0lIkOf_OjJ_0wy4GoIkV0LaEPKm0topBMi7C7MFSbKJ4nxmA3ojkrc4sFGleAq0QXPgshKQWDpI1NROTrQa7ELEXMpk5dVM_Zfarh63tdwdGpnLQt9o3PykHQcU0isuZxB8SmcBkyFbw_dhQwPykkoLrh9hMX-lWlwTH_bNII4OyZmeqUu0hKR6Gqb4yL3L-PMJxVRWcZ_frbKBNpiC6yNPLN6OJKGxtsNUdcPlRP4uydSclP_E65eCA2qzSM8DenhF7gBdkGym_azRNG9ZL7JjNea2jzP4t-6ZgP6QwisYxVQJ9VneCQ2P2RNKlNl6Dp7yHLG_mqZ3ZxR8fiN4Y0-eEGKRoJfZiRRD1q_hBHm2kgL5hG0ygXofnMCX9mk3DD3q_dN5vier8uBHfGVUf-U45m9gPQjrFe8MqG7ic6K93kCqovVfXw-LINxncpYHt6bYQPY-Lsp4SgfFBgvuSjnlYQlZJN5QZArwhAz3TeGp7KWu7LFnlXvW7YvKymkdQ6hn2q_E0Poyu8ajaroDkNyYzyUrvS9Igio8HAXxDZelvKj-UhvyGhSLORb21fewTnSQw6rHFNNmVpIriE4RHswtw_QE7wlScFMm5pswChJ--57L2jKbiiMdPVZ9v00wzYrhH3fIBwplnhOKZR3lyxgFqinArHMjhTTqP3sx6NEFX7dMAdDutuZML2fmiDo3x2ZH7S-HrMmFotC7Y0apVNfYUxEGdb6Ys_-WchzpLOl3trFPkIAGN-7o3YwOx5jwGZqVWAuMMHBHg5iZTLmRn7LJzxceCUPihaBf_o8amM4ZOHkriT4Qnsmz1oaNMVUnF4TU009n0NGtlvMUiq6UkwlO4y6ImC1-KUtlbCEFDOLjKd9w2IIVGIC8CU9UEcsLmn6GKYUvvMegs8JRVvjmLWfO2mUhpk3Luzm3zkOQlKhG6F4HYoh3FxrT-JWxvH4pTpvdiGiiNvaFIEwtpKE9QgqcrzLMfPeDQ5mwBGb5rAZHtBiBylFmrbH5kxk-aMtWjD3jf_kN4EbVw8B4NiIpV8iCP3BI5Co6AKR7Gfu9lQ16U0g5ixUOOlsy87CZd7QxMZ3JlRiKOhYuKS0oRpCljDlr6Mp1MdIqxOp41bUp0N8TIUss6WQOuCnBWmLiyd38b4L_07S5y-JKjy7vhOOdoezhXA7BJoN3tTcRMZ_159eOmfWnWgu2K_jIC1Ti2pQUcJCZKOWxr3vcxs6AlrodLsVJqTcnMhhRFGufEfN0O1_UUzhZ_y7az0GhhbotsJ6VH3HWXenkXUa8nE65l9bKYqehf8PntT0iS78J9mUEmCa5GitbWCNpm-dE-epO0ZgPs5ZjFBHa_ufGlOlqQfbBR8Aik6w15PrmnijDztO4AdTaE_L0IFUoN8wDft_xdVN2A9AwZ3uuAcSpfarCcle-FQBqnj80S_K6BW9MOIhWuComsBe4f5RPMMcAUA6wyFJSVt9h2xlv0avgzcfGrZI3ogrd_x-n4EHDIgJa9eg1eYigvMEYZMGsYuK427mtx1UzAP9OWvGLpiGd1aoaVqyZhIis9emBS049T8XfmSCUt8_kiCcT90CfB5zmBW2EHq96-DFp_Nnpy3oPsjsEvGDgJjkSQKTly7ip3ouiHtgrQ9yfzLu-Awlgrd-SMUEW5fHuQrsEYLbm9IEHfCxKVgDyWY0LIU-jqZI726K4ifewHlbvDThev9hDjOkraXb7i08HKNf_fRGZW4TSZY94uK25nHbjXwlAGjRVHcW4mzJ4hwQq-cO-EjVQHpnNYy1mePcz8wvPzZFhjAOXosUcZoydN3G63pnVYYroqxE7gs3cQqmIOc3eGki8p3QTJv6qQ5k2znI04f_E-HNbFZp4QIJYJ2MgHv-1rHIxnZ3n-W9Px17AsGbLFfBcAyAWggqPVzOhhhylcvno2JK_3YESehObx7xOXazHhpjropxGdqpIvv2_NhPbwqZ3jLvyIA2cjuTp8bZ60WJ3fFZZCcqSbKcWtFnB0S6LjMacFgXLIOa82Wm1enryICyfl73nW4QcVrKZk5L5kkk0OodB4zWDDzQYqDro8SgHz6-xkyiLWpoL7fsdHknx3TLpkQa53JInkYVJZuPrhjmc2aeYl8eU_jnp9M5wJb5qOh4aMCpUjhjw3uN6GislzmzbnReUzUYNoMKcx-M5kxuCFXPyDzJhIMCQwQ9J062J1GwWZKzbyviGL9DohgsVMbYxTveicxmY_HbmMKQxx84hz41VVUZbfNpTEhUr3FC_0Ray_BgyG9NWjqrDA0hzqESIqnttqUlbYo-kTRTomAeznN0zI80cWxt3-qsDWjlY3q0XLUotQtd-C8LUCQ_NyvX4MbIEV5hxtZuNW-5CJUHC7e20pSYMGYbYWmnybFmbOMgXJDaxRaF-bU8O-cpvuOe5kOgd6zkdZxNcjJOJ4GRFdRz7kaCZqoBP49X1hGxFy0DegLRseTC0&cid=CAQSGwBpAlJWk_xyB0TLxm_IvKNV78IneKOg6Z2-fRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.imgburn.com%2F&ds=l&xdt=1&iif=1&cor=832633140656312800&adk=1964084972&idt=129&cac=0&dtd=19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 13:54:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
82016
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Sep 2023 13:54:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 20AD 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.1 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 07:22:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
19165
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Aug 2024 07:22:11 GMT
truncated
/ Frame 20AD 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2390bdb541162fb1ae14cddfd0de092daa69813ea20a99798c72f6e4fb5dfa00

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9371 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.1 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
19165
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:22:11 GMT
expires
Wed, 28 Aug 2024 07:22:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html
s0.2mdn.net/sadbundle/1721720041608348677/ Frame 3092 		33 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
4d77fe9faa6a941fa9a2d3eb01fcb8cdeeabf2098e970258fc968ccfd887ef06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
489155
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
7205
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Aug 2023 20:49:01 GMT
expires
Thu, 22 Aug 2024 20:49:01 GMT
last-modified
Thu, 03 Aug 2023 12:20:13 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 98EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssuWxnHHD2Lqk-uRSURXDoqoM9Dg_nFFK6E0P3T4Atzg1JZbFKfkbYdpjRkQGpCB3cgfAqnp_xzST_TImj0k_B4wt5C3jXHANtUjJ01KQtLSiEOuLsoseUMvIXf1ElZtXEKSSQc_bgbeRkekePJqQ024lUQ95u_Uklbr8uTumZ73LWwEAVep35tIn0myezw4E3HEcwhGjEgJzbFF3jDZeHHXxr9o8jIKVGyCpCSZTvmk-4I3Zeg9hfVj2_cnLtDixUEgnhStVphaRX_ZIL8PqsfWo3WspXHq9jfsMk-VijMcjTr7dqt3hSaon1NcNqRlqJuPtzFqg5CXrAnLn4qlPPhArLYg1dy4CgszpCtlGCFdxTIkTko0tzmj3GdST9xEfLDifV51L40h8Kac8B0aSlvS7iCFeApnshWj8q12-79izGTsUs9PYzmc5g834V-wIq_at-XNjWYyneTGs3ID53RRqoR4fc0JDxDJW_1dePJiKJImYAuD8q5jSo6XZjL4xlJ2ts-cqq0ljn5t0ONYO7nZrEiUkdNcBKjDn_mB6baswymgRmMPEpd6YV4TQ87jHCmTVQ152bpjrV8E7JIKw2KvpIMTDoYNSqC-BElyX97TR17g-HmIv59Db6s4pzZ6AikWhv2bE3Q9tazubwAzk4OvKMp72dnt4y-QD-ovnDg5-fmzNk2ecze1LuAYYVxbm4wJ5p8xVQ5wtwusFCjL8vs2fGSePg5wei-8xSsZ-glcFvDCAlZszAERltu2JLeh_B0WpO7Zq2p5ZWybupMQ8Ey60cqsohUn6Ua-4J5WEkKNCI33Dkd6wfITGdwo2NySF3GDeF6fhR0LXC3MDvOaF2mgUVeuNJ_HmeDfu6lnKsvMfyFsxTg0ujTIZNtv1qVIRB7HIrDpd7MWgEuTpBeqzB6PFoO8nKi9a040HeTr12bixwELnUlp2xJeWmrw9hdvvUufvuhOTl_Knny8Mpihq0unNP6jGsUMoWb9aHyVE4KpTpVyK_n2LXiKPc0VlXGiCLYdWa07EYuz-oH5TRLrcs6py4dNoWLjKnJgdMTnvJTwXdxdj6oOB4nh2GdNgWge0rh_RlLDb5DP2kuJpoElVJyduPchq9CODOlnnX0VF0A7Vl1_JRuos4sX1B3QkELyNGCm_i27-1aLl1YKtLoo22Y8SF0tFkh-BRKJPgZUYkdgLowOioSwf7_JQIaZYpvXsy-cNIozRH7bRxyrRVjJIhsJgCaX1FTxVf_yu-fAcfkthwiu29c8pRY70LV1CoEYfO2Zy3hlpcTnTWgM9URrO_XdslX1yLD_vzn1xSx78wRaw&sai=AMfl-YRtnELyEuMiZessKriXcl-7JiwqRzbEaLK81dKT_MzLcK7rWAt1eD5LN21bSqTVL5OTLVWMrrzI8EDajQeBak3Rk5imC_6xoyYRkq7k6sayMGxptlu3f_YDJCwtXxnPB_QSNFYnTvyMfUrDx_xmpYDEOJdri285V0qm7dQOTHbtSQrwVLNlKsRBuLocc4JfAFQ07Wb2hShjQg&sig=Cg0ArKJSzAdf420OZrkgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=346&cbvp=1&cstd=341&cisv=r20230828.36283&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 29 Aug 2023 12:41:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:41:36 GMT
pixel.gif
tracker.samplicio.us/tracker/395c7f6c-7ab7-4f7b-84f5-9003daf0de2d/ Frame 98EA 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.samplicio.us/tracker/395c7f6c-7ab7-4f7b-84f5-9003daf0de2d/pixel.gif?sid=5775970&pid=371815688&crid=196016914&cachebuster=3231974371&device_id=AMsySZa5EKWPgnfXPHM6VYbjOj2A&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=600&slotname=8247945657&adk=386267200&adf=1084831798&pi=t.ma~as.8247945657&w=160&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894846&bpp=236&bdt=212&idt=487&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=118&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mPUpxSqOW9&p=https%3A//www.imgburn.com&dtd=500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.238.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-238-237.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:36 GMT
strict-transport-security
max-age=604800
x-ratelimit-reset
0
x-ratelimit-limit
0
content-length
35
x-ratelimit-remaining
0
content-type
image/gif
img
vid1051.d41.co/sync/ Frame 98EA 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid1051.d41.co/sync/img?req=vid1051&cust=90&p1=30299783&p2=5775970&p3=371815688&p4=&p5=&p6=&p7=&p8=&p9=&p10=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=600&slotname=8247945657&adk=386267200&adf=1084831798&pi=t.ma~as.8247945657&w=160&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894846&bpp=236&bdt=212&idt=487&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=118&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mPUpxSqOW9&p=https%3A//www.imgburn.com&dtd=500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.97.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-97-221.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Expect-CT
max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif; charset=ISO-8859-1
access-control-allow-origin
https://googleads.g.doubleclick.net
Cache-control
no-store
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
verify.js
rtb0.doubleverify.com/ Frame 98EA 		451 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?ctx=3886119&cmp=30299783&sid=5775970&plc=371815688&crt=196016914&advid=9683783&adsrv=1&mon=1&blk=1&dvp_cawf=crtwrp&cm360cw=1&unit=160x600&adid=&app=&dup=&gmnpo=&isdvvid=&supplySource=&tagtype=&aUrlD=0&brid=3&bridua=3&brver=116.0.5845.110&brh=2&vavbkt=&lvvn=28&fcifrms=8&winh=600&winw=160&chro=1&noc=4&wouh=1200&wouw=1600&htmlmsging=1&refD=1&scah=1200&scaw=1600&jsver=4555&uid=1693312896358354&srcurlD=0&ttfrms=78&num=6&dvp_isOnHead=0&flvr=1&ver=4555&jsCallback=__verify_callback_1693312896358354&jsTagObjCallback=__tagObject_callback_1693312896358354&ssl=1&dvf=&m1=13&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=390712873283.49414&dvp_tukv=193910896.59383577&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3A%3E83FC%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3A%3E83FC%3F%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0434161978769668%26output%3Dhtml%26h%3D600%26slotname%3D8247945657%26adk%3D386267200%26adf%3D1084831798%26pi%3Dt.ma~as.8247945657%26w%3D160%26lmt%3D1693338095%26url%3Dhttps%253A%252F%252Fwww.imgburn.com%252Findex.php%253Fact%253Dinstallation_complete%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693312894846%26bpp%3D236%26bdt%3D212%26idt%3D487%26shv%3Dr20230828%26mjsv%3Dm202308230101%26ptt%3D5%26saldr%3Dsd%26abxe%3D1%26prev_slotnames%3D2600873847%26correlator%3D6339338955503%26frm%3D20%26pv%3D1%26ga_vid%3D325450137.1693312895%26ga_sid%3D1693312895%26ga_hid%3D637353611%26ga_fc%3D1%26u_tz%3D-420%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D118%26ady%3D459%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759837%252C44759875%252C31077327%252C31077369%252C44795921%252C44800951%252C31076998%26oid%3D2%26pvsid%3D4388446577445182%26tmod%3D259001761%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DmPUpxSqOW9%26p%3Dhttps%253A%2F%2Fwww.imgburn.com%26dtd%3D500
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
dfc21cad10d3faf831f6064eb186dff6642cc933bd8619519111f62de6fa448d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:36 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
08/28/2023 12:41:36
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9447 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.1 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
19165
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 07:22:11 GMT
expires
Wed, 28 Aug 2024 07:22:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
verify.js
rtb0.doubleverify.com/ Frame 20AD 		450 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?ctx=3886119&cmp=30299783&sid=5775970&plc=372257451&crt=197471409&advid=9683783&adsrv=1&mon=1&blk=1&dvp_cawf=crtwrp&cm360cw=1&unit=728x90&adid=&app=&dup=&gmnpo=&isdvvid=&supplySource=&tagtype=&aUrlD=0&brid=3&bridua=3&brver=116.0.5845.110&brh=2&vavbkt=&lvvn=28&fcifrms=8&winh=90&winw=728&chro=1&noc=4&wouh=1200&wouw=1600&htmlmsging=1&refD=1&scah=1200&scaw=1600&jsver=4555&uid=1693312896487418&srcurlD=0&ttfrms=34&num=6&dvp_isOnHead=0&flvr=1&ver=4555&jsCallback=__verify_callback_1693312896487418&jsTagObjCallback=__tagObject_callback_1693312896487418&ssl=1&prndr=1&dvf=&m1=13&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=347739738.6609095&dvp_tukv=387971309045.0523&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3A%3E83FC%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3A%3E83FC%3F%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0434161978769668%26output%3Dhtml%26h%3D90%26slotname%3D7670992764%26adk%3D3136083826%26adf%3D3911310050%26pi%3Dt.ma~as.7670992764%26w%3D728%26lmt%3D1693338095%26url%3Dhttps%253A%252F%252Fwww.imgburn.com%252Findex.php%253Fact%253Dinstallation_complete%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693312894968%26bpp%3D115%26bdt%3D334%26idt%3D383%26shv%3Dr20230828%26mjsv%3Dm202308230101%26ptt%3D5%26saldr%3Dsd%26abxe%3D1%26prev_slotnames%3D2600873847%252C8247945657%26correlator%3D6339338955503%26frm%3D20%26pv%3D1%26ga_vid%3D325450137.1693312895%26ga_sid%3D1693312895%26ga_hid%3D637353611%26ga_fc%3D1%26u_tz%3D-420%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D553%26ady%3D418%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759837%252C44759875%252C31077327%252C31077369%252C44795921%252C44800951%252C31076998%26oid%3D2%26pvsid%3D4388446577445182%26tmod%3D259001761%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DwD6OOAlKAz%26p%3Dhttps%253A%2F%2Fwww.imgburn.com%26dtd%3D392
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
f6108b1c241558428ee19e001bb88b10c3da1172243be1f5e800690667815948

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:36 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
08/28/2023 12:41:36
bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html
s0.2mdn.net/sadbundle/9379432914417958990/ Frame B3D3 		35 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
9af009076a6504a56dd242ac1335998bdf83174a4d478fc8dfc2093802840c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
375097
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
6310
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Aug 2023 04:29:59 GMT
expires
Sat, 24 Aug 2024 04:29:59 GMT
last-modified
Wed, 23 Aug 2023 13:19:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 20AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrQy1iusik3qgsFdSJFc3DocIJx9IH8fMNJpZ8q5zgulEz3Lv3we7GuDOIEvhtuU9Jzjfy8-FgJR1fsdzxIsuWBN4REe6p_O0vCHwIIveNznNxPuCVtIBX05-f9J1vAkzFniC-twC3N0YZA4c5-STI2FHuA6sqfy6qDHlLwrzDKXEcddHYLjZAhIMwMmR7jq2J6MXlTu1TdJ0MDV1IHyS6oigb8_qqeh9iLBE2hiA1qEDLgSFQo4w4bvIpmVRmWCoZITKbs3jtEa1-5NKWG0foz2OCgjnVcOVsuBS-qfvO6XRfwJHYONMRmp89xY4JJBzdV-AtBZ11jrwYaxl5ekDMWQU5lBEx-x-IIOWP0oTyxpCqwkBcVOx3gOpJGQJQtGmm4lxh7aBFlYmsphItaURjh28wCnHWbhBj6AxUmG5FkymEAP150PRgkIadNVUE1bgrLsVbdlyEYwBSAeVD7cEK0pS4dodbOoaU9TBxoPi4djZBss1H46owttWKS9LgfS_JQNy-55WbSYY_0gepzbTOpZ9Grqg8F7RkdgT2fN8mFq3ow7eMz3zwSYaRWRVz0wZFsx__Kmc6pylnVBw9eRTEaRfNsAETuHQsn-9Y8vsEoc0Z70XB6jcDrYcsSZv_kpeJOlYrspcrAS84gRUkz3cKpuQ0KPObdgVVUdTttqBq_O-JaXG7DfNGDysh3ZIjwxB-kjIS5XhlyBrdpY12uxKjXrrNAnDztRcjyjIc4AIevF933VB4d-CokPuc_jeYb0-LqfUxMqFTFgkWATtQBHdyeTRbwspPDEsxlfoe4SQzcEjFhZi8l5eVvTwUm_4_nrCFgipVNXjl7J95sIN53Nuv5t_QAmeUI0iWZhvCEUCFC-0DWaXIFakqiLG7XQiq13xVGq1aClWQdOzAyXF3BC_AvWYCDF1hKQMgQpQoDYjWQglzc18_F9i146On6kjyoJiWf4qOZcRYf5jxSZCkC4e6l5mfDtz_gT2All_zXDOw6tgYl7AUqaEa2-Orq6p5RKRQb1Vl6JjWVAlK6P_byXjDQunznsZsQ60d8y5EL6x3JDG8Q01pS3RZAiEO8wir6-smAypYPZUDkZmYVe2TZVqfyApkb9pL3Dk2a2SKVC0nD48iiTRU1-1cQF1TlP4PEB7aF4GAG06cLEcar_OdgKI-W7_m_rMt4CYjhwS1E7p-POexWiTuHsFLRmd26ntLzj7JV1Q3KMq2a54GlKWFC7GGmMZvlWRLn2hWVmvLl0ZszNESaSuHp1nIuT6D3kIOh_A3EzFHufWFrRLhQAUzkOCuXkxqDH3622VsYgj8_w&sai=AMfl-YT7qayZBG1aFKhi-IOEi8M4t5QJ-5LMlqPWqAn_DoK3tWIpT4bGVzOcyxD3zIIcRQ-MB6SmJnfTzLxc1wsZgByr3HdMPknhuykGqdA08GIuvnR5XQNFToS_sg60dpfyJQBN0RFBPZAjE8V9ZI2SCo-K0bLU9wUOQvveQyrS-OhLuvcg8H9Q3tlxTcWroAZagZcIT1kAXCbbKQ&sig=Cg0ArKJSzAaqh43mmRDeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=344&cbvp=1&cstd=340&cisv=r20230828.23824&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 29 Aug 2023 12:41:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Tue, 29 Aug 2023 12:41:36 GMT
img
vid1051.d41.co/sync/ Frame 20AD 		43 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid1051.d41.co/sync/img?req=vid1051&cust=90&p1=30299783&p2=5775970&p3=372257451&p4=&p5=&p6=&p7=&p8=&p9=&p10=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=90&slotname=7670992764&adk=3136083826&adf=3911310050&pi=t.ma~as.7670992764&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894968&bpp=115&bdt=334&idt=383&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847%2C8247945657&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=553&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wD6OOAlKAz&p=https%3A//www.imgburn.com&dtd=392
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.97.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-97-221.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Expect-CT
max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif; charset=ISO-8859-1
access-control-allow-origin
https://googleads.g.doubleclick.net
Cache-control
no-store
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
pixel.gif
tracker.samplicio.us/tracker/395c7f6c-7ab7-4f7b-84f5-9003daf0de2d/ Frame 20AD 		35 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.samplicio.us/tracker/395c7f6c-7ab7-4f7b-84f5-9003daf0de2d/pixel.gif?sid=5775970&pid=372257451&crid=197471409&cachebuster=408961827&device_id=AMsySZa5EKWPgnfXPHM6VYbjOj2A&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0434161978769668&output=html&h=90&slotname=7670992764&adk=3136083826&adf=3911310050&pi=t.ma~as.7670992764&w=728&lmt=1693338095&url=https%3A%2F%2Fwww.imgburn.com%2Findex.php%3Fact%3Dinstallation_complete&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693312894968&bpp=115&bdt=334&idt=383&shv=r20230828&mjsv=m202308230101&ptt=5&saldr=sd&abxe=1&prev_slotnames=2600873847%2C8247945657&correlator=6339338955503&frm=20&pv=1&ga_vid=325450137.1693312895&ga_sid=1693312895&ga_hid=637353611&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=553&ady=418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077327%2C31077369%2C44795921%2C44800951%2C31076998&oid=2&pvsid=4388446577445182&tmod=259001761&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wD6OOAlKAz&p=https%3A//www.imgburn.com&dtd=392
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.238.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-238-237.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:36 GMT
strict-transport-security
max-age=604800
x-ratelimit-reset
0
x-ratelimit-limit
0
content-length
35
x-ratelimit-remaining
0
content-type
image/gif
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.0.2/ Frame 3092 		113 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.0.2/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009bf00d3831fb62595adb20e170ed288d8a157493fb6028b1888b05875ed8f3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5872416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33806
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1c56a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pSR6rD89sCRA8px0iA2D%2Byt0cQxs2pfoTBujiuZo00Nqh0PgOOWlC9%2Biok55%2FvzQWTH7zsDYbhmUeGGyZTN4HFxyRUHH%2FckjfiGBjG5RFLdUzQ83%2FcoH7b8FndmWwSbwvwf7vBK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fe4de84083336f9-YYZ
expires
Sun, 18 Aug 2024 12:41:36 GMT
css
fonts.googleapis.com/ Frame 3092 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.170 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
ESF /
Resource Hash
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Aug 2023 12:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 11:03:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Aug 2023 12:41:36 GMT
bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_lifestyle_rev.jpg
s0.2mdn.net/sadbundle/1721720041608348677/ Frame 3092 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_lifestyle_rev.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
f72744931dddf1d1ae7162cf5bc74fbf63e9cd9e1261058f4141bfafc9f533b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 11:06:43 GMT
x-content-type-options
nosniff
age
524093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32535
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 12:20:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Aug 2024 11:06:43 GMT
bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_fr6_dell_logo.png
s0.2mdn.net/sadbundle/1721720041608348677/ Frame 3092 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_fr6_dell_logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
f3e54e225d04ed7f6bf7b4bdf70dd4ae30d15e57e194e1e95bbec5dfe0465567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 00:40:18 GMT
x-content-type-options
nosniff
age
475279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2968
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 12:20:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 00:40:18 GMT
bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_funding.png
s0.2mdn.net/sadbundle/1721720041608348677/ Frame 3092 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_funding.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
118546603f93a68c8c3135809dbbfc5f8c87ca3339c86d89b1af25d0755016ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 10:48:47 GMT
x-content-type-options
nosniff
age
525170
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2280
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 12:20:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Aug 2024 10:48:47 GMT
bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_fr3.jpg
s0.2mdn.net/sadbundle/1721720041608348677/ Frame 3092 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_fr3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
62ff4cbaca7ae19c7d8674c0792ca4da8ce8d3b052ccbbedeec628d03420fc9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 22:21:31 GMT
x-content-type-options
nosniff
age
483606
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13298
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 12:20:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Aug 2024 22:21:31 GMT
bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_fr4.jpg
s0.2mdn.net/sadbundle/1721720041608348677/ Frame 3092 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_fr4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
567c8a013b53241e918ca1c0d71b292e64bd67024067f8d638996d9ba6642c7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 12:24:02 GMT
x-content-type-options
nosniff
age
519455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9431
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 12:20:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Aug 2024 12:24:02 GMT
bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_fr5.jpg
s0.2mdn.net/sadbundle/1721720041608348677/ Frame 3092 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_fr5.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
f782cf7685d3655d3f10d995d59be6bfab30f56930c28945a4a3993f0e087126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 17:58:35 GMT
x-content-type-options
nosniff
age
499382
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7993
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 12:20:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Aug 2024 17:58:35 GMT
bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_f6_lifestyle_ph.png
s0.2mdn.net/sadbundle/1721720041608348677/ Frame 3092 		371 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_f6_lifestyle_ph.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
653e69a70b22ef827db51cb7d3a556344ada7bcef637221642834be41dd5b9c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 17:58:35 GMT
x-content-type-options
nosniff
age
499382
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
371
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 12:20:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Aug 2024 17:58:35 GMT
bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_f6_product_ph.png
s0.2mdn.net/sadbundle/1721720041608348677/ Frame 3092 		427 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_f6_product_ph.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
657c8f5e61da3195fa9997eafb2d1a664585ac17cc344b45be498ed37fb96b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 22:18:26 GMT
x-content-type-options
nosniff
age
483791
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
427
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 12:20:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Aug 2024 22:18:26 GMT
bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_close_blue.png
s0.2mdn.net/sadbundle/1721720041608348677/ Frame 3092 		206 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_close_blue.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
d3cfdadf2ed8415690eb8cfae9789390ef5699bdf7ee5a4595f59dda44702fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1721720041608348677/bb2403r0002_015_680689_ca_csis_mb_pmb_fy24q3w1_oa_evg1_jsos_160x600_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 20:08:33 GMT
x-content-type-options
nosniff
age
491584
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 12:20:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Aug 2024 20:08:33 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.0.2/ Frame B3D3 		113 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.0.2/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009bf00d3831fb62595adb20e170ed288d8a157493fb6028b1888b05875ed8f3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5872416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33806
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1c56a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIiVEw6ushI%2Fr4UYMCCsKrcnnoNdOYnWBrsXubfFUjkCoP2bvM1OqgsswGJBX0BLi6QKv0G1mqXkQ1UDzvVlcjHjEFNuTORfBtkg2TdgZ5gamOMbWLcstXfH2b6VHEIcv3NRgfTV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fe4de84083836f9-YYZ
expires
Sun, 18 Aug 2024 12:41:36 GMT
css
fonts.googleapis.com/ Frame B3D3 		12 KB
938 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.170 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f10.1e100.net
Software
ESF /
Resource Hash
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Aug 2023 12:41:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 11:07:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Aug 2023 12:41:36 GMT
bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_f1_product.png
s0.2mdn.net/sadbundle/9379432914417958990/ Frame B3D3 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_f1_product.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
5ac23acf3d3102f61032ea63557943b9f8fc68e44d6db741d5951b817ba8b1a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:29:59 GMT
x-content-type-options
nosniff
age
375097
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17724
x-xss-protection
0
last-modified
Wed, 23 Aug 2023 13:19:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 04:29:59 GMT
bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_dell_tech.png
s0.2mdn.net/sadbundle/9379432914417958990/ Frame B3D3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_dell_tech.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
f99538cc65a64e27f3ed95e82eea47e0ecd4064867f7d6dbe22e531fed7c1388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:29:59 GMT
x-content-type-options
nosniff
age
375098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2658
x-xss-protection
0
last-modified
Wed, 23 Aug 2023 13:19:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 04:29:59 GMT
bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_funding_logo.png
s0.2mdn.net/sadbundle/9379432914417958990/ Frame B3D3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_funding_logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
29747b75b432998f6f2fd524947e83f8faea37785470a1c26b440c8e8caf0773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:29:59 GMT
x-content-type-options
nosniff
age
375098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2280
x-xss-protection
0
last-modified
Wed, 23 Aug 2023 13:19:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 04:29:59 GMT
bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_f2_lifestyle.jpg
s0.2mdn.net/sadbundle/9379432914417958990/ Frame B3D3 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_f2_lifestyle.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
b39d4a7d3007bd5a6cda643eb738bc9d71b94fa04bc6a9606835eb357da1e714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:29:59 GMT
x-content-type-options
nosniff
age
375098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47228
x-xss-protection
0
last-modified
Wed, 23 Aug 2023 13:19:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 04:29:59 GMT
bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_f3_product.png
s0.2mdn.net/sadbundle/9379432914417958990/ Frame B3D3 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_f3_product.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
7c78e3a4a72e293e9b6641df965b63ba6ce953de9afb40dd03a3586637430814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:29:59 GMT
x-content-type-options
nosniff
age
375098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19190
x-xss-protection
0
last-modified
Wed, 23 Aug 2023 13:19:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 04:29:59 GMT
bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_f4_product.png
s0.2mdn.net/sadbundle/9379432914417958990/ Frame B3D3 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_f4_product.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
9a29541742b6f31c8e59034e10cc3e4989f1a65dd567941a6a80fcb974575817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:29:59 GMT
x-content-type-options
nosniff
age
375098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12879
x-xss-protection
0
last-modified
Wed, 23 Aug 2023 13:19:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 04:29:59 GMT
bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_f5_product.png
s0.2mdn.net/sadbundle/9379432914417958990/ Frame B3D3 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_f5_product.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
93833aecdaacd6554d2779e5cd994d927a13ace6c07d38cdca646f530bc15c16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:29:59 GMT
x-content-type-options
nosniff
age
375098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16317
x-xss-protection
0
last-modified
Wed, 23 Aug 2023 13:19:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 04:29:59 GMT
bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_f6_product.png
s0.2mdn.net/sadbundle/9379432914417958990/ Frame B3D3 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_f6_product.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
fa78bb1af9d2fde73729c485f77bb0f30fd71ef6adb2ed1a2dc1dd5cdd14c03e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:29:59 GMT
x-content-type-options
nosniff
age
375098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16529
x-xss-protection
0
last-modified
Wed, 23 Aug 2023 13:19:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 04:29:59 GMT
bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_close_blue.png
s0.2mdn.net/sadbundle/9379432914417958990/ Frame B3D3 		206 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_close_blue.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
d3cfdadf2ed8415690eb8cfae9789390ef5699bdf7ee5a4595f59dda44702fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:29:59 GMT
x-content-type-options
nosniff
age
375098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
x-xss-protection
0
last-modified
Wed, 23 Aug 2023 13:19:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 04:29:59 GMT
M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js
pagead2.googlesyndication.com/bg/ Frame 9371 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
33e1de165482304fe4e4f87b957b4c73d2be6d0d5d944955b0c94d37446ee2e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 14:20:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
512439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14677
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 14:20:57 GMT
F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
pagead2.googlesyndication.com/bg/ Frame 9447 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 14:15:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
512760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14626
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 14:15:36 GMT
visit.js
tps.doubleverify.com/ Frame 98EA 		723 B
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=1&ttmms=26&ttfrms=78&brid=3&brver=116.0.5845.110&bridua=3&bds=1&tstype=144&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3A%3E83FC%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3A%3E83FC%3F%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=576&ddur=219&uid=1693312896358354&jsCallback=dvCallback_1693312896358781&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=160&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4555&tgjsver=4555&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0434161978769668%26output%3Dhtml%26h%3D600%26slotname%3D8247945657%26adk%3D386267200%26adf%3D1084831798%26pi%3Dt.ma~as.8247945657%26w%3D160%26lmt%3D1693338095%26url%3Dhttps%253A%252F%252Fwww.imgburn.com%252Findex.php%253Fact%253Dinstallation_complete%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693312894846%26bpp%3D236%26bdt%3D212%26idt%3D487%26shv%3Dr20230828%26mjsv%3Dm202308230101%26ptt%3D5%26saldr%3Dsd%26abxe%3D1%26prev_slotnames%3D2600873847%26correlator%3D6339338955503%26frm%3D20%26pv%3D1%26ga_vid%3D325450137.1693312895%26ga_sid%3D1693312895%26ga_hid%3D637353611%26ga_fc%3D1%26u_tz%3D-420%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D118%26ady%3D459%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759837%252C44759875%252C31077327%252C31077369%252C44795921%252C44800951%252C31076998%26oid%3D2%26pvsid%3D4388446577445182%26tmod%3D259001761%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DmPUpxSqOW9%26p%3Dhttps%253A%2F%2Fwww.imgburn.com%26dtd%3D500&fcifrms=8&brh=2&dvp_epl=182&noc=4&nav_pltfrm=Win32&ctx=3886119&cmp=30299783&sid=5775970&plc=371815688&crt=196016914&adsrv=1&advid=9683783&unit=160x600&bsimpid=7b30e5b94cf94e5ba6c9b65c936ba554&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&mon=1&blk=1&dvp_cawf=crtwrp&cm360cw=1&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=390712873283.49414&dvp_tukv=193910896.59383577&dvp_tuid=848592335438&jurtd=3338512669
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
29d7ecbb3238f9f7e179ed3d04f0b6ba77d689150b166e2564e366dbd8456cf2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:36 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
08/28/2023 12:41:36
visit.js
tps.doubleverify.com/ Frame 20AD 		723 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=1&ttmms=17&ttfrms=34&brid=3&brver=116.0.5845.110&bridua=3&bds=1&tstype=144&prndr=1&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3A%3E83FC%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3A%3E83FC%3F%5D4%40%3ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=778&ddur=53&uid=1693312896487418&jsCallback=dvCallback_1693312896487641&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4555&tgjsver=4555&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0434161978769668%26output%3Dhtml%26h%3D90%26slotname%3D7670992764%26adk%3D3136083826%26adf%3D3911310050%26pi%3Dt.ma~as.7670992764%26w%3D728%26lmt%3D1693338095%26url%3Dhttps%253A%252F%252Fwww.imgburn.com%252Findex.php%253Fact%253Dinstallation_complete%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693312894968%26bpp%3D115%26bdt%3D334%26idt%3D383%26shv%3Dr20230828%26mjsv%3Dm202308230101%26ptt%3D5%26saldr%3Dsd%26abxe%3D1%26prev_slotnames%3D2600873847%252C8247945657%26correlator%3D6339338955503%26frm%3D20%26pv%3D1%26ga_vid%3D325450137.1693312895%26ga_sid%3D1693312895%26ga_hid%3D637353611%26ga_fc%3D1%26u_tz%3D-420%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D553%26ady%3D418%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759837%252C44759875%252C31077327%252C31077369%252C44795921%252C44800951%252C31076998%26oid%3D2%26pvsid%3D4388446577445182%26tmod%3D259001761%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257Cp%26abl%3DXS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26xpc%3DwD6OOAlKAz%26p%3Dhttps%253A%2F%2Fwww.imgburn.com%26dtd%3D392&fcifrms=8&brh=2&dvp_epl=182&noc=4&nav_pltfrm=Win32&ctx=3886119&cmp=30299783&sid=5775970&plc=372257451&crt=197471409&adsrv=1&advid=9683783&unit=728x90&bsimpid=aa410cbc9edf42ee88231f2786985985&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&mon=1&blk=1&dvp_cawf=crtwrp&cm360cw=1&dvp_rcp=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=347739738.6609095&dvp_tukv=387971309045.0523&dvp_tuid=1234431963351&jurtd=2505747823
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
4f83aef97672ac5b317d7eec2ac422043b2b19989647d2ca957194d1899ac599

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:36 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
08/28/2023 12:41:36
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3092 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 06:18:32 GMT
x-content-type-options
nosniff
age
282185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 06:18:32 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3092 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 21:05:43 GMT
x-content-type-options
nosniff
age
228954
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 21:05:43 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3092 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 21:05:08 GMT
x-content-type-options
nosniff
age
228989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 21:05:08 GMT
bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_callout_line.png
s0.2mdn.net/sadbundle/9379432914417958990/ Frame B3D3 		108 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_callout_line.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.102 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f6.1e100.net
Software
sffe /
Resource Hash
a36431dfacb1e503cd34d9e7b3cdadb4229f0de67ce09e6da21000205349cde7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9379432914417958990/bb2403r0002_022_681461_ca_cs_mb_pmb_fy24q3w4_oa_fs2_jsos_728x90_index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 04:29:59 GMT
x-content-type-options
nosniff
age
375098
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108
x-xss-protection
0
last-modified
Wed, 23 Aug 2023 13:19:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 04:29:59 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B3D3 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 21:05:43 GMT
x-content-type-options
nosniff
age
228954
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 21:05:43 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B3D3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 21:05:08 GMT
x-content-type-options
nosniff
age
228989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 21:05:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B3D3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.131 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 16:08:08 GMT
x-content-type-options
nosniff
age
506009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Aug 2024 16:08:08 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 20AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrQy1iusik3qgsFdSJFc3DocIJx9IH8fMNJpZ8q5zgulEz3Lv3we7GuDOIEvhtuU9Jzjfy8-FgJR1fsdzxIsuWBN4REe6p_O0vCHwIIveNznNxPuCVtIBX05-f9J1vAkzFniC-twC3N0YZA4c5-STI2FHuA6sqfy6qDHlLwrzDKXEcddHYLjZAhIMwMmR7jq2J6MXlTu1TdJ0MDV1IHyS6oigb8_qqeh9iLBE2hiA1qEDLgSFQo4w4bvIpmVRmWCoZITKbs3jtEa1-5NKWG0foz2OCgjnVcOVsuBS-qfvO6XRfwJHYONMRmp89xY4JJBzdV-AtBZ11jrwYaxl5ekDMWQU5lBEx-x-IIOWP0oTyxpCqwkBcVOx3gOpJGQJQtGmm4lxh7aBFlYmsphItaURjh28wCnHWbhBj6AxUmG5FkymEAP150PRgkIadNVUE1bgrLsVbdlyEYwBSAeVD7cEK0pS4dodbOoaU9TBxoPi4djZBss1H46owttWKS9LgfS_JQNy-55WbSYY_0gepzbTOpZ9Grqg8F7RkdgT2fN8mFq3ow7eMz3zwSYaRWRVz0wZFsx__Kmc6pylnVBw9eRTEaRfNsAETuHQsn-9Y8vsEoc0Z70XB6jcDrYcsSZv_kpeJOlYrspcrAS84gRUkz3cKpuQ0KPObdgVVUdTttqBq_O-JaXG7DfNGDysh3ZIjwxB-kjIS5XhlyBrdpY12uxKjXrrNAnDztRcjyjIc4AIevF933VB4d-CokPuc_jeYb0-LqfUxMqFTFgkWATtQBHdyeTRbwspPDEsxlfoe4SQzcEjFhZi8l5eVvTwUm_4_nrCFgipVNXjl7J95sIN53Nuv5t_QAmeUI0iWZhvCEUCFC-0DWaXIFakqiLG7XQiq13xVGq1aClWQdOzAyXF3BC_AvWYCDF1hKQMgQpQoDYjWQglzc18_F9i146On6kjyoJiWf4qOZcRYf5jxSZCkC4e6l5mfDtz_gT2All_zXDOw6tgYl7AUqaEa2-Orq6p5RKRQb1Vl6JjWVAlK6P_byXjDQunznsZsQ60d8y5EL6x3JDG8Q01pS3RZAiEO8wir6-smAypYPZUDkZmYVe2TZVqfyApkb9pL3Dk2a2SKVC0nD48iiTRU1-1cQF1TlP4PEB7aF4GAG06cLEcar_OdgKI-W7_m_rMt4CYjhwS1E7p-POexWiTuHsFLRmd26ntLzj7JV1Q3KMq2a54GlKWFC7GGmMZvlWRLn2hWVmvLl0ZszNESaSuHp1nIuT6D3kIOh_A3EzFHufWFrRLhQAUzkOCuXkxqDH3622VsYgj8_w&sai=AMfl-YT7qayZBG1aFKhi-IOEi8M4t5QJ-5LMlqPWqAn_DoK3tWIpT4bGVzOcyxD3zIIcRQ-MB6SmJnfTzLxc1wsZgByr3HdMPknhuykGqdA08GIuvnR5XQNFToS_sg60dpfyJQBN0RFBPZAjE8V9ZI2SCo-K0bLU9wUOQvveQyrS-OhLuvcg8H9Q3tlxTcWroAZagZcIT1kAXCbbKQ&sig=Cg0ArKJSzAaqh43mmRDeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1249&vt=11&dtpt=905&dett=3&cstd=340&cisv=r20230828.23824&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 29 Aug 2023 12:41:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 98EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssuWxnHHD2Lqk-uRSURXDoqoM9Dg_nFFK6E0P3T4Atzg1JZbFKfkbYdpjRkQGpCB3cgfAqnp_xzST_TImj0k_B4wt5C3jXHANtUjJ01KQtLSiEOuLsoseUMvIXf1ElZtXEKSSQc_bgbeRkekePJqQ024lUQ95u_Uklbr8uTumZ73LWwEAVep35tIn0myezw4E3HEcwhGjEgJzbFF3jDZeHHXxr9o8jIKVGyCpCSZTvmk-4I3Zeg9hfVj2_cnLtDixUEgnhStVphaRX_ZIL8PqsfWo3WspXHq9jfsMk-VijMcjTr7dqt3hSaon1NcNqRlqJuPtzFqg5CXrAnLn4qlPPhArLYg1dy4CgszpCtlGCFdxTIkTko0tzmj3GdST9xEfLDifV51L40h8Kac8B0aSlvS7iCFeApnshWj8q12-79izGTsUs9PYzmc5g834V-wIq_at-XNjWYyneTGs3ID53RRqoR4fc0JDxDJW_1dePJiKJImYAuD8q5jSo6XZjL4xlJ2ts-cqq0ljn5t0ONYO7nZrEiUkdNcBKjDn_mB6baswymgRmMPEpd6YV4TQ87jHCmTVQ152bpjrV8E7JIKw2KvpIMTDoYNSqC-BElyX97TR17g-HmIv59Db6s4pzZ6AikWhv2bE3Q9tazubwAzk4OvKMp72dnt4y-QD-ovnDg5-fmzNk2ecze1LuAYYVxbm4wJ5p8xVQ5wtwusFCjL8vs2fGSePg5wei-8xSsZ-glcFvDCAlZszAERltu2JLeh_B0WpO7Zq2p5ZWybupMQ8Ey60cqsohUn6Ua-4J5WEkKNCI33Dkd6wfITGdwo2NySF3GDeF6fhR0LXC3MDvOaF2mgUVeuNJ_HmeDfu6lnKsvMfyFsxTg0ujTIZNtv1qVIRB7HIrDpd7MWgEuTpBeqzB6PFoO8nKi9a040HeTr12bixwELnUlp2xJeWmrw9hdvvUufvuhOTl_Knny8Mpihq0unNP6jGsUMoWb9aHyVE4KpTpVyK_n2LXiKPc0VlXGiCLYdWa07EYuz-oH5TRLrcs6py4dNoWLjKnJgdMTnvJTwXdxdj6oOB4nh2GdNgWge0rh_RlLDb5DP2kuJpoElVJyduPchq9CODOlnnX0VF0A7Vl1_JRuos4sX1B3QkELyNGCm_i27-1aLl1YKtLoo22Y8SF0tFkh-BRKJPgZUYkdgLowOioSwf7_JQIaZYpvXsy-cNIozRH7bRxyrRVjJIhsJgCaX1FTxVf_yu-fAcfkthwiu29c8pRY70LV1CoEYfO2Zy3hlpcTnTWgM9URrO_XdslX1yLD_vzn1xSx78wRaw&sai=AMfl-YRtnELyEuMiZessKriXcl-7JiwqRzbEaLK81dKT_MzLcK7rWAt1eD5LN21bSqTVL5OTLVWMrrzI8EDajQeBak3Rk5imC_6xoyYRkq7k6sayMGxptlu3f_YDJCwtXxnPB_QSNFYnTvyMfUrDx_xmpYDEOJdri285V0qm7dQOTHbtSQrwVLNlKsRBuLocc4JfAFQ07Wb2hShjQg&sig=Cg0ArKJSzAdf420OZrkgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1488&vt=11&dtpt=1142&dett=3&cstd=341&cisv=r20230828.36283&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.imgburn.com
URL: https://www.imgburn.com/index.php?act=installation_complete
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 29 Aug 2023 12:41:37 GMT
like_box.php
www.facebook.com/plugins/ Frame 110B 		40 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d744f68d585dc%26domain%3Dwww.imgburn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.imgburn.com%252Ff1ec7a11d7c6af4%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FImgBurn%2F214193761928924&locale=en_US&sdk=joey&show_faces=false&stream=false&width=180
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=f70a98b14c1e1cc1533daf1676503eae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
/
Resource Hash
fa736596192726b8fce8f486614cb1cb1cf3844d3ed6110c3b364f956b20fec9
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imgburn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:41:37 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
ngEm3EpjUS7vl5Cng44pxrnoCh3S5hyO9DpyUrRWtoOVUmIgSh+/iGmREymE1PDNznFgipweFOt7ZsDLtBtD7g==
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
d057fcfab457517000901310ee20cc2e8f5f73c082b5dd845dcac7c73e970c58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11685
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.1 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Aug 2023 12:41:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 98EA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvucPXClrzjS94QR1L1vyGGy8UMd6aioomEjTKYNoSA6YFVbLS5tNkLMCJaeDNxHOqJ14sWQmqEjKL9Tlx9NL2eizrrNTIC6-6_mctaVsELs4-tqCiPNioDWkBncwyk5vOVk6J18GG8vA&sai=AMfl-YRh_vmtOOocHatstY2YYzrytDovS3UO5YQlrc-k8zLFAImShRVMjieFuHHoiwoXUss9sFKT16WLJi21&sig=Cg0ArKJSzO_8-en0aFWuEAE&cid=CAQSGwBpAlJWxs2FjQPEE6LoV_fCBHVrxoXui8hmlxgB&id=lidar2&mcvt=1015&p=0,0,600,160&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=386267200&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693312895350&rpt=1222&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 20AD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvX5gNsEDY4kK0BtvkoDr6AKOWNydnoeXiMADixIS2dmzRBzzJVsspVgELm6roMXS6QE4nmMLp3fEondhEC6MsBoUNceZisJpifufTR5tv7pA5KhtZJDojOcXch0QM8kayzobQRZIqO4Q&sai=AMfl-YTpUcJ9OfKgfvOgSTot1ZBRmtL8nD9PN9KLGvx-IK_ewiJfeD4Dassy9zdgzbC-RekQg3riey05qCHs&sig=Cg0ArKJSzNssxy2Y00bJEAE&cid=CAQSGwBpAlJWk_xyB0TLxm_IvKNV78IneKOg6Z2-fRgB&id=lidar2&mcvt=1018&p=0,0,90,728&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3136083826&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693312895362&rpt=1201&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9371 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwQf8f-ftZI6WMtCI_gSHm6uoDgAAAAA4AeAEAg&bg=!k5ClkN_NAAbGwlhq5sI7ADQBe5WfOJmsswal6uipzdDdZOfT8ZNLmeAUawWCJcNAju98_5OlMXHVGzXGw7cvFDeLOSvDAgAAAa1SAAAACmgBBwoAn5IAVYkoCTOUyWFNZTFTIlHQc92qWcoNcAyCB8t3zhIFU-1UES9UeLudMJrYnd4iB_KxFMxWp2Wno7ABci2ComfNUZj73CJ5xP1-H2kcxH3BwmJP7xBYqse0-N714Q-dj1Z0wSFh-0oIPjST41Wx6I1TcnKsf1-IjPpW0H_ufnRok-sDOzX0QqKYQ_lkloHjnCu0m33iWRuSXuX-lY7l0ZkC1zxgnzaKTNGVGJNJidSgZkTDNz8_21cbceiRzURg3NgnCFJqJVRiYx8MdUJM-ishSKwujYeuEFp9Ip5-4TByx5n7tZLY14cnsu8kxMTTVWq9MpnxwMdCdKffz_iKwkarK3Ttzz5UepXaHITdvKT3uiHXXSHrwU48xqFzjASi_S_H4_oPbUDE8yywYBEOiQ2m0g-yw_4dLCJ_TtBlgSIedrMFDk2UvPEbINH3k5xYIdDYiO30l5OK7D5o8yWxzFcI8s3efn2UFAq9gQrJaWEqXnkTd4l-Z9zfqXDWIS747glb6aicWhnLwdml1npvXe1kMEFCGupSrvWCBDLQNJL8RVq9VF851vsEe_dKG4NB4W_cNq6Nygvq7xYy4rRaqBFIoUvp8kzcmlg9xcnpwVX_xENBvtdEfwIO9GA0j9LFg0SDMN2D0NoWgGUDPgQVPtvyru3E08NBke9c7gbYQK3nei1S1WIRVbTeg0YGv0wL65gpd-20X_jLLgtFWxQP-KM4BOESrcAnDRBmDomp_a5z9xJETvhtxogJMWCyJNyGbXpplSVQMahEfQTal5IkUF3wk26xF4k89CZcz-ZQP2Gh4LoE9qkBQiG64uzIY-N91-PfCBv3zpNVbdLc1xsGMgV7Zk9kqrSMKwXxMy3vIxyg6MiWfOX67_a3QnPhyTHnnyQLYfOYFTWfN-v4Z2tAEKxcUlWCq5d_sTxzQFGgLS1F_Ntk1VasUfsKwRx2GPzP-HuWpx0cZyyAq-paf-RpdcKTKV-tmhqlwW2335MNlZEx-pAgop-w-_p82754f7QH464HWKlaqCMhxzN6THfsc3N6KD4uh_T932oX2DZsGJwy4_j0NHbJNuO2cJi33f2JSEe4K_OykIfTFQHFJhoGgcSHnzbcoH4JyTUTNlviSzdwZnrslD08yt0bd1kooH7yUJJbE9p7yNBNjFDjMeND6sR4WtjQvw_ydgQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9tgW5jwi87Q.css
static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ Frame 110B 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/9tgW5jwi87Q.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d744f68d585dc%26domain%3Dwww.imgburn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.imgburn.com%252Ff1ec7a11d7c6af4%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FImgBurn%2F214193761928924&locale=en_US&sdk=joey&show_faces=false&stream=false&width=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
cd850f3e761a13d038b1a215fa6a08a92485a0aecff181c04e3eb106644685e3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fWUp7z94jVEjm0xGDAZbOw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6888
x-fb-debug
wjn3UGGNxzmPfU41aoDXoB8bXLX96WhBcL4oo53UI8iiPsTTdHtYZxboliHUk8/g3f+I9v8vBckCoIl/57vLgQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 27 Aug 2024 16:41:04 GMT
GXzpTowprtv.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame 110B 		313 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/GXzpTowprtv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d744f68d585dc%26domain%3Dwww.imgburn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.imgburn.com%252Ff1ec7a11d7c6af4%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FImgBurn%2F214193761928924&locale=en_US&sdk=joey&show_faces=false&stream=false&width=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
8f20e3309d008f1f6c8a5b2f7df5ff4e8d5f6b0544b36e6671107433dfb50ad0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hzjuPMMWoE7ppQK8Ox0BZA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85417
x-fb-debug
DysKkMu6D0YrwWAkXEi7uWleH4zrhmzixgpuDz0qC+Wc3pfZQ3tVPds3b7B1Fi7xptASgY9mNqfw+XwMi24/bg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 27 Aug 2024 23:48:53 GMT
Qto6lZB1h_E.js
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame 110B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/Qto6lZB1h_E.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d744f68d585dc%26domain%3Dwww.imgburn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.imgburn.com%252Ff1ec7a11d7c6af4%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FImgBurn%2F214193761928924&locale=en_US&sdk=joey&show_faces=false&stream=false&width=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
894f2e66ace52b5a7cd7a21e26ccb40b7507bbd8d70fbad0e9f3e51039ad9481
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fzNYTRpcsZeVNcWDrqrE9Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1689
x-fb-debug
k0JeMYikWpvIQQKfsMbLXHVGZqeYuEbulN593TTflQaVcbsZqPKf5Od3735ioKpVvRlGVRYq2zoBOIM8y0xADg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 21 Aug 2024 19:23:19 GMT
5yBuzUbeHyL.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 110B 		92 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/5yBuzUbeHyL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d744f68d585dc%26domain%3Dwww.imgburn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.imgburn.com%252Ff1ec7a11d7c6af4%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FImgBurn%2F214193761928924&locale=en_US&sdk=joey&show_faces=false&stream=false&width=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
6ecd5e03b5fe4d1c60b452aed93c26b72467025e44bf052f76c4dfe62e7a0081
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PnK5ytKU+qdk0xks74a2/A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27801
x-fb-debug
8zL1fYAB39Q6sRgvK4cxZ2YBgwtWMDF1WgBrLR8RLdjHrVx89aLhw/5hg03YcL1/0ICeeU41cFKfwgzLceZ1JQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 23 Aug 2024 17:18:09 GMT
BCWVR3FJW_8.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yR/l/en_US/ Frame 110B 		125 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yR/l/en_US/BCWVR3FJW_8.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d744f68d585dc%26domain%3Dwww.imgburn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.imgburn.com%252Ff1ec7a11d7c6af4%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FImgBurn%2F214193761928924&locale=en_US&sdk=joey&show_faces=false&stream=false&width=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
0ca96bf6c8b9021ab7c671c3af8018de9922329de804e60c595e38fc55b89392
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
7vMwvq3rJ0NlAWtQiGW+AQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35564
x-fb-debug
rpqVqqt3eXDRdPHlwYh+Aq7G66GL/qbLvicT37J4FQkVDEDb63U7Eulz686mhIVk52AnHAmUdai25l7uZnaFiw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 22 Aug 2024 16:20:20 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 110B 		507 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d744f68d585dc%26domain%3Dwww.imgburn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.imgburn.com%252Ff1ec7a11d7c6af4%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FImgBurn%2F214193761928924&locale=en_US&sdk=joey&show_faces=false&stream=false&width=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-debug
MAukK3XXUwwftowqyjQvQfLeBhS/i+5Ohj5PlObGTI/+EHEnjHhLyjgQIBW2yN5fUZh2VtTPg3LHcPSQ4aGVNQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 22 Aug 2024 09:55:50 GMT
310482906_543733297757388_6749675742488125205_n.jpg
scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-1/ Frame 110B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-yyz1-1.xx.fbcdn.net/v/t39.30808-1/310482906_543733297757388_6749675742488125205_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=101&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=-h3czxb0dDgAX8qWzlG&_nc_ht=scontent-yyz1-1.xx&edm=ANSO7JkEAAAA&oh=00_AfDB7G0xDxrhHiPYD9j_39n-7dDOfnq2x94tq2_lnO8wJQ&oe=64F3C41A
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d744f68d585dc%26domain%3Dwww.imgburn.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.imgburn.com%252Ff1ec7a11d7c6af4%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FImgBurn%2F214193761928924&locale=en_US&sdk=joey&show_faces=false&stream=false&width=180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
926b2cc01369c929fcef9a34afc4b2e7f6ad072bfab9f673bf1a2b1a84e22d74

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:37 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Mon, 17 Oct 2022 15:11:40 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3009462464
thrift_fmhk
GBAzK5FfgsT7o176zfzPNwPjFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4062933888
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1412
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C83A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.1 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.imgburn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
16088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 08:13:29 GMT
expires
Wed, 28 Aug 2024 08:13:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 84AF 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.100 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f4.1e100.net
Software
GSE /
Resource Hash
8d355df40b1518c9d4e6f3124771fbbadd31419cc010737e8bddde36f80d1aff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X_W4ji9HTZDZH8DhtcaOXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.imgburn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-X_W4ji9HTZDZH8DhtcaOXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 12:41:37 GMT
expires
Tue, 29 Aug 2023 12:41:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9447 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXtNWf-ftZIWPNoWUoPwP8d278AcAAAAAOAHgBAI&bg=!S0ilSAfNAAYkVgHwBFY7ADQBe5WfOAVdgBUtiAMouX2pPsRBm6_WmN66En0th-8AFRQ9ERBqdiIbITGAfRKeGbQGdx0VAgAAAatSAAAAIGgBB5kC76da-IJgNXiFZHyzDeZqpoAkFfWXnq3LF-v6kHNLxj3vTljH7vzl1ZHhXX8Sjutsw38qLGFI97Iqxd-09lHDcyWcwt-wESbbw9uNCU7P78EA_cE9Aeo1x-x6hz_GtPFRFWhwk-bWxr3lfEUTQgKVnUCem9p-1sUz08I9LbxWIhYqqI4fcGdbsMnknWLX-cfr8e3RKXWSacsi_sO8CDrMb3rKOKJ3yBKx3-Y85mfD4zO2d1PS9f9C_ZE8XllJnvvX61rebaym2dVPzhbSGuLowIuDzyUXkP41AnBuT5zynl4UnzBbIfpMo_TJ6ju-OxDr7m4Q8OS-G5CH2SfEoJ5-LJLVjvkNWk4X2x4pb3r9l2LXwbLhKuAh7eSNHWOSCZSoEZWbHgXnetA03vZaplNZ9irqVJexvqjQwfP0t_x_DM_PR7edwMJ7rNgPQwmXpBZjF7IJ9KxvJjg1CTohyzQpTohqrsiLoL1NhvY8Xfc6j0SM626dbxuGCuh3doADfEcOz0KBTCKP1oDWeAjq7K8gPUN2quvORMRcI-4cxKfs_Yah9UsvFyrkcW5pNOKBDK7Hy4XGrKEM4Fybn4srRzySu-8gj_zUjIpqPAyvxQmvu6URjw5A_4cGYB-Kmd44MzFQ6fW21k4zG31RmC2m0TM_87D9OA-hZrnbJ6L4PGCp4bIe-Y-2VW29zN9ePIgdVyy7w22TfXcGD35F6A0XcDaYlC5pl0UD3LrZWm3dfpEUNqpqjgOAnTpWragMlOuWZeX3Nmg86Pumpqk98DfJfmfblk6WNPNoj7iNHOW2kUj6iZmYHyUu1j6kbEXw-KUBMzJWEZd0KNFC28OkJ6nryNRDfrWlG6xok2yefj1JY-liQOpVNJDaPBeCRMzCYOuaUUriM0j2a6Q0xRhI76XIQcnfHo39KjUIZCCo84tyWt-qyt6kkqSrSWJbhZ0xAxs1OpjfqHWUvB7ZIH7cqto90yXAzicmSuxRt5MkTPCT4Tb4lRg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
pagead2.googlesyndication.com/bg/ Frame C83A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 14:15:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
512761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14626
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 14:15:36 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 110B 		573 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/9tgW5jwi87Q.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/9tgW5jwi87Q.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:37 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-debug
kiNF1mQ7JGFHPqflG5adtKX9zLB1dj7SEVm8dRYKn8WVXD42tLN3Nc5aS8NLeoyu8bONZtCnLFc0ohEjKgijDA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1,i
expires
Fri, 23 Aug 2024 02:08:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 84AF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=4388446577445182&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C83A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Xhe-1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.1 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:41:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 20AD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6282414244521&version=m202307240101&ct=76&x=1&cor=832633140656312800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 98EA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3174529809480&version=m202307240101&ct=76&x=1&cor=5166746245246191000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Aug 2023 12:41:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=4388446577445182&bg=!KSqlKmXNAAYkVgHwBFY7ADQBe5WfON1uGc-n2ojXJl4NWpuaRhVNdOCxbmG_8spq4gJUp6r4gsf1dJAYW2YQcdQEw4hRAgAAAPBSAAAACmgBBwoAhCBHkqySO-dvj1Jcl2REDtoIDLf6CaDborgeyhQtODuL02lbOLeuM-FApjLxGfJ5ki02GsSBaCmc_YYdNiGtqBwQG8JyS7UaOClkfbzd2BNYvfXda_UuaQdUEjDjmDaG4Gq8O-P8vAfZBdvfjvL87ncYjRSmfwGRrLU9AgdsR61EKavMupkCrTOYBSO3RbczoyZSwKqoOLzBZuwOQSpdLStXv-MqRHXz0BQPtLcXmQWiS-SXBWcmSjZC3jBkMyiVn-PCQT32DBUsdkQJ81L2vNUb8NyyGGAYhRpHkLuoyeLNotwKtkzn9iDQcLFLT3m3nVZTZW7h__LitOyItYCR7QGJSGpeB4UPc3cnzFK-RNWkpkk_jRJ1oSWxeEJmo5ziAc6gC41Y0K1Ed7oQ_vSigAp1N3DGpkZzi9zyTziE8ZRNYxOO6FdrM9GpkAAhGe5_SupnhYmw9AWBOTqfQ2O1FKzwWcd051LsZGSFPFsfxjBujM0-6HsAMEMbVdjembNirtxo-Ww77UHoHRTzqaAHjhyudWyYnUx0lBGDjxJANPyWKVeJiW7FWq8mJ8x7reabgjLCr2sIkI8RM3dANOiZ604DoyPh285KRIJG4DKcGu6-lDhGmlFVdtsJ-8XSxA77xBQHVwJ-BYF9ABc13-1rWRBf2qwl79t0dwLHjnsoER79lSFXG-D8PanVWDDvl1K2qGfdg-45eBdFwh7ZMXBRnB2CGhl47a6fbb-5UOw7Kuk4uOEAANx3MZdbJ14wqOLA4DbT1pPWHLewSHJptcTDdN2I6qzkdp3ICSmelfJlB0Sp07GUfJqRVf4dKUlWEcGPdqOWV5S3J6v_u4359y5fM1_8V4nbVETY9V9dedn8nda6R4GKCk2AzjW5aNFgvKCekOH04OcygeTAA1EGU4HrYXpmYtpp3TyMe6-YV_Fh4uSbLaIcokox6YEh8H-QVLRhmXUC5vSbQGijnofuS8wTDkoQZ2eA0DJEeLYWgANCI5BFh7ysYGCX3Mjte0hDX6oouaMrpEXEafTeD-pbzQZtefCdKlDMS5u_2MjzuJStesdXdHY-Z00Ua-PIlH1jVJkhzB0IGi8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.imgburn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 98EA 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?impid=7b30e5b94cf94e5ba6c9b65c936ba554&flavor=1&gdpr=&gdpr_consent=&tgdur=219&vfdur=245&vfsz=573&tuveims=81&tuveems=338&eoid=1&ttfurm=3313&mpt=1693312899634575
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:39 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
08/28/2023 12:41:39
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 20AD 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?impid=aa410cbc9edf42ee88231f2786985985&flavor=1&gdpr=&gdpr_consent=&tgdur=53&vfdur=122&vfsz=571&tuveims=36&tuveems=397&eoid=1&ttfurm=3381&mpt=1693312899861479
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:39 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
08/28/2023 12:41:39
event.png
tpsc-ue1.doubleverify.com/ Frame 98EA 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=2eb64aaa327f4f98ac02833efa5c64c1&flavor=1&gdpr=&gdpr_consent=&ee_dp_seltagmals=1&prndr=0&dvp_rfrcl=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_asmm=1&vdur=168&eoid=18&te_exec=0&msrjs=4555&sdf=67108868&vit=2&isvelg=1&dvp_ime=0&dvp_dcime=0&dvp_dcife=0&dvp_dcde=1&dvp_dcoe=2&dvp_mpdce=script&rmi=8&tltms=219&tetms=25&msltms=0&vltms=168&sei=146&vetms=395&tuviims=340&tuviems=903&engms=1&engisel=1&ee_dp_noalsu=1&dvp_dtcov=4&msrcanlm=384&msrcannum=2&ee_dp_tmads=2978&ismms=339&isumms=338&nvr=6&isgmmims=339&isgmv4mims=339&elmtp=1&isbxdms=2939&b0=322&b11=2478&adhgt=600&adwdth=160&norwdth=160&norhgt=600&vsos=5&dvp_vsosnmr=16&lftb=2800&sftb=2800&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=160&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1593&isuiabvms=1593&isgmpims=824&isgmv4dpims=1593&ispmxpms=1593&engalms=336&dvp_dpr=1&vstsz=754&ee_dp_cvcmeeid=1&metp=2&meeid=1&mpt=1693312900194319
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:40 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
08/28/2023 12:41:40
event.png
tpsc-ue1.doubleverify.com/ Frame 20AD 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=2f932f7d295e47c6bddb4dca21b78afb&flavor=1&gdpr=&gdpr_consent=&ee_dp_adlst=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_asmm=1&vdur=86&eoid=19&te_exec=0&msrjs=4555&sdf=67108868&vit=2&isvelg=1&dvp_ime=0&dvp_dcime=0&dvp_dcife=0&dvp_dcde=1&dvp_dcoe=2&dvp_mpdce=script&rmi=8&tltms=53&tetms=17&msltms=0&vltms=86&sei=146&vetms=363&tuviims=398&tuviems=848&engms=1&engisel=1&dvp_dtcov=4&prndr=0&dvp_rfrcl=4&msrcanlm=1049480&msrcannum=4&ee_dp_tmads=2931&ismms=640&isumms=639&nvr=6&isgmmims=640&isgmv4mims=640&elmtp=3&isbxdms=2840&b0=100&b11=2339&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2439&sftb=2439&msrdp=0&naral=1048576&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1542&isuiabvms=1542&isgmpims=826&isgmv4dpims=1542&ispmxpms=1542&engalms=639&engscrlms=666&dvp_pageEng=true&dvp_dpr=1&vstsz=755&ee_dp_cvcmeeid=1&metp=1&meeid=1&mpt=1693312900309524
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 29 Aug 2023 12:41:40 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
08/28/2023 12:41:40

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture function| $ function| jQuery function| createCookie function| readCookie object| _gaq object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_daaos_ts object| google_erank object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_traffic_source object| easpi object| asptt object| asro object| srtr object| sepiia object| asiscm object| seiel object| asla object| asaa object| sedf object| sefa object| srldp object| sugawps object| google_shadow_mode object| adsbygoogle object| FB object| _gat object| gaGlobal object| __twttrll object| twttr object| __twttr object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| __buffer string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests object| googletag object| GoogleGcLKhOms

15 Cookies

Domain/Path Name / Value
.imgburn.com/ Name: __utma
Value: 28837924.325450137.1693312895.1693312895.1693312895.1
.imgburn.com/ Name: __utmc
Value: 28837924
.imgburn.com/ Name: __utmz
Value: 28837924.1693312895.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.imgburn.com/ Name: __utmt
Value: 1
.imgburn.com/ Name: __utmb
Value: 28837924.1.10.1693312895
.imgburn.com/ Name: __gads
Value: ID=1ed891bc1d7c2efa-222e080db8e3004b:T=1693312895:RT=1693312895:S=ALNI_MY4B9T_TPHCMVc9Z5YDYNWe7VMJUg
.imgburn.com/ Name: __gpi
Value: UID=00000d8e8c65cc54:T=1693312895:RT=1693312895:S=ALNI_MaJtEkn3ngqRHiUn-BJhMEWrLaWLA
.doubleclick.net/ Name: IDE
Value: AHWqTUn8V6GXl3oAsWGxfLicxfW5nSuWYLkuxhswXQN6VFrCEFKdogqu30QbW2Li
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Illrjd(k!]tbPl1M>e)ZlrFUfJ+tGXxo<?N(6nI/)Bj:EB[=^dkZcFmnvjb#sBjlV$9@3If)y3KL9D3I?-%UpzMx
.adnxs.com/ Name: uuid2
Value: 6424392723393615546
.casalemedia.com/ Name: CMID
Value: ZO3nf9eVSz55en8YDuFYKAAA
.casalemedia.com/ Name: CMPS
Value: 3606
.casalemedia.com/ Name: CMPRO
Value: 3606
.doubleclick.net/ Name: APC
Value: AfxxVi7GOxXokR6RgVGPE6I95mTWbePOxgwucMwJRUfNG5aRWm7A8g
.samplicio.us/ Name: _ftv
Value: e6d37073-c4d3-444f-9c43-2676ec118e21

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.doubleverify.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
s0.2mdn.net
scontent-yyz1-1.xx.fbcdn.net
ssl.google-analytics.com
static.xx.fbcdn.net
syndication.twitter.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
tracker.samplicio.us
vid1051.d41.co
www.facebook.com
www.google.com
www.googletagservices.com
www.imgburn.com
104.17.24.14
104.244.42.200
142.250.72.100
142.250.80.2
142.250.80.66
142.251.32.102
142.251.40.131
142.251.40.170
142.251.40.226
142.251.40.232
142.251.40.98
142.251.41.1
144.217.253.21
192.40.39.223
23.215.130.168
31.13.71.36
31.13.71.7
31.13.80.12
34.117.228.201
34.233.238.237
52.20.97.221
68.67.160.186
69.16.175.10
72.21.91.66
009bf00d3831fb62595adb20e170ed288d8a157493fb6028b1888b05875ed8f3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0941f710568921801462e05fe1361e9a5997b8b6b7b05cfdd237418df34dc7cb
0b143c641aaf926fbb1defb2265069a0da0e3e560977e437fce8ed0a998b1287
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca88fc8ca11586bc5c6955177f88d2c2064428a04294d9604b6072fd098b1b1
0ca96bf6c8b9021ab7c671c3af8018de9922329de804e60c595e38fc55b89392
118546603f93a68c8c3135809dbbfc5f8c87ca3339c86d89b1af25d0755016ba
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
2183232ebccb9bfc99400afbc36867dc7f30dfe56769ed4fa77e658c0a2c1f5c
2390bdb541162fb1ae14cddfd0de092daa69813ea20a99798c72f6e4fb5dfa00
28821730b1acfbab78d3bc54ce6acc4585c3f2bff2034c5924a16cdd6bcb5352
29747b75b432998f6f2fd524947e83f8faea37785470a1c26b440c8e8caf0773
29d7ecbb3238f9f7e179ed3d04f0b6ba77d689150b166e2564e366dbd8456cf2
2a19f79bd2859fb1dffdd7c8643dc5e58fc7a9b7fb493d68359f400c420467b3
2e6c6fbaa22611f8c7ca79db04c84f1d42123e7100cd796f669341abd1ba0c0c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33e1de165482304fe4e4f87b957b4c73d2be6d0d5d944955b0c94d37446ee2e3
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
46536fdf0a92c9cf204628be890a76f6a7d14cf083c67a517a8141435d23e74f
4722e924735b58f39ac0a3c55729b4296af857871b1b8b9bfd41b76c2c9116d4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4b9e9b63816c81258931956a81cd4a03439017fd0c8f4f29f64167f6c65a047c
4d77fe9faa6a941fa9a2d3eb01fcb8cdeeabf2098e970258fc968ccfd887ef06
4f83aef97672ac5b317d7eec2ac422043b2b19989647d2ca957194d1899ac599
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567c8a013b53241e918ca1c0d71b292e64bd67024067f8d638996d9ba6642c7a
5ac23acf3d3102f61032ea63557943b9f8fc68e44d6db741d5951b817ba8b1a5
5bc1c3f12817995ae13efa46ab18a273304d703a7058f28e8912b8c0373486dd
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ff4cbaca7ae19c7d8674c0792ca4da8ce8d3b052ccbbedeec628d03420fc9d
653e69a70b22ef827db51cb7d3a556344ada7bcef637221642834be41dd5b9c6
657c8f5e61da3195fa9997eafb2d1a664585ac17cc344b45be498ed37fb96b25
6669319df8337d661291bd53d55194e641451ea7844d724b74223fafa49d55dd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ecd5e03b5fe4d1c60b452aed93c26b72467025e44bf052f76c4dfe62e7a0081
709f99ffaad4389d0c20264789a77cf39e9b97cc835b5d100150a75693121c8b
7474fdf726e2a5b3781427c31d0227c10015a41fbb2848c3b4f4ae7ce357bb44
75bd9bf0f8d27cff7b8005c1a1808d75923ab1ee606f7220b4b35616e3e5a8ad
7bd887208f90811f69029f99399a0740203702cc1cad617faf33f8b8dd62c475
7c78e3a4a72e293e9b6641df965b63ba6ce953de9afb40dd03a3586637430814
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f046207bd9fad0240def375b892fb6d19b01001cd7af11cd295ab412f9d4b94
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843e1cb488da2ab89dfaea18ebc447ba54e29c4106506980006f9590d49eb517
87ba9934605c0a9d899190e95bbf1ad03f765060c24fbbbae07ab5f6d2660117
894f2e66ace52b5a7cd7a21e26ccb40b7507bbd8d70fbad0e9f3e51039ad9481
8d355df40b1518c9d4e6f3124771fbbadd31419cc010737e8bddde36f80d1aff
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
8f20e3309d008f1f6c8a5b2f7df5ff4e8d5f6b0544b36e6671107433dfb50ad0
9217b4f3f43e3a4686bcde329f2bbc4ecdb7efbc4aa2af3e544ce98bbf38bacf
926b2cc01369c929fcef9a34afc4b2e7f6ad072bfab9f673bf1a2b1a84e22d74
93833aecdaacd6554d2779e5cd994d927a13ace6c07d38cdca646f530bc15c16
96d9bcc207eb270d935826c6c0b0d1fbfc8710e24bc25e28da24ed689c6c3279
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9853c108e9edbaf92a99a84d6a2f5c14ef2d3d42a261e10ed11f6447728fabfb
9854c17b5120c23f852dc1d4bce066a527d5a5a0a52ed80988ca0ae84010ba2c
9a29541742b6f31c8e59034e10cc3e4989f1a65dd567941a6a80fcb974575817
9af009076a6504a56dd242ac1335998bdf83174a4d478fc8dfc2093802840c38
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a36431dfacb1e503cd34d9e7b3cdadb4229f0de67ce09e6da21000205349cde7
a914ef021ed94a976b5bf73dbcee8cbc8799ae0773e187d3aa53a986e14cbac1
a95cc0201c6489b1864618962521ffbd1840bad283d8b9287c3afce9243c7579
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b27549963419c16d7f9d1d211cd40e7891b414350f282e63f66a13c5386dfc08
b3042834511405e3128d5362a72042bc74036638136cc63bf32f76b15c2bf032
b39d4a7d3007bd5a6cda643eb738bc9d71b94fa04bc6a9606835eb357da1e714
b80c64c1ac8f55500b76cb6b15a2df506ce9e6d10295c25d322d77fd3a28d64a
ba23e4f4f677ce22e5bf3a617d92fef7b9da8a5b3c675e226cd3cfdd364f38d9
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
cd850f3e761a13d038b1a215fa6a08a92485a0aecff181c04e3eb106644685e3
ceeff8a1f84324442615b8f13f4a115a2771b770edf414617ed2f5a1679949df
cf4a74833bd4342242b2070117adef83478d99089f8c862d91607ed5f128bd4f
d057fcfab457517000901310ee20cc2e8f5f73c082b5dd845dcac7c73e970c58
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
d3cfdadf2ed8415690eb8cfae9789390ef5699bdf7ee5a4595f59dda44702fab
dd2210e5557969b599853e3608fc2229c117c5924e34a6ec6eae05ba4682356b
dd9a6b5d5c367036f66988e53c798cb33de2b452c6e984bd9bbe6d0951bd47ec
dfc21cad10d3faf831f6064eb186dff6642cc933bd8619519111f62de6fa448d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e9b26284942613ea0c4b783cc4e910ab3dedd2d1971329a473f180f8f7c43f4a
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f092b9753e893c2cec10b5c9361dcbb6d54bac1e91c755b6efec6608527c0674
f116cc07babc112c8dadc2cdc058517b23d64b802c71924e52f978b822d53b6b
f3e54e225d04ed7f6bf7b4bdf70dd4ae30d15e57e194e1e95bbec5dfe0465567
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6108b1c241558428ee19e001bb88b10c3da1172243be1f5e800690667815948
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f72744931dddf1d1ae7162cf5bc74fbf63e9cd9e1261058f4141bfafc9f533b8
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f782cf7685d3655d3f10d995d59be6bfab30f56930c28945a4a3993f0e087126
f99538cc65a64e27f3ed95e82eea47e0ecd4064867f7d6dbe22e531fed7c1388
fa736596192726b8fce8f486614cb1cb1cf3844d3ed6110c3b364f956b20fec9
fa78bb1af9d2fde73729c485f77bb0f30fd71ef6adb2ed1a2dc1dd5cdd14c03e
ffb8b69cad0d748f2fd5bf7cd2e84fbb56604f8dc1297045804343ba83a25ba1