controlc.com Open in urlscan Pro
2606:4700:3033::681b:bf2d Public Scan

URL:
https://controlc.com/3aa48eeb
Submission: On June 20 via manual (June 20th 2020, 11:51:49 am UTC) from IN

Summary HTTP 133 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 7 countries across 27 domains to perform 133 HTTP transactions. The main IP is 2606:4700:3033::681b:bf2d, located in United States and belongs to CLOUDFLARENET, US. The main domain is controlc.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 14th 2019. Valid for: a year.

This is the only time controlc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:303... 2606:4700:3033::681b:bf2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
1	23.111.10.144 23.111.10.144	33438 (HIGHWINDS2) (HIGHWINDS2)
1	23.111.10.140 23.111.10.140	33438 (HIGHWINDS2) (HIGHWINDS2)
24	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
2	151.101.38.214 151.101.38.214	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	178.128.255.150 178.128.255.150	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
4	13.226.154.49 13.226.154.49	16509 (AMAZON-02) (AMAZON-02)
1	40.84.148.247 40.84.148.247	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	151.101.38.167 151.101.38.167	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1	52.218.106.75 52.218.106.75	16509 (AMAZON-02) (AMAZON-02)
1	13.226.156.197 13.226.156.197	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.210 213.19.147.210	26120 (RHYTHMONE) (RHYTHMONE)
5	34.236.77.125 34.236.77.125	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	34.199.118.187 34.199.118.187	14618 (AMAZON-AES) (AMAZON-AES)
1 2	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
133	32

19 2606:4700:3033::681b:bf2d (United States)

ASN13335 (CLOUDFLARENET, US)

controlc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.144 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.fancybar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.140 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.carbonads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8c062288171dd80b1a005971a8810a7d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1322b94ca57444a0d77ee7ecaa0320b0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.38.214 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

api.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.128.255.150 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-11.buysellads.com

srv.carbonads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.154.49 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-49.dus51.r.cloudfront.net

yadloop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.84.148.247 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ads3.mthsense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.38.167 (Amsterdam, Netherlands) 1 redirects

ASN54113 (FASTLY, US)

player.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

77311389a48ed0bda86fa6e2a630d48f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8916f453816ed2292446848702e1010d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.106.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.197 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-197.dus51.r.cloudfront.net

d2tbmvllb55wxq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.236.77.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-77-125.compute-1.amazonaws.com

exchange.bidphysics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

os4m-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.118.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-118-187.compute-1.amazonaws.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.38 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.164 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com 8c062288171dd80b1a005971a8810a7d.safeframe.googlesyndication.com tpc.googlesyndication.com 77311389a48ed0bda86fa6e2a630d48f.safeframe.googlesyndication.com 8916f453816ed2292446848702e1010d.safeframe.googlesyndication.com pagead2.googlesyndication.com 1322b94ca57444a0d77ee7ecaa0320b0.safeframe.googlesyndication.com	152 KB
27	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	411 KB
19	controlc.com controlc.com	189 KB
8	googletagservices.com www.googletagservices.com	197 KB
7	ampproject.org cdn.ampproject.org	192 KB
5	bidphysics.com exchange.bidphysics.com	2 KB
5	google.com 2 redirects www.google.com adservice.google.com	782 B
5	google.de adservice.google.de www.google.de	785 B
4	openx.net 2 redirects os4m-d.openx.net eu-u.openx.net us-u.openx.net rtb.openx.net	1 KB
4	yadloop.com yadloop.com	36 KB
4	twitch.tv 1 redirects api.twitch.tv player.twitch.tv	2 KB
3	lijit.com 2 redirects ap.lijit.com	2 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	casalemedia.com 1 redirects as-sec.casalemedia.com ssum-sec.casalemedia.com	2 KB
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	carbonads.net srv.carbonads.net	1 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	sonobi.com sync.go.sonobi.com	509 B
1	googleapis.com fonts.googleapis.com	724 B
1	rubiconproject.com fastlane.rubiconproject.com	1 KB
1	33across.com ssc.33across.com	627 B
1	1rx.io tag.1rx.io	267 B
1	cloudfront.net d2tbmvllb55wxq.cloudfront.net	224 KB
1	amazonaws.com s3-eu-west-1.amazonaws.com	53 KB
1	mthsense.com ads3.mthsense.com	3 KB
1	carbonads.com cdn.carbonads.com	6 KB
1	fancybar.net cdn.fancybar.net	8 KB
133	27

	Domain	Requested by
24	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net controlc.com yadloop.com
19	controlc.com	controlc.com securepubads.g.doubleclick.net
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net controlc.com tpc.googlesyndication.com cdn.ampproject.org
14	pagead2.googlesyndication.com	securepubads.g.doubleclick.net controlc.com
8	www.googletagservices.com	controlc.com securepubads.g.doubleclick.net
7	cdn.ampproject.org	securepubads.g.doubleclick.net
5	exchange.bidphysics.com	d2tbmvllb55wxq.cloudfront.net
4	yadloop.com	controlc.com
4	adservice.google.de	www.googletagservices.com securepubads.g.doubleclick.net
3	ap.lijit.com	2 redirects d2tbmvllb55wxq.cloudfront.net
3	adservice.google.com	securepubads.g.doubleclick.net www.googletagservices.com
2	fonts.gstatic.com	cdn.ampproject.org
2	ib.adnxs.com	1 redirects d2tbmvllb55wxq.cloudfront.net
2	player.twitch.tv	1 redirects controlc.com
2	www.google.com	2 redirects
2	srv.carbonads.net	cdn.carbonads.com
2	www.google-analytics.com	1 redirects controlc.com
2	api.twitch.tv	controlc.com
1	ssum-sec.casalemedia.com	1 redirects
1	rtb.openx.net	1 redirects
1	sync.go.sonobi.com
1	us-u.openx.net
1	cm.g.doubleclick.net	1 redirects
1	eu-u.openx.net	1 redirects
1	googleads.g.doubleclick.net	controlc.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	1322b94ca57444a0d77ee7ecaa0320b0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fastlane.rubiconproject.com	d2tbmvllb55wxq.cloudfront.net
1	as-sec.casalemedia.com	d2tbmvllb55wxq.cloudfront.net
1	ssc.33across.com	d2tbmvllb55wxq.cloudfront.net
1	os4m-d.openx.net	d2tbmvllb55wxq.cloudfront.net
1	tag.1rx.io	d2tbmvllb55wxq.cloudfront.net
1	d2tbmvllb55wxq.cloudfront.net	ads3.mthsense.com
1	s3-eu-west-1.amazonaws.com	securepubads.g.doubleclick.net
1	8916f453816ed2292446848702e1010d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	77311389a48ed0bda86fa6e2a630d48f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ads3.mthsense.com	securepubads.g.doubleclick.net
1	www.google.de	controlc.com
1	stats.g.doubleclick.net	1 redirects
1	8c062288171dd80b1a005971a8810a7d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.carbonads.com	controlc.com
1	cdn.fancybar.net	controlc.com
133	42

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-14` - `2020-09-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.fancybar.net COMODO RSA Domain Validation Secure Server CA	`2018-09-10` - `2020-09-09`	2 years	crt.sh
*.carbonads.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-03` - `2022-04-08`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
twitch.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-17` - `2021-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.carbonads.net Sectigo RSA Domain Validation Secure Server CA	`2019-09-19` - `2021-10-12`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
yadloop.com Amazon	`2019-10-22` - `2020-11-22`	a year	crt.sh
ads3.mthsense.com Go Daddy Secure Certificate Authority - G2	`2019-09-03` - `2020-11-01`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.bidphysics.com Amazon	`2020-03-05` - `2021-04-05`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh

This page contains 16 frames:

Primary Page: https://controlc.com/3aa48eeb
Frame ID: 3132C87F181FC542C3CFD9B330E698AE
Requests: 35 HTTP requests in this frame

Frame: https://controlc.com/3aa48eeb/fullscreen.php?hash=6f5405ee52d5da80490b081f60fffcd1&linenum=false
Frame ID: 4CCFD5798703418BA7D38C544A9DD604
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCHi2ehJAriQuTkIA1AIOGh1cJTcOBWdBvT6NOYwW9RJ2XCkI1GQtwmJUC-TKd1YQBRkUK7AoGFkm88QihnSbXNM1lV-eXYrG1EedeoWCSPCU0-Bf4jkftmRCcH7Em_NYlvP3z_mqBjZXpp0eetGoa8MFR5sLjTWXejZpDoFTZY0zUGlWv0xH3QWrkc6ae5v8Thc-5pZ5JLsL9Vg3c0iSIj-w0RPTYlyd8zfwTn8S_8yJb363VEgDp0LPWk7aAjhN7PTX2IzrmIGVLq5M5Ksi_bKoZAkPebw&sai=AMfl-YQ_GdRxgstdsSW9bOpqjE-vfrlrjPFlATmdMjmSwHAEJh2ekRPRmPdHA23V6YHvAnSi2Kc_VYG_U67SUKBPocsj9M9aJjqHJtV-o7MQ&sig=Cg0ArKJSzC0kgGp9bkhmEAE&urlfix=1&adurl=
Frame ID: 36C47674BEC597DAE6DB681F219DAA5F
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfBHdQSYVLYpypGnFZZ02UWnLUFUZk3_di4AeLFDIIxg_MBKxacLlhEy-zOTXQQhsISTCVy3IMa_gueBoTo4QvEc5mfWNM6cZsNvMVnwUauKOvwBZbOY9TmuvBOmr6p7ahhijOUqIvE5SwGQPziKGiRefnvS9QC2TVVdI_ZZG0ZrVzk-esMK_Oxuy-5-OmiTVRUPNxcXGTQdCQxrGO0BvjE-hOqiSgWtT0XytJK-GCA4SEcnG6EOePyq-KI2nLIzVc2nOvFD4nAFkFymILH1S3JbRhCg&sig=Cg0ArKJSzBlKbyP4N56bEAE&urlfix=1&adurl=
Frame ID: 05DBAF8617C17ADB7ED81661D24AA3A0
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvtuMu7PojyTYOTKGu7xiV3B-EuXTPNHmVytlLZ6hGDdhAxXOBTMohw3vupSxT-uX_iI9MEWVPHOOWlX-beMLruTPF_ObfIIMI-MnJhcwSMnAuQg4zJ7xGN8oYCRAqkjTX0kJN3VNfAcgXbf_q5I0Zu0SB6vzCRgpFzKWD02eKHmmNbtO3nnpZihxJVgtSU0m2ClWavjge_Z9mfsUkm4QJdcBsUROSmMab6yfXWdSsaUQ1O2WZUmjmF8aUn-7Ns6NimfCGnc8zM16qvP8&sig=Cg0ArKJSzDA7d_0crzcOEAE&urlfix=1&adurl=
Frame ID: 429666C9AFEFCA69B32A3EF1E17E3528
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5A2FABDEE76A9B3CB787716F76869A16
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B1410AD44B3640F7F31B91167504C5DB
Requests: 10 HTTP requests in this frame

Frame: https://player.twitch.tv/embed-error.html?errorCode=NoParent&content=player.twitch.tv%2F%3Fchannel%3Dmrmouton
Frame ID: A0C2AF9E756A52EB57970A6770DCEB5A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 2DA01A9B243C297B3D52CAA123D35A55
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0E1ss6-sRriOqQRfA8BJLqgPhWcGa87qoXNxQVvNiw3phErurrTsHh-QeL0m5775FSNrJwJ-Q0FhhpbEPqx3d8siSToXKfJQpXbjTAnxrzWTd55mt4MPgGF-D5aZDOmm8viBrMfZVRu2c9oTZrb2ik4szbc84lQG3G6MN6gU5mBN7onWTq_e1DEPPLlXfdCIrt1y7J1R759GL25i_cruc0z3H3cBRXhO6IlgyHq04lfHz7jtmEsiigdRUmjGk2ne9T1Pru-r0oCamsg&sig=Cg0ArKJSzPle-lnbxqVsEAE&urlfix=1&adurl=
Frame ID: 78C70F50352C1F7FA8B563E9A39B6E32
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 763ACA739580AF5AB929E56E66956B05
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 1EBC89703D5453B0063395DE306AF81C
Requests: 1 HTTP requests in this frame

Frame: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Frame ID: 8F12556B06526D8BCBA91A411128C064
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 334BDF22234F60CC3C2C61A104D3F7B2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: A4B349E028B3AA7B699A9FF15BAFA405
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 0DE4FC5E0358959D33CECE46F2C4BEBD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

133
Requests

100 %
HTTPS

37 %
IPv6

27
Domains

42
Subdomains

32
IPs

7
Countries

1531 kB
Transfer

3532 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=973996984&t=pageview&_s=1&dl=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&ul=en-us&de=UTF-8&dt=https%3A%2F%2Fcharity.gofundme.com%2Fo%2Fen%2Fcampaign%2Fhelp-clifton-cyclone-recovery-fund1%20https%3A%2F%2Fch%20-%203aa48eeb&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1155118305&gjid=2052054509&cid=1733904396.1592653891&tid=UA-62963607-1&_gid=1191316753.1592653891&_r=1&z=261814408 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62963607-1&cid=1733904396.1592653891&jid=1155118305&_gid=1191316753.1592653891&gjid=2052054509&_v=j83&z=261814408 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=1733904396.1592653891&jid=1155118305&_v=j83&z=261814408 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=1733904396.1592653891&jid=1155118305&_v=j83&z=261814408&slf_rd=1&random=2103045314

Request Chain 53

https://player.twitch.tv/?channel=mrmouton HTTP 302
https://player.twitch.tv/embed-error.html?errorCode=NoParent&content=player.twitch.tv%2F%3Fchannel%3Dmrmouton

Request Chain 124

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 131

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://exchange.bidphysics.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=f2543f349565232c6926ccc1

Request Chain 132

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKaiNnEq-Ij96hpS3RGwPA&google_cver=1

Request Chain 133

https://ib.adnxs.com/getuid?https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://exchange.bidphysics.com/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=2860301517037710165

Request Chain 135

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D HTTP 302
https://exchange.bidphysics.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=73fdce90-307d-08d7-007c-00bd661a429d

Request Chain 136

https://ssum-sec.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://exchange.bidphysics.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=Xu34Q7lQJ8EAAFJPGK8AAABr%261113

133 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 3aa48eeb Show response
controlc.com/ 11 KB
4 KB 139ms
87ms Document
text/html 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: e4c27157420a83fb07e6c7bdbe273ceec1df5b0df8953f04c0880b75e97cd5dc

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /3aa48eeb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 20 Jun 2020 11:51:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dd007a95d0e417e1cc9ffb907d1dba87f1592653890; expires=Mon, 20-Jul-20 11:51:30 GMT; path=/; domain=.controlc.com; HttpOnly; SameSite=Lax PHPSESSID=7ca99b00fc8c32c8c7e4b3b7fc61f844; path=/ tinychat_box=1592653890; expires=Sun, 21-Jun-2020 11:51:30 GMT; Max-Age=86400; path=/; domain=.tinypaste.com
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 03732add040000e00385b83200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a654741acc3e003-FRA
content-encoding: br

GET
H2 200 global.css
controlc.com/public/css/ 12 KB
3 KB 15ms
12ms Stylesheet
text/css 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 3886
cf-polished: origSize=15109
status: 200
cf-request-id: 03732add640000e00385b90200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5a6547423e00e003-FRA
cf-bgj: minify

GET
H2 200 bootstrap.css
controlc.com/public/css/ 80 KB
13 KB 19ms
17ms Stylesheet
text/css 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap.css
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 4843
cf-polished: origSize=99036
status: 200
cf-request-id: 03732add640000e00385b92200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-182dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5a6547423e04e003-FRA
cf-bgj: minify

GET
H2 200 bootstrap-responsive.css
controlc.com/public/css/ 10 KB
2 KB 15ms
13ms Stylesheet
text/css 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/bootstrap-responsive.css
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 4914
cf-polished: origSize=14308
status: 200
cf-request-id: 03732add640000e00385b93200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-37e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5a6547423e07e003-FRA
cf-bgj: minify

GET
H2 200 view.css
controlc.com/public/css/ 598 B
438 B 14ms
12ms Stylesheet
text/css 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/view.css
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 3454
cf-polished: origSize=752
status: 200
cf-request-id: 03732add640000e00385b94200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-2f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5a6547423e09e003-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
controlc.com/public/js/ 148 KB
30 KB 17ms
15ms Script
application/javascript 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 4776
cf-polished: origSize=153534
status: 200
cf-request-id: 03732add640000e00385b95200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5a6547423e0ae003-FRA
cf-bgj: minify

GET
H2 200 view.js Show response
controlc.com/public/js/ 2 KB
724 B 45ms
44ms Script
application/javascript 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/view.js?x=1592653890
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-7f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5a6547423e0be003-FRA
cf-request-id: 03732add640000e00385b96200000001

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 45 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec4b53e1ad1916e5fa39669a367d0384a5cb741475961401eca28f5187607c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "548 / 685 of 1000 / last-modified: 1592611810"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 15464
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:30 GMT

GET
H2 200 getpaid.png
controlc.com/public/images/ 6 KB
6 KB 11ms
11ms Image
image/png 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/getpaid.png
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:30 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 4843
etag: "555139ee-196e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5a6547426e5ae003-FRA
content-length: 6510
cf-request-id: 03732add7e0000e00385b9b200000001

GET
H2 200 logo.png
controlc.com/public/images/ 12 KB
12 KB 13ms
13ms Image
image/png 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/logo.png
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:30 GMT
cf-cache-status: HIT
last-modified: Thu, 19 Sep 2019 14:03:25 GMT
server: cloudflare
age: 4776
etag: "5d838aad-2f2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5a6547427e87e003-FRA
content-length: 12078
cf-request-id: 03732add8a0000e00385b9c200000001

GET
H/1.1 200
OK fancybar.js Show response
cdn.fancybar.net/ac/ 21 KB
8 KB 70ms
7ms Script
application/javascript 23.111.10.144
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fancybar.net/ac/fancybar.js?zoneid=1502&serve=C6ADVKE&placement=tinypaste
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.10.144 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Jun 2020 11:51:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2019 14:20:27 GMT
Server: NetDNA-cache/2.2
ETag: W/"5362-5900057953202"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 ab.png
controlc.com/ 67 KB
67 KB 18ms
17ms Image
image/png 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/ab.png
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 249a47240c54580905210bdba65667fee54315dc6ed4c35c080569b2526ac056

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
cf-cache-status: HIT
last-modified: Mon, 30 Mar 2020 10:19:31 GMT
server: cloudflare
age: 3455
etag: "5e81c7b3-10a35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5a654742ef5fe003-FRA
content-length: 68149
cf-request-id: 03732addd10000e00385ba0200000001

GET
H/1.1 200
OK carbon.js Show response
cdn.carbonads.com/ 15 KB
6 KB 61ms
8ms Script
application/javascript 23.111.10.140
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.carbonads.com/carbon.js?serve=CKYIKK7U&placement=pasteco
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.10.140 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 885ec3e51589244c6ab9a6b99e8fbfd5648258a0818c8074ffc4a1e014cf846a

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Jun 2020 11:51:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 May 2020 15:02:30 GMT
Server: NetDNA-cache/2.2
ETag: W/"3c80-5a4fc0da177e6"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 pubads_impl_2020061611.js Show response
securepubads.g.doubleclick.net/gpt/ 247 KB
88 KB 29ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

fa85dcb00a408381b7639601205d10c5482f850365cee1632fba0ec4bdc55875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 20 Jun 2020 11:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jun 2020 21:48:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89804
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:30 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
175 B 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=controlc.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 108
x-xss-protection: 0

GET
H2 200 bg.png
controlc.com/public/images/ 987 B
1 KB 19ms
18ms Image
image/png 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/public/images/bg.png
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6

Request headers

Referer: https://controlc.com/public/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 3887
etag: "555139ee-3db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5a6547430f8fe003-FRA
content-length: 987
cf-request-id: 03732adde20000e00385ba1200000001

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 400 B
709 B 41ms
41ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1507294296930418&correlator=2381095078602378&output=ldjh&impl=fif&vrg=2020061611&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200620&iu_parts=1025874%2CPasted_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1592653891&dt=1592653891048&dlt=1592653890909&idt=123&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=0&adks=765271295&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&dssz=7&icsg=250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=1733904396.1592653891&ga_sid=1592653891&ga_hid=973996984&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

7371c64d7ae781cad22d9f6b3298091f8cfa117b5ac3836bdb9cb615576c5ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 212
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
8c062288171dd80b1a005971a8810a7d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 74ms
39ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://8c062288171dd80b1a005971a8810a7d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 72ms
72ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1507294296930418&correlator=2381095078602378&output=ldjh&impl=fif&adsid=NT&vrg=2020061611&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200620&iu_parts=1025874%2CPasted_728x90_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1592653891&dt=1592653891072&dlt=1592653890909&idt=123&frm=20&biw=1600&bih=1200&oid=3&adxs=50&adys=127&adks=1406371575&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&dssz=13&icsg=16034&std=0&csl=89&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1500x90&msz=1500x90&ga_vid=1733904396.1592653891&ga_sid=1592653891&ga_hid=973996984&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

52ea4c4a224e6215157096b53cb5d4dab976d6393a9a94c29eb88783f1a18991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2705
x-xss-protection: 0
google-lineitem-id: 5214351027
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293538274
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ab.js Show response
controlc.com/ 5 KB
2 KB 12ms
12ms Script
application/javascript 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/ab.js
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 29 Mar 2020 09:43:08 GMT
server: cloudflare
age: 255
etag: W/"5e806dac-1285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5a654743482be003-FRA
cf-request-id: 03732ade110000e00385ba6200000001
cf-bgj: minify

GET
H2 200 streams Show response
api.twitch.tv/helix/ 27 B
162 B 177ms
176ms Fetch
application/json 151.101.38.214
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.twitch.tv/helix/streams?user_login=harkdan

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.214 Amsterdam, Netherlands, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

31c70fc4fa7dee6db3f53f0c1db540813dfc6523f0226634179a701062d3e616

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Client-ID: 3yumzvi6r4wfycsk7vt1kbtto9s0n3
Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ratelimit-reset: 1592653895
vary: Accept-Encoding
x-cache: MISS, MISS
x-ctxlog-logid: 1-5eedf843-81a3ec4e0a0c0ba8c6df7fc6
status: 200
ratelimit-limit: 30
content-length: 27
x-served-by: cache-sea4433-SEA, cache-ams21051-AMS
pragma: no-cache
twitch-trace-id: 5033e2c689182420bcbe527e2c02572e
server: envoy
x-timer: S1592653891.291839,VS0,VS0,VE164
date: Sat, 20 Jun 2020 11:51:31 GMT
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
access-control-allow-origin: *
expires: 0
cache-control: no-cache, no-store, must-revalidate, private
timing-allow-origin: https://www.twitch.tv
ratelimit-remaining: 28
x-cache-hits: 0, 0

GET
H2 200 streams Show response
api.twitch.tv/helix/ 422 B
665 B 182ms
182ms Fetch
application/json 151.101.38.214
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.twitch.tv/helix/streams?user_login=mrmouton

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.214 Amsterdam, Netherlands, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b0b1391f19119b5d24b3b908b96a6a3838d460717fa7b3b256b7f4c5f924b131

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Client-ID: 3yumzvi6r4wfycsk7vt1kbtto9s0n3
Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ratelimit-reset: 1592653893
vary: Accept-Encoding
x-cache: MISS, MISS
x-ctxlog-logid: 1-5eedf843-10b4a648b452bdcb5fb2c7ab
status: 200
ratelimit-limit: 30
content-length: 422
x-served-by: cache-sea4461-SEA, cache-ams21051-AMS
pragma: no-cache
twitch-trace-id: c7d2abc56c35c5081e08bb0c5c704430
server: envoy
x-timer: S1592653891.140366,VS0,VS0,VE167
date: Sat, 20 Jun 2020 11:51:31 GMT
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
access-control-allow-origin: *
expires: 0
cache-control: no-cache, no-store, must-revalidate, private
timing-allow-origin: https://www.twitch.tv
ratelimit-remaining: 29
x-cache-hits: 0, 0

GET
H2 200 fullscreen.php Show response
controlc.com/3aa48eeb/ Frame 4CCF 4 KB
1 KB 52ms
51ms Document
text/html 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/3aa48eeb/fullscreen.php?hash=6f5405ee52d5da80490b081f60fffcd1&linenum=false
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 8544cf73bbfe4bf47e14b215cd0a72e2c4b618d30798e823bba6393fa2821152

Request headers

:method: GET
:authority: controlc.com
:scheme: https
:path: /3aa48eeb/fullscreen.php?hash=6f5405ee52d5da80490b081f60fffcd1&linenum=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/3aa48eeb
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dd007a95d0e417e1cc9ffb907d1dba87f1592653890; PHPSESSID=7ca99b00fc8c32c8c7e4b3b7fc61f844
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/3aa48eeb

Response headers

status: 200
date: Sat, 20 Jun 2020 11:51:31 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 03732ade150000e00385ba7200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a6547435833e003-FRA
content-encoding: br

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 56ms
54ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1507294296930418&correlator=2381095078602378&output=ldjh&impl=fif&adsid=NT&vrg=2020061611&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200620&iu_parts=1025874%2CPasted_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1592653891&dt=1592653891094&dlt=1592653890909&idt=123&frm=20&biw=1600&bih=1200&oid=3&adxs=1390&adys=91&adks=2762401180&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&dssz=21&icsg=1027618&std=0&csl=87&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x600&ga_vid=1733904396.1592653891&ga_sid=1592653891&ga_hid=973996984&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

261961b6c33ef546c740687526aeb3cb77a1c2a89aa337dcaacc4e3edbfbcc2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2321
x-xss-protection: 0
google-lineitem-id: 5215140857
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293261120
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 51ms
51ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1507294296930418&correlator=2381095078602378&output=ldjh&impl=fif&adsid=NT&vrg=2020061611&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200620&iu_parts=1025874%2CPasted_728x90_Bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1592653891&dt=1592653891100&dlt=1592653890909&idt=123&frm=20&biw=1600&bih=1200&oid=3&adxs=50&adys=704&adks=2507290776&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&dssz=25&icsg=4110474&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1520x687&msz=728x-1&ga_vid=1733904396.1592653891&ga_sid=1592653891&ga_hid=973996984&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

dc192958c74f52e9e196b96e3aee3cd99ad6ba6573e429fb731ba12e261691b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2261
x-xss-protection: 0
google-lineitem-id: 4655064465
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138231937338
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 glyphicons-halflings.png
controlc.com/img/ 14 KB
14 KB 14ms
14ms Image
image/png 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://controlc.com/img/glyphicons-halflings.png
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced

Request headers

Referer: https://controlc.com/public/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
cf-cache-status: HIT
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
age: 255
etag: "555139ee-3602"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5a6547436862e003-FRA
content-length: 13826
cf-request-id: 03732ade210000e00385ba9200000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3312
date: Sat, 20 Jun 2020 10:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sat, 20 Jun 2020 12:56:19 GMT

GET
H/1.1 200
OK CKYIKK7U.json Show response
srv.carbonads.net/ads/ 598 B
690 B 55ms
25ms Script
application/javascript 178.128.255.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CKYIKK7U.json?segment=placement:pasteco&callback=_carbonads_go
Requested by: Host: cdn.carbonads.com
URL: https://cdn.carbonads.com/carbon.js?serve=CKYIKK7U&placement=pasteco
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.255.150 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-11.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 124fc18fae0e821795366db301bee6d36cb68e31f50f190e57b687a8bfc1e664

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 20 Jun 2020 11:51:31 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Content-Length: 451
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=973996984&t=pageview&_s=1&dl=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&ul=en-us&de=UTF-8&dt=https%3A%2F%2Fcharity.gofundme.com%2Fo%2Fen%2Fcampaig...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62963607-1&cid=1733904396.1592653891&jid=1155118305&_gid=1191316753.1592653891&gjid=2052054509&_v=j83&z=261814408
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=1733904396.1592653891&jid=1155118305&_v=j83&z=261814408
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=1733904396.1592653891&jid=1155118305&_v=j83&z=261814408&slf_rd=1&random=2103045314

42 B
106 B

19ms
18ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=1733904396.1592653891&jid=1155118305&_v=j83&z=261814408&slf_rd=1&random=2103045314

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-62963607-1&cid=1733904396.1592653891&jid=1155118305&_v=j83&z=261814408&slf_rd=1&random=2103045314
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36C4 0
0 18ms
18ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCHi2ehJAriQuTkIA1AIOGh1cJTcOBWdBvT6NOYwW9RJ2XCkI1GQtwmJUC-TKd1YQBRkUK7AoGFkm88QihnSbXNM1lV-eXYrG1EedeoWCSPCU0-Bf4jkftmRCcH7Em_NYlvP3z_mqBjZXpp0eetGoa8MFR5sLjTWXejZpDoFTZY0zUGlWv0xH3QWrkc6ae5v8Thc-5pZ5JLsL9Vg3c0iSIj-w0RPTYlyd8zfwTn8S_8yJb363VEgDp0LPWk7aAjhN7PTX2IzrmIGVLq5M5Ksi_bKoZAkPebw&sai=AMfl-YQ_GdRxgstdsSW9bOpqjE-vfrlrjPFlATmdMjmSwHAEJh2ekRPRmPdHA23V6YHvAnSi2Kc_VYG_U67SUKBPocsj9M9aJjqHJtV-o7MQ&sig=Cg0ArKJSzC0kgGp9bkhmEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 t.js Show response
yadloop.com/ Frame 36C4 17 KB
17 KB 96ms
42ms Script
application/javascript 13.226.154.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=1593581592653891163
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.154.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-154-49.dus51.r.cloudfront.net
Software: /
Resource Hash: e3df9723f6e2da831c83563b02e9d5819070f628ee44949c0c1ac2e8d055df25

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 20 Jun 2020 11:51:31 GMT
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ckDR5Q_oOgD3usOLNm7eRFThtVuyyVtWJwppIFgVcboq1lnjiXSyHA==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36C4 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08811dd694fe39ed52b2390534cbe991075a02065137a36c914e0cd6a91c4cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592416174093583"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28487
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de072fa8ec958a27adcb7caec34d45663bbf88c22696a081d2c6ae6ffcae743f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592416174093583"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27927
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 05DB 0
0 19ms
18ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfBHdQSYVLYpypGnFZZ02UWnLUFUZk3_di4AeLFDIIxg_MBKxacLlhEy-zOTXQQhsISTCVy3IMa_gueBoTo4QvEc5mfWNM6cZsNvMVnwUauKOvwBZbOY9TmuvBOmr6p7ahhijOUqIvE5SwGQPziKGiRefnvS9QC2TVVdI_ZZG0ZrVzk-esMK_Oxuy-5-OmiTVRUPNxcXGTQdCQxrGO0BvjE-hOqiSgWtT0XytJK-GCA4SEcnG6EOePyq-KI2nLIzVc2nOvFD4nAFkFymILH1S3JbRhCg&sig=Cg0ArKJSzBlKbyP4N56bEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 t.js Show response
yadloop.com/ Frame 05DB 17 KB
17 KB 85ms
40ms Script
application/javascript 13.226.154.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=0485921592653891173
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.154.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-154-49.dus51.r.cloudfront.net
Software: /
Resource Hash: af1165ad00402c5aa49b926268cc7e991012c6c982a1f051d53d278f84923d35

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 20 Jun 2020 11:51:31 GMT
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 7DVPsqik2BkhKEuO5SogVFDBXbCP7N1WVVUONsS5-Wuiz1mpvleozA==
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 05DB 74 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08811dd694fe39ed52b2390534cbe991075a02065137a36c914e0cd6a91c4cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592416174093583"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28487
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4296 0
0 18ms
16ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvtuMu7PojyTYOTKGu7xiV3B-EuXTPNHmVytlLZ6hGDdhAxXOBTMohw3vupSxT-uX_iI9MEWVPHOOWlX-beMLruTPF_ObfIIMI-MnJhcwSMnAuQg4zJ7xGN8oYCRAqkjTX0kJN3VNfAcgXbf_q5I0Zu0SB6vzCRgpFzKWD02eKHmmNbtO3nnpZihxJVgtSU0m2ClWavjge_Z9mfsUkm4QJdcBsUROSmMab6yfXWdSsaUQ1O2WZUmjmF8aUn-7Ns6NimfCGnc8zM16qvP8&sig=Cg0ArKJSzDA7d_0crzcOEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK RenderAd.aspx Show response
ads3.mthsense.com/ Frame 4296 8 KB
3 KB 502ms
126ms Script
text/html 40.84.148.247
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.mthsense.com/RenderAd.aspx?id=14896&width=728&height=90
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.84.148.247 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c248cda33f942842c869a9791948211e82c43c8caf2693fbb670c80231b06120

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Jun 2020 11:51:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 2892

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4296 74 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08811dd694fe39ed52b2390534cbe991075a02065137a36c914e0cd6a91c4cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592416174093583"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28487
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H2 200 global.css
controlc.com/public/css/ Frame 4CCF 12 KB
3 KB 14ms
12ms Stylesheet
text/css 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/global.css
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb/fullscreen.php?hash=6f5405ee52d5da80490b081f60fffcd1&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718

Request headers

Referer: https://controlc.com/3aa48eeb/fullscreen.php?hash=6f5405ee52d5da80490b081f60fffcd1&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 3887
cf-polished: origSize=15109
status: 200
cf-request-id: 03732ade730000e00385bb2200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-3b05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5a654743e993e003-FRA
cf-bgj: minify

GET
H2 200 fullscreen.css
controlc.com/public/css/ Frame 4CCF 312 B
280 B 17ms
15ms Stylesheet
text/css 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/css/fullscreen.css
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb/fullscreen.php?hash=6f5405ee52d5da80490b081f60fffcd1&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b

Request headers

Referer: https://controlc.com/3aa48eeb/fullscreen.php?hash=6f5405ee52d5da80490b081f60fffcd1&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 255
cf-polished: origSize=426
status: 200
cf-request-id: 03732ade730000e00385bb3200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-1aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5a654743e996e003-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
controlc.com/public/js/ Frame 4CCF 148 KB
30 KB 17ms
16ms Script
application/javascript 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/jquery.js
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb/fullscreen.php?hash=6f5405ee52d5da80490b081f60fffcd1&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd

Request headers

Referer: https://controlc.com/3aa48eeb/fullscreen.php?hash=6f5405ee52d5da80490b081f60fffcd1&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 4777
cf-polished: origSize=153534
status: 200
cf-request-id: 03732ade730000e00385bb4200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-257be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5a654743e999e003-FRA
cf-bgj: minify

GET
H2 200 tinypaste.js Show response
controlc.com/public/js/ Frame 4CCF 3 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/public/js/tinypaste.js
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb/fullscreen.php?hash=6f5405ee52d5da80490b081f60fffcd1&linenum=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9

Request headers

Referer: https://controlc.com/3aa48eeb/fullscreen.php?hash=6f5405ee52d5da80490b081f60fffcd1&linenum=false
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 255
cf-polished: origSize=3335
status: 200
cf-request-id: 03732ade730000e00385bb5200000001
last-modified: Mon, 11 May 2015 23:23:26 GMT
server: cloudflare
etag: W/"555139ee-d07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5a654743e99ae003-FRA
cf-bgj: minify

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36C4 0
54 B 20ms
17ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRbnynM26fXkAX3K9hcQee9sLGy5H005oooohnhJOvIQGTDsUxqY_dgJqrCVtkZ441CxSNz-TaU-UtgC7zvPugF7k6-JbwT4HMF0EVnEJc0W_RvBfyCoo9E_QAC6zeSZhvNgW3UJLEaN0s1px6Im01odhdYr4shcmW1uWM6rPIfQY0FNwr0MylptekHBvRzvefXjCIGed-NzOo4YRgRdGgNhBaftEq7wttDriGHMnlo82mTadWqLTuvbxIrsRV5_f9PNQhkTrSw1e5DQ&sai=AMfl-YSjl8Mle-s503dk15QmJzAZ8umJOWICuX3QAgvhgZ6EeDPd1a_uzyRHsHakXCfsskshklKOEV3pPCzT4B2N2QHUUGjd7gtIlsya4Hfh&sig=Cg0ArKJSzIW0I-nMXPbFEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 36C4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75d886a9078e612f4592992285b4745c2c7223a2eb321e057fc388cb673cfdf3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 05DB 0
54 B 18ms
18ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyjKUYg-uh32lkoE7bM46akrgF9I1h9dGiQ33XUNbP1zJsYgx_znQakGEW0NghfR487NRSBgSgyTwtbm1iXHN2bG9W3XsffrCEHSTsYPjlRCHHlDOAOId31t-ohJMhXXW99o_tuWR1sucf4Jhm4jgNblOwUr3HknWkRaZt8BMzywzPkrk7Mzvo7B7m1EP0QV8RyUKOzE-c_fyX38sPh77kBGXTzHkRZxAAaBKydbtEHMRuEkzpRgaaEjoZG8j2zp7ibUVypwnmEQ&sig=Cg0ArKJSzKiTFCem-k-eEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 05DB 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f167df5a5c92082d7d7b4f04443e8c65a1740be0546c12b443972210795c1193

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK CK7DT53I.json Show response
srv.carbonads.net/ads/ 600 B
690 B 25ms
25ms Script
application/javascript 178.128.255.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CK7DT53I.json?segment=placement:pasteco&callback=_carbonads_go
Requested by: Host: cdn.carbonads.com
URL: https://cdn.carbonads.com/carbon.js?serve=CKYIKK7U&placement=pasteco
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.255.150 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-11.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: c007af53140e2ea40266ada07944c9c33a7b0e72dbab955db9da09d88ff5e91b

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 20 Jun 2020 11:51:31 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Content-Length: 451
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5A2F 45 KB
15 KB 15ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yadloop.com
URL: https://yadloop.com/t.js?i=uml4x413apkiqmcvre&cb=0485921592653891173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

ace6f28cdb8de15640326250ce0854c634cd2910bd3a4a8641bb083bf35021a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "548 / 828 of 1000 / last-modified: 1592611853"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15464
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B141 45 KB
15 KB 17ms
16ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yadloop.com
URL: https://yadloop.com/t.js?i=qwpqn1ipjtdny52xwe&cb=1593581592653891163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

ec4b53e1ad1916e5fa39669a367d0384a5cb741475961401eca28f5187607c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "548 / 431 of 1000 / last-modified: 1592611810"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15464
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5A2F 109 B
168 B 18ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5A2F 109 B
168 B 16ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020061611.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5A2F 247 KB
88 KB 17ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066471

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

fa85dcb00a408381b7639601205d10c5482f850365cee1632fba0ec4bdc55875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jun 2020 21:48:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89804
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H/1.1

200
OK

Cookie set embed-error.html
player.twitch.tv/ Frame A0C2
Redirect Chain

https://player.twitch.tv/?channel=mrmouton
https://player.twitch.tv/embed-error.html?errorCode=NoParent&content=player.twitch.tv%2F%3Fchannel%3Dmrmouton

0
0

27ms
26ms

Document
text/html

151.101.38.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.twitch.tv/embed-error.html?errorCode=NoParent&content=player.twitch.tv%2F%3Fchannel%3Dmrmouton

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.38.167 Amsterdam, Netherlands, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.twitch.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://controlc.com/3aa48eeb
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: unique_id=aIVDkT7JwnrdC0K2Hr9mKi5TgMBP9Dxb; unique_id_durable=aIVDkT7JwnrdC0K2Hr9mKi5TgMBP9Dxb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/3aa48eeb

Response headers

Connection: keep-alive
Content-Type: text/html
Server: nginx
Set-Cookie: unique_id=aIVDkT7JwnrdC0K2Hr9mKi5TgMBP9Dxb; expires=Thu, 20 Jun 2030 11:51:31 GMT; domain=.twitch.tv; path=/; secure; samesite=none unique_id_durable=aIVDkT7JwnrdC0K2Hr9mKi5TgMBP9Dxb; expires=Thu, 20 Jun 2030 11:51:31 GMT; domain=.twitch.tv; path=/; secure; samesite=none; httponly server_session_id=2cb780452dc84c6e951f028ae9ee5eb5; domain=.twitch.tv; path=/; secure; samesite=none
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Sat, 20 Jun 2020 11:51:31 GMT
Via: 1.1 varnish
X-Served-By: cache-ams21031-AMS
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1592653891.387707,VS0,VE9
Vary: Access-Control-Request-Headers, Access-Control-Request-Method, Origin, Accept-Encoding
transfer-encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 0
Server: nginx
Location: /embed-error.html?errorCode=NoParent&content=player.twitch.tv%2F%3Fchannel%3Dmrmouton
Set-Cookie: unique_id=aIVDkT7JwnrdC0K2Hr9mKi5TgMBP9Dxb; expires=Thu, 20 Jun 2030 11:51:31 GMT; domain=.twitch.tv; path=/; secure; samesite=none unique_id_durable=aIVDkT7JwnrdC0K2Hr9mKi5TgMBP9Dxb; expires=Thu, 20 Jun 2030 11:51:31 GMT; domain=.twitch.tv; path=/; secure; samesite=none; httponly unique_id=aIVDkT7JwnrdC0K2Hr9mKi5TgMBP9Dxb; domain=.twitch.tv; path=/; Secure; SameSite=None; expires=Tue, 18 Jun 2030 11:51:31 GMT; unique_id_durable=aIVDkT7JwnrdC0K2Hr9mKi5TgMBP9Dxb; domain=.twitch.tv; path=/; Secure; HttpOnly; SameSite=None; expires=Tue, 18 Jun 2030 11:51:31 GMT;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Date: Sat, 20 Jun 2020 11:51:31 GMT
Via: 1.1 varnish
X-Served-By: cache-ams21031-AMS
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1592653891.360689,VS0,VE9
Vary: Access-Control-Request-Headers, Access-Control-Request-Method, Origin

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B141 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B141 109 B
168 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020061611.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B141 247 KB
88 KB 16ms
16ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

fa85dcb00a408381b7639601205d10c5482f850365cee1632fba0ec4bdc55875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jun 2020 21:48:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89804
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5A2F 4 KB
2 KB 175ms
175ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1624437906131175&correlator=2550559132359744&output=ldjh&impl=fifs&adsid=NT&eid=21066471%2C21065516%2C21066348&vrg=2020061611&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200620&iu_parts=21671350435%2C160x600-controlc.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&cookie=ID%3Db2018d902443703d%3AT%3D1592653891%3AS%3DALNI_MYPAQYE2bb7KodLlcJn0nI7zNyX1g&cdm=controlc.com&bc=31&abxe=1&lmt=1592653891&dt=1592653891371&dlt=1592653891285&idt=72&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adxs=1390&adys=208&adks=2407567311&ucis=qg211d4p1g36&ifi=1&ifk=3688625265&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&top=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x-1&ga_vid=1733904396.1592653891&ga_sid=1592653891&ga_hid=770191051&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

b5091f21d1a25da1caefae9a48d6e0142c7b874126ed6982691ed8c118bbf6b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2148
x-xss-protection: 0
google-lineitem-id: 4920373360
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138257300386
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
77311389a48ed0bda86fa6e2a630d48f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 5A2F 0
0 55ms
39ms Other
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://77311389a48ed0bda86fa6e2a630d48f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066471
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 5A2F 0
0 6ms
5ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066471
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B141 17 KB
5 KB 150ms
149ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3233697004729335&correlator=66478484247810&output=ldjh&impl=fifs&adsid=NT&eid=21066273%2C21066371%2C21066169&vrg=2020061611&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200620&iu_parts=21671350435%2C728x90-controlc.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3Db2018d902443703d%3AT%3D1592653891%3AS%3DALNI_MYPAQYE2bb7KodLlcJn0nI7zNyX1g&cdm=controlc.com&bc=31&abxe=1&lmt=1592653891&dt=1592653891387&dlt=1592653891297&idt=85&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=50&adys=127&adks=1088513110&ucis=dw6h5ozt50r&ifi=1&ifk=1037808068&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&top=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=1733904396.1592653891&ga_sid=1592653891&ga_hid=298783191&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

400c872105fbf93f667e74652201efbf2e0c1548a412801a96219c38235cb9a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4781
x-xss-protection: 0
google-lineitem-id: 5274402841
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138300733128
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
8916f453816ed2292446848702e1010d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame B141 0
0 55ms
39ms Other
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://8916f453816ed2292446848702e1010d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame B141 0
0 6ms
5ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pxl.jpg
yadloop.com/ Frame 05DB 597 B
830 B 33ms
32ms Image
image/jpeg 13.226.154.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yadloop.com/pxl.jpg?i=uml4x413apkiqmcvre&s=513&p=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&rstk=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&h=1835311592653891394
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.154.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-154-49.dus51.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: ldK5xdD2ujmfMFVVfgDne6J4ZE4HnpI5ofrDTDGgPdZIoQ0ZpPnBSg==

GET
H2 200 pxl.jpg
yadloop.com/ Frame 36C4 597 B
830 B 56ms
56ms Image
image/jpeg 13.226.154.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yadloop.com/pxl.jpg?i=qwpqn1ipjtdny52xwe&s=513&p=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&rstk=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&h=4487421592653891399
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.154.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-154-49.dus51.r.cloudfront.net
Software: /
Resource Hash: af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: image/jpeg; charset=UTF-8
status: 200
content-length: 597
x-amz-cf-id: xbsuOnbmvCW3zmffQ0H-Jarb_2LgbQDRhU_nUF3TF2WblfePvPFDlw==

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 2DA0 202 KB
55 KB 46ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 933
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Sat, 20 Jun 2020 11:35:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jun 2021 11:35:58 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 2DA0 97 KB
30 KB 38ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 967
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Sat, 20 Jun 2020 11:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jun 2021 11:35:24 GMT

GET
DATA 200
OK truncated
/ Frame 2DA0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae7e327fb326928a9a0b31188e28286f6cddae15d8dbe9de63114c7bae883d5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3181831729314583294
tpc.googlesyndication.com/simgad/ Frame 2DA0 52 KB
52 KB 7ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3181831729314583294

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb6d86692cd6763ea425040ea01f9db1af7d9afc3831d9d7befce4cd766a67b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 20:06:50 GMT
x-content-type-options: nosniff
age: 661481
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53072
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 10:50:35 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 20:06:50 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2DA0 0
54 B 19ms
19ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4OXpVEzRf2oW6y6NAwn2YqUKdAMhMMLsob68G2M-yEx_Xxb4tiQ6GHWc4e_WlR2trmyU64_aZTtNUHaH9YAe5m1Gyq1eTNUjFQovF-vKXnWyVJ6WGS1PnCqwPTQGpv-Y1aoZ24-OczbsNsl6xzhGAhusiFDmXI4lcemwLBfkwYMyGFgkupbdoV-792cWq-JuKZyFbChAKVnw-NqlaSmLfH-MB-R_KiWO9mNVZBiDRz9byUEp7tEwgRolHbzkiL9q-yGbrSyFgmLc&sig=Cg0ArKJSzPasPfu_Ev0TEAE&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B141 7 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020061611&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c0ab5111af029013d1d4adaa7c45ea328dc6421b7eb2d51992cd2e68ec7775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5606
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 78C7 0
0 25ms
20ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0E1ss6-sRriOqQRfA8BJLqgPhWcGa87qoXNxQVvNiw3phErurrTsHh-QeL0m5775FSNrJwJ-Q0FhhpbEPqx3d8siSToXKfJQpXbjTAnxrzWTd55mt4MPgGF-D5aZDOmm8viBrMfZVRu2c9oTZrb2ik4szbc84lQG3G6MN6gU5mBN7onWTq_e1DEPPLlXfdCIrt1y7J1R759GL25i_cruc0z3H3cBRXhO6IlgyHq04lfHz7jtmEsiigdRUmjGk2ne9T1Pru-r0oCamsg&sig=Cg0ArKJSzPle-lnbxqVsEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78C7 74 KB
28 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08811dd694fe39ed52b2390534cbe991075a02065137a36c914e0cd6a91c4cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592416174093583"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28487
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H/1.1 200
OK unicef_160x600.jpg
s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/ Frame 78C7 53 KB
53 KB 126ms
35ms Image
image/jpeg 52.218.106.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/xzyvmgtxseboq/unicef_160x600.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066471
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.106.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 81804a1b2b20350ec009ba6429a4f58124c16ca30683af0af255544cd98c8fa6

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Jun 2020 11:51:32 GMT
Last-Modified: Sun, 23 Sep 2018 17:54:13 GMT
Server: AmazonS3
x-amz-request-id: 07506335589DDFA8
ETag: "5dcf47442fc7fbb8d0263bbf4869537e"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 54292
x-amz-id-2: 9MdUDRIUwKFGTf70EV3Kqyw+PofBogpFcpeJLRqtWw16BmrPCElHx7sT6iEXKwe4VTh9AKAykdw=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A2F 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de072fa8ec958a27adcb7caec34d45663bbf88c22696a081d2c6ae6ffcae743f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592416174093583"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27927
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5A2F 7 KB
6 KB 21ms
21ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020061611&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ebf7c9cb0956ae4556c56a97dcb5e40f069414ba7cd03c84e8ad9513ab72336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5645
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B141 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 763A 0
0 8ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/3aa48eeb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/3aa48eeb

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sat, 20 Jun 2020 11:15:01 GMT
expires: Sun, 20 Jun 2021 11:15:01 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2190
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A2F 14 KB
5 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js?21066471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
DATA 200
OK truncated
/ Frame 78C7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40abdeac166fefaba0d5acbbbc1d0162de634b16d9f11550b3d54656f6d544b7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 1EBC 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/3aa48eeb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/3aa48eeb

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sat, 20 Jun 2020 11:15:01 GMT
expires: Sun, 20 Jun 2021 11:15:01 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2190
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK prebid3.12.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 8F12 224 KB
224 KB 67ms
12ms Script
application/javascript 13.226.156.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Requested by: Host: ads3.mthsense.com
URL: https://ads3.mthsense.com/RenderAd.aspx?id=14896&width=728&height=90
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-197.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98de3f600c4ff915204d27a70fd224d9b428158a28c7b6d8e8d63ba2a0f6c374

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Jun 2020 02:21:00 GMT
Via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
Last-Modified: Wed, 18 Mar 2020 22:27:12 GMT
Server: AmazonS3
Age: 34233
ETag: "c7e13df4edfbc8f3b857a7aefaf19731"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 229297
X-Amz-Cf-Id: plU-JnRbN7Y1XEuJGgN21XpHN1d7wFFHhQuN747p4p-0tKgEeKKQYw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8F12 45 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49aa932b1a0d10e7ca14496abc8935ba27bbbe94ed8df207065a223e526d2901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "548 / 893 of 1000 / last-modified: 1592611853"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 15663
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4296 0
54 B 20ms
20ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDf4e6fMhlZ0Jr-IyeUFknp5tMxGAjGMvfdxrZ8UpnRgpMK5EEzoz5DySS9cxYo7pYLjKdpvNVfXOpVg_xAsePwRjpEwoFlxrrT6ZeGvJgpg7XFDUbdI52kikc_l1hbGbMpjezMJHr6ACsqaSW8vOHePfAziytwAG-y6QMbx04eYQgZMi8K9RAQeV0ebQjhSki-0UpwAsmz36MeafQao6T3PMw4JcVy1x4Fwd2rRaGtH9w-An65sOlvGJgRGbqQU1fU5D7xlOauSdVSjIaUQ&sig=Cg0ArKJSzIYVD0CxsERuEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4296 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0388d0840a3e9db182c174cd66f0871a0cfdfdf6add2475c7c1a1c2567040f41

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8F12 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=controlc.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8F12 109 B
168 B 17ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=controlc.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020061801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8F12 249 KB
88 KB 16ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

99d1979045ca288b36f4a4fa6db2a8b9cfa55aaed6e8d7e2c2973c1fa19997ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Jun 2020 13:58:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90287
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H2 200 3181831729314583294
tpc.googlesyndication.com/simgad/ Frame 2DA0 52 KB
52 KB 7ms
5ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3181831729314583294

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb6d86692cd6763ea425040ea01f9db1af7d9afc3831d9d7befce4cd766a67b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 20:06:50 GMT
x-content-type-options: nosniff
age: 661481
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53072
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 10:50:35 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 20:06:50 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2DA0 0
54 B 23ms
20ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO_0zF8KBTLJOow-cIuhQOMpOwWSAKEaNVl-p77hxufbllTHqD0bSNKN2MrgOHrwJ1Zxc6MCQnI6a46LFkas-sZANDXjWzObqswZx4vBgVk5fSUCfu4AVo1rMZR7cFA1Y24cnd9CGOFcOjvH4Bl02dpBiPASk72YV3Aql3YaI50j0cvOjXnZTquk_-8YxjewkONYzkYWJkWOGzN-kWYBFwjb31_KCn4ffrC95FAzs4hgGT3COTL2UB-seEqtYJL39s1KTMTHrxbAcurA&sig=Cg0ArKJSzF80TbBygD1REAE&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 78C7 0
45 B 20ms
18ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH5KvhriafzBUGh14zWOyVvHIJEbBaE95gMWUqv3JN6S97Lh-vVnWo-1nxMSMJJKrRs-yBKYgj3vWisv6nE01bfMuFWnO-w3Y4s05XdFXPBXeq6KxNc-sFjqYyFm0y8bG_TatVzOLtQvLbBHxTOM1gNh9_TSFHBlCP5Utss-u_BJy9dULhY6ChNqF4QoQA-66AJ5DADydJBDzc8I9z8bEwkJtgDIzztPj2rN0JpP6xGVkuA1t7W1hfjd9VBOCQ3Zd2Ne3iS3LGjNGvDBIo&sig=Cg0ArKJSzKX8PTh5eUlyEAE&urlfix=1&adurl=

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B141 0
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020061611&jk=3233697004729335&bg=!EBOlEwtY7uv9uQNG4C4CAAAATVIAAAAWmQGZ_j0VEb5YyPzeB1DEJBEUmRW2fqoH6tfdp2l8pOIIblrxzQgyiI-iv21tTCfbBtzEqaBUYfbC6uQUHSBzMZ5tux_7EvG4lms4JD-Vk_RGAJY4Vz0E40lWJKL46eFYpHvAoTTrw_CesjEWaZfkEfRUUahE0SysSYrcsh8WMk7TmClho5c8BWiNGLvCnXoY_CqRs9bKByWbLn8kHdj4tkP_Fi12sxjS6uM08ZLuhE-zrSbeUeMribbipat-7L3D-ayY-DxJG4lKHTXKLvaJ-kP7n_z_FVb206DnzTzpmAtwoQfBpDDXhAgVGEXNPw2P4MUCS_iKu9oHtvMU8stL6n2jHmj52Y-39LbzCzLhlY-oKbJtKkU6joY43kwTaU1rIKEcy79-IlfvR-Pe2SbaiAJaKf_8qMz1JCf-QRrgzNMsXuKd6oxVFKkbgnlTLlxlj_w6PNP25XFdOjGHBGrsRyclTBfedC7NeOZu73Vsbaicw-H1qpLWUdT5hRJmnizPzr5vH41cGwVQHr2xo9wPcaIZlKyi2HmAPU73qw

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content mvo Show response
tag.1rx.io/rmp/74190/0/ Frame 8F12 0
267 B 81ms
17ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/74190/0/mvo?z=1r&hbv=3.12,2.1
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://controlc.com
Pragma: no-cache
Date: Sat, 20 Jun 2020 11:51:32 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive

POST
H2 200 auction Show response
exchange.bidphysics.com/ Frame 8F12 2 KB
857 B 453ms
190ms XHR
application/json 34.236.77.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.bidphysics.com/auction
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.77.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-77-125.compute-1.amazonaws.com
Software: /
Resource Hash: 4d319c04441624eb40340cb010fdd277340d8789e0cd154ba2b86be1521467d7

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:32 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://controlc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 616
expires: 0

GET
H2 200 arj Show response
os4m-d.openx.net/w/1.0/ Frame 8F12 173 B
556 B 51ms
22ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=7e289789-ea3e-4009-9dfc-822f0c450d8c&nocache=1592653891800&aus=728x90&divIds=URL_Pasted_728x90_BTF__86&auid=540529560&aumfs=300&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: e76c642f8bbfc1241c91eb887f66bdfe6aae9e2a542bb72f2675312e7ef80e83

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
server: OXGW/16.188.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://controlc.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 8F12 65 B
627 B 320ms
105ms XHR
application/json 34.199.118.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.118.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-118-187.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: ca11694a03ad3ca894fa93c256afae29fb5064def2529ae56fc71a03c4aed32d

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 20 Jun 2020 11:51:32 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://controlc.com
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8F12 145 B
1 KB 97ms
77ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0278dcaf174db0f7cfbcdbd3f5aabd26f3d6a01722186e7d035a423f81b55dd6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Jun 2020 11:51:33 GMT
X-Proxy-Origin: 185.220.70.68; 185.220.70.68; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.174:80
AN-X-Request-Uuid: 347b3e35-e1f1-43e1-b9e1-07f22d62dd0a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 8F12 24 B
985 B 119ms
100ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=303653&v=7.2&r=%7B%22id%22%3A%2211138fb094de38%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212b5890a82b5bb3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22303653%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcontrolc.com%2F3aa48eeb%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 319dd03f243221f432429fb8010c14f06e3e826db517bea5edcb3e6553d4f43f

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Jun 2020 11:51:31 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Sat, 20 Jun 2020 11:51:31 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 8F12 24 B
576 B 61ms
20ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.12.0
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a23cc5f4b4937d7c1043f39507691f30d5678bbc5f9ada58226ad9e73f86769

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 20 Jun 2020 11:51:31 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://controlc.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 8F12 281 B
1 KB 53ms
17ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=62568&zone_id=710558&size_id=2&rf=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&tk_flint=pbjs_lite_v3.12.0&x_source.tid=7e289789-ea3e-4009-9dfc-822f0c450d8c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5187184370872415
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid3.12.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2de80fb12afae7d6a22b5debc0905dfb98ef09e7ef84ce1362fb2c56aa6116e9

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 20 Jun 2020 11:51:31 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://controlc.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 281
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A2F 0
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020061611&jk=1624437906131175&bg=!QkGlQVlYLhWviYkVkq0CAAAASlIAAAAOmQGZcanulhcPsFcS-xDak1d9xVGMl0dFiRQOBXWK3F9A_YWz9RhrK8oc-_6fASgGZ92iHCqk_iih_Hsf4cnTykWFvRMXR2-LKa7_hl-ahEdW4aNihEp2dWqLrmTC3lWF3IeHuObZed3ifhPSTIaJe2zC6XR9ft4NggSd2TWS2xfNMVkZxAfeck06k5yZRwWbjHhzUBcR-WRTyR5Op_2_Gk6AZr1YBWIHhNNfiTnEOvYUfCZpU-wM51D9hJLHz4HbGq7iOOuk05komkaSF8Ie2RHyv-XVHlk3YQR5JSh9_f-wNj9bWhm2pk09BJ5UtxKga2deQmZREy-iAHtVBMQNQLk_m4OndQY39uair6VQWec_FkgC2nP6NtUNjhndtpZdWGrbY-SNo_qtvNGLRoLl-tpC6vkKItJlH6n7QgSSfRhFFCWvF-0J7B4rnJcwdcFF3iDaQiM2KC63LV2gSsWj0LI6uc4IIAEgCMoq2jOfz2Ldyb2Gh2YquYnY7fW2HZxOmIeLeavY_XQB9RUB_28bmqtLAwZM7yJdN2s_kA

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 23ms
23ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020061611&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d41611e5eebd5d06c370e181fd7a8c96e668b86f279fcc96798e71feca4c347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5566
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:31 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 334B 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/3aa48eeb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/3aa48eeb

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sat, 20 Jun 2020 11:15:01 GMT
expires: Sun, 20 Jun 2021 11:15:01 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2190
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020061611&jk=1507294296930418&bg=!WVqlWkJY68FBqaldqKQCAAAAMVIAAAAJmQF98SvbcIIGbqDoGXB-ss_uFQffRtf16qvlUtk2ypu_OWBYF1o4tjOb-j7w-Yy7JhM_URMc08ACVgGQc3kr8TBibo1rcDyMkLrEC1mxseHbKFLumjx9fxZxbBQs1n_iJmLCY3TthRJyts1V5OJkUj1eFopbf29WwEirNR_lnLssQWpPV674TVc--v4FDEbYtvCboYJHnrpFbpG8SnZqdpwheozI-J1Lg2BzkOP7FvSaE-EvisXUVAqeTGnzzHd2DV6xeTgpzuXFsLlR5LPR_-1qUB7bTgimaq6RyDKw0oye-uM_WeI5Z4Z_PFLuqpiUAMG1rVGXUyHRsqQ70uNk4iZ6Wm3pX9zwj5Rk3aWrPWNZ4kkt7f1U-_K5vnZm92kzEqfZGxAFPyMVAh9YhaiwHlmZqInDvLa5hluPavWNclxUKBw4Dxsb03SgTfJnO4L1N0F4OIUKVtwSd-8DaB4gVMx7VEp26W0nKFzhvLp3QEyGarVw8xD12IPvS11Fu1eC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8F12 54 KB
12 KB 310ms
309ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3037714657781768&correlator=870328376228962&output=ldjh&impl=fifs&adsid=NT&eid=21066472%2C21066394&vrg=2020061801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200620&iu_parts=289026909%2CYieldLift%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=hb_name%3DURL_Pasted_728x90_BTF__86%26passback_pb%3D0.20%26hb_factor%3D1.5%26rscust%3Dpool1&eri=1&cookie=ID%3Db2018d902443703d%3AT%3D1592653891%3AS%3DALNI_MYPAQYE2bb7KodLlcJn0nI7zNyX1g&cdm=controlc.com&bc=31&abxe=1&lmt=1592653892&dt=1592653892266&dlt=1592653891685&idt=70&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=3&adxs=50&adys=1026&adks=554702876&ucis=51qj0xe7ejgo&ifi=1&ifk=1037808068&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&top=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&dssz=11&icsg=554&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1733904396.1592653891&ga_sid=1592653892&ga_hid=1028195872&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

06b6678721e362486cb68e4bc46c019d47447fc1da90b5bf3489f7a67dcd9262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11787
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://controlc.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1322b94ca57444a0d77ee7ecaa0320b0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 8F12 0
0 57ms
39ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1322b94ca57444a0d77ee7ecaa0320b0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8F12 0
0 6ms
5ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 05DB 42 B
107 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBALirxyWhmzFwj77_cFbspQQck3CjOpcSx7vB-OZYiBK1dMfif1XQ7yr8QKTNLn8EKZBbIyXl-50sOD-z6xe94ZqcJ8bFXBqNnnQ3vFs&sig=Cg0ArKJSzJP4oHyZpclvEAE&adk=2762401180&tt=-1&bs=1600%2C1200&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&p=160,1390,760,1550&mcvt=1022&rs=0&ht=0&tfs=3&tls=1029&mc=1&lte=1&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1592653891173&dlt&rpt=64&isd=0&msd=0&ext&xdi=0&ps=1600%2C1027&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-3-10-10-0-0-0&tvt=1027&is=160%2C600&iframe_loc=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200617

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 36C4 42 B
107 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszSyfTCOAjcOS8F4DF8wRDIqowuhw__wti-jC4TyZ7W6Bzi9AJvZaCDRb7SM-G7b2nv0AoAFnISasGTDsSCUJWlFCHaVLbWYLRm5K9Wjw&sig=Cg0ArKJSzJyTnrMfPFV7EAE&adk=1406371575&tt=-1&bs=1600%2C1200&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&p=127,50,217,778&mcvt=1053&rs=0&ht=0&tfs=8&tls=1132&mc=1&lte=1&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1592653891165&dlt&rpt=136&isd=0&msd=0&ext&xdi=0&ps=1600%2C1027&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-5-11-11-0-0-0&tvt=1128&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200617

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame A4B3 202 KB
55 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 934
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Sat, 20 Jun 2020 11:35:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jun 2021 11:35:58 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame A4B3 16 KB
6 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 7616
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Sat, 20 Jun 2020 09:44:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jun 2021 09:44:36 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame A4B3 97 KB
29 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 968
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Sat, 20 Jun 2020 11:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jun 2021 11:35:24 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame A4B3 4 KB
2 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 7610
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Sat, 20 Jun 2020 09:44:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jun 2021 09:44:42 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame A4B3 48 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 7629
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Sat, 20 Jun 2020 09:44:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jun 2021 09:44:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A4B3 4 KB
724 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Jun 2020 10:23:06 GMT
server: ESF
date: Sat, 20 Jun 2020 11:51:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jun 2020 11:51:32 GMT

GET
DATA 200
OK truncated
/ Frame A4B3 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 832cb0c3c5cc624b1055fe54f83ca3868af91288687c5de974f3ba43f4e7e197

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A4B3 2 KB
3 KB 7ms
5ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 02:33:17 GMT
x-content-type-options: nosniff
server: cafe
age: 33495
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Sun, 21 Jun 2020 02:33:17 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A4B3 295 B
398 B 7ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 07:18:34 GMT
x-content-type-options: nosniff
server: cafe
age: 16378
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 21 Jun 2020 07:18:34 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A4B3 0
0 23ms
15ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRJ91RPjtXvnEEo-jgAfI_JyYDpCF8KRd5LKRoosLlafmgNgJEAEgheG8SmCV4pCCoAegAf_bisgDyAEB4AIAqAMByAMKqgTNAU_QWbjICtEVoNJAGcWy8Awp5nZOQqRuKIbAjzeKnrKygaE7cPVabGp4bsK0vfSTFB2xujoj1TEGpW3F9hhDBE_S-j03j-dHUgvaw27E2Ng5y5YUKmy588WSz67a52-AfjIJtea28vhuBySh9YW6k3tShzO3zYsmgf88kmkqLU4eDJNUoYynzsljfhd-t6b9ishstzUJl7RmbPiT_vaC0CE2n1keKLFdfi94BJmIFjP7Y8aXuoHFy7BOcq3nJ_OrizRYeSG9v_EVD4K7tGDABO252uPSAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAeG85wJqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEENrOA9IICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tNDM0NDgzMjMzMzI5OTc5NoAKA8gLAdgTDJgWAQ&sigh=UZJ37YW7xQI&tpd=AGWhJmuauaNQ4dZuC6J5GT862cjFvTMdmrAVT45YCkbu-oKRbQ
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8F12 7 KB
6 KB 25ms
17ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020061801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45f43d136ff26a4b1e3725336dbfb3210ceab52ce24f2b6cc1fc4579f1a3e818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Jun 2020 11:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5624
x-xss-protection: 0

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame A4B3 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin: https://controlc.com

Response headers

date: Mon, 08 Jun 2020 21:34:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:26 GMT
server: sffe
age: 1001834
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Tue, 08 Jun 2021 21:34:18 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame A4B3 14 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin: https://controlc.com

Response headers

date: Fri, 12 Jun 2020 00:08:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:18 GMT
server: sffe
age: 733394
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:08:18 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8F12 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Jun 2020 11:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Sat, 20 Jun 2020 11:51:32 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A4B3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
39ms

Image
text/html

2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: controlc.com
URL: https://controlc.com/3aa48eeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sat, 20 Jun 2020 11:51:32 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 0DE4 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://controlc.com/3aa48eeb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://controlc.com/3aa48eeb

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sat, 20 Jun 2020 11:15:01 GMT
expires: Sun, 20 Jun 2021 11:15:01 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2191
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2DA0 42 B
107 B 14ms
13ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuu64ImODB_VmpNb9rxr_VJD11Vr2zE30SXYbinP60m9TROhWeJHcwVC3NxDe5fdA5QFE3pqRQF07cFuT9RFw4eeMwzlwRbGgwoPRrshsE&sig=Cg0ArKJSzJDjjaJ-eYZnEAE&id=ampim&o=50,127&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=105&tls=1105&g=100&h=100&tt=1106&r=v&avms=ampa&adk=1088513110

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 78C7 42 B
107 B 14ms
13ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCxEkHSNclt8OV-5__UpiXxirpaymIthrYXNOcipQBRLR_zQqAacOJ5fuuZ-tAeEiww87G2ba62ge6FWRXPAjZpgDblcxEAW_IIB8gDLg&sig=Cg0ArKJSzJx55JYTvm4LEAE&adk=2407567311&tt=-1&bs=1600%2C1200&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&p=0,0,600,160&mcvt=1053&rs=3&ht=0&tfs=128&tls=1172&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1592653891569&dlt&rpt=132&isd=0&msd&ext&xdi=0&ps=1600%2C1252&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-3-10-10-0-0-0&tvt=1170&is=160%2C600&iframe_loc=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200617

Requested by

Host: controlc.com
URL: https://controlc.com/3aa48eeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F12 0
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020061801&jk=3037714657781768&bg=!kpGlkYlY0DVnCukFQjQCAAAAM1IAAAAKmQGZaoOCG55QcQ9Ni5YAFjd8DA_X0_JUNGBquYcu9lpBIBHHQ61GpyjbSpNqatjmFBLk0yaGknGDIIBkFhMKCmBN3gRjxVn1hqo263OeuDpvvxJJh4EKG1mV5yZFiQxuwdmFr6V5kKbJ5L89yBGoqVMXFei8m0CWMgUbFOLBR2UVQ8YO_DMc__qpp0v6brE4QYgBq2PT5t4eUq7_o8_kzQZitBIDUUZhCXbXDA2csBmkbk2UfLBqnqMGECDH3rHmFjgI3x6v93ZhFYnMxQFXLpS4A-nLDwYKw1tnUq4R-AVCm-puiITeknWaTtpxhGBZ2G1LLvP1XItOC7I-AZCS1pOGelFZftZagMWxIVFSANlNESxov1SKnd2h3ecGh6_MoDSMOAcxjCvoAQc8Qj5ngKqneC02sR-4skU7kIOnWnjsp4GcjI4Ew4W0LCyXonImQkLC0alOQObFfjKnsYkV_cBCrIz3BFlzHvnarBOXZsegWSq3-6Za1rEUe0QVVIu6HKyhJgH8_cjpGyMiyFFny2opBYIpUYd_qRkiRg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4296 42 B
107 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9OGUZn72_VodS80-ZRf0hJSHcVZv6Aofqo-PyKkCuimAP9CrLDPPzpMO1m0a5Eoyr9Y-rJlSzzsyXbCM-qUQ5Z16fzJLSOd2V_vDuFaQ&sig=Cg0ArKJSzJfFTJbi_dxSEAE&adk=2507290776&tt=-1&bs=1600%2C1200&mtos=51,1088,1088,1088,1088&tos=51,1037,0,0,0&p=704,50,798,778&mcvt=1088&rs=0&ht=0&tfs=2&tls=1179&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1592653891179&dlt&rpt=514&isd=0&msd=0&ext&xdi=0&ps=1600%2C1252&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1178&is=728%2C90&iframe_loc=https%3A%2F%2Fcontrolc.com%2F3aa48eeb&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200617

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A4B3 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsst8ydmxZvM_DxW9rvUYDAEEKSUL9UeydJdhC3--Nc5HPtJsSnQZ9iR8Cz94lf8GQ_TW2l_mRxrX4j1_OGqwPSqosttmeeY9InwKBKmBTE9IuyKKTp3MwB9-jJqlg&sai=AMfl-YSPnVdTZb1mWuo7QJ9usuDOBAsjB4EN2LgCj4kXwT3Y9fNLwScIE1AcF1UGhfJvFOJbkwV5baEBQL6naJgkyW_XA21gWc0cJJ0u1NZlLMxr6c-2D08gJViFYb1-&sig=Cg0ArKJSzOOXBGH-M7TBEAE&cid=CAASPeRoXnot7YA-ytVk9DtZfM9bQM3pixpM2LlNqZEUYDICdyMvWirIQTFp2WGlsDnpWaGNstR94U7TtfymK20&id=ampim&o=50,1026&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=131&tls=1132&g=100&h=100&tt=1132&r=v&avms=ampa&adk=554702876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
exchange.bidphysics.com/ Frame 8F12
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&sovrn_retry=true
https://exchange.bidphysics.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=f2543f349565232c6926ccc1

0
372 B

99ms
98ms

Image
text/plain

34.236.77.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.bidphysics.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=f2543f349565232c6926ccc1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.77.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-77-125.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sat, 20 Jun 2020 11:51:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Date: Sat, 20 Jun 2020 11:51:35 GMT
Server: nginx
Location: https://exchange.bidphysics.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=f2543f349565232c6926ccc1
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8F12
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKaiNnEq-Ij96hpS3RGwPA&google_cver=1

43 B
172 B

17ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKaiNnEq-Ij96hpS3RGwPA&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:35 GMT
via: 1.1 google
server: OXGW/16.188.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:35 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKaiNnEq-Ij96hpS3RGwPA&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
exchange.bidphysics.com/ Frame 8F12
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://exchange.bidphysics.com/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=2860301517037710165

0
370 B

99ms
98ms

Image
text/plain

34.236.77.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.bidphysics.com/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=2860301517037710165
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.77.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-77-125.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sat, 20 Jun 2020 11:51:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 20 Jun 2020 11:51:37 GMT
X-Proxy-Origin: 185.220.70.68; 185.220.70.68; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.88:80
AN-X-Request-Uuid: 342fdb3e-1254-42cb-9754-4b8facc9fe13
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://exchange.bidphysics.com/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=2860301517037710165
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ Frame 8F12 49 B
509 B 65ms
13ms Image
image/gif 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BUID%5D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Jun 2020 11:51:35 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
exchange.bidphysics.com/ Frame 8F12
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
https://exchange.bidphysics.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=73fdce90-307d-08d7-007c-00bd661a429d

0
385 B

99ms
99ms

Image
text/plain

34.236.77.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.bidphysics.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=73fdce90-307d-08d7-007c-00bd661a429d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.77.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-77-125.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sat, 20 Jun 2020 11:51:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 20 Jun 2020 11:51:34 GMT
via: 1.1 google
vary: Origin
server: Cowboy
status: 302
location: https://exchange.bidphysics.com/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=73fdce90-307d-08d7-007c-00bd661a429d
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: emdrqmljtt7hqs12dhqsecm4s6mo975n

GET
H2

200

setuid
exchange.bidphysics.com/ Frame 8F12
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fexchange.bidphysics.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://exchange.bidphysics.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=Xu34Q7lQJ8EAAFJPGK8AAABr%261113

0
380 B

99ms
98ms

Image
text/plain

34.236.77.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.bidphysics.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=Xu34Q7lQJ8EAAFJPGK8AAABr%261113
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.77.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-236-77-125.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://controlc.com/3aa48eeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sat, 20 Jun 2020 11:51:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Accept-Encoding, Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 20 Jun 2020 11:51:35 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://exchange.bidphysics.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=Xu34Q7lQJ8EAAFJPGK8AAABr%261113
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 301
Expires: Sat, 20 Jun 2020 11:51:35 GMT

POST
H2 200 view.php Show response
controlc.com/api/tinypaste/ 2 B
223 B 23ms
23ms XHR
text/html 2606:4700:3033::681b:bf2d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://controlc.com/api/tinypaste/view.php
Requested by: Host: controlc.com
URL: https://controlc.com/public/js/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:bf2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873

Request headers

Accept: */*
Referer: https://controlc.com/3aa48eeb
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 20 Jun 2020 11:51:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.5.38
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 5a654762dcc1e003-FRA
cf-request-id: 03732af1c90000e003859bc200000001

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.twitch.tv/	1969-12-31 23:59:59	Name: server_session_id Value: 2cb780452dc84c6e951f028ae9ee5eb5
.twitch.tv/	1970-01-23 02:03:06	Name: unique_id_durable Value: aIVDkT7JwnrdC0K2Hr9mKi5TgMBP9Dxb
.twitch.tv/	1970-01-23 02:03:06	Name: unique_id Value: aIVDkT7JwnrdC0K2Hr9mKi5TgMBP9Dxb
.controlc.com/	1970-01-20 03:55:25	Name: __gads Value: ID=b2018d902443703d:T=1592653891:S=ALNI_MYPAQYE2bb7KodLlcJn0nI7zNyX1g
.controlc.com/	1970-01-19 11:07:25	Name: __cfduid Value: dd007a95d0e417e1cc9ffb907d1dba87f1592653890
.controlc.com/	1970-01-19 10:25:40	Name: _gid Value: GA1.2.1191316753.1592653891
.controlc.com/	1970-01-19 10:24:13	Name: _gat Value: 1
.controlc.com/	1970-01-20 03:55:25	Name: _ga Value: GA1.2.1733904396.1592653891
controlc.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7ca99b00fc8c32c8c7e4b3b7fc61f844

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061611.js(Line 6) Message: GPT does not support passback slots on the top window. Each passback slot should be defined and rendered within an iframe.
console-api	log	URL: https://controlc.com/3aa48eeb(Line 255) Message: [object Object]
console-api	log	URL: https://controlc.com/3aa48eeb(Line 234) Message: [object Object]
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://controlc.com/3aa48eeb
console-api	warning	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO_0zF8KBTLJOow-cIuhQOMpOwWSAKEaNVl-p77hxufbllTHqD0bSNKN2MrgOHrwJ1Zxc6MCQnI6a46LFkas-sZANDXjWzObqswZx4vBgVk5fSUCfu4AVo1rMZR7cFA1Y24cnd9CGOFcOjvH4Bl02dpBiPASk72YV3Aql3YaI50j0cvOjXnZTquk_-8YxjewkONYzkYWJkWOGzN-kWYBFwjb31_KCn4ffrC95FAzs4hgGT3COTL2UB-seEqtYJL39s1KTMTHrxbAcurA&sig=Cg0ArKJSzF80TbBygD1REAE&adurl=
console-api	warning	(Line 1) Message: NO prebid responses1
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://controlc.com/3aa48eeb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1322b94ca57444a0d77ee7ecaa0320b0.safeframe.googlesyndication.com
77311389a48ed0bda86fa6e2a630d48f.safeframe.googlesyndication.com
8916f453816ed2292446848702e1010d.safeframe.googlesyndication.com
8c062288171dd80b1a005971a8810a7d.safeframe.googlesyndication.com
ads3.mthsense.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.twitch.tv
as-sec.casalemedia.com
cdn.ampproject.org
cdn.carbonads.com
cdn.fancybar.net
cm.g.doubleclick.net
controlc.com
d2tbmvllb55wxq.cloudfront.net
eu-u.openx.net
exchange.bidphysics.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
os4m-d.openx.net
pagead2.googlesyndication.com
player.twitch.tv
rtb.openx.net
s3-eu-west-1.amazonaws.com
securepubads.g.doubleclick.net
srv.carbonads.net
ssc.33across.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.go.sonobi.com
tag.1rx.io
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
yadloop.com
13.226.154.49
13.226.156.197
151.101.38.167
151.101.38.214
172.217.18.98
172.217.22.2
178.128.255.150
178.162.133.149
213.19.147.210
23.111.10.140
23.111.10.144
23.210.249.164
2606:4700:3033::681b:bf2d
2a00:1450:4001:800::2002
2a00:1450:4001:802::200e
2a00:1450:4001:814::2002
2a00:1450:4001:815::2001
2a00:1450:4001:816::2001
2a00:1450:4001:816::200a
2a00:1450:4001:81a::2003
2a00:1450:4001:81d::2001
2a00:1450:4001:820::2003
2a00:1450:4001:825::2002
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9a
34.199.118.187
34.236.77.125
34.98.64.218
35.186.253.211
35.244.159.8
37.252.172.38
40.84.148.247
52.218.106.75
69.173.144.140
72.251.249.9
0278dcaf174db0f7cfbcdbd3f5aabd26f3d6a01722186e7d035a423f81b55dd6
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
0388d0840a3e9db182c174cd66f0871a0cfdfdf6add2475c7c1a1c2567040f41
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b6678721e362486cb68e4bc46c019d47447fc1da90b5bf3489f7a67dcd9262
07702d076f8c28644a2b09299dac52af3abbf7bd5d3c6d23c6c8ea6aa133cdea
08811dd694fe39ed52b2390534cbe991075a02065137a36c914e0cd6a91c4cbe
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0a23cc5f4b4937d7c1043f39507691f30d5678bbc5f9ada58226ad9e73f86769
0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df
10d260de958aa225f5add9155e9194221b65c1c991ec3bc9132a40d4f4fabff2
124fc18fae0e821795366db301bee6d36cb68e31f50f190e57b687a8bfc1e664
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
249a47240c54580905210bdba65667fee54315dc6ed4c35c080569b2526ac056
261961b6c33ef546c740687526aeb3cb77a1c2a89aa337dcaacc4e3edbfbcc2b
2a11c133fc51a4bdbf16a612562fd43d160e9e4b27006127d4e1325b02a027d6
2de80fb12afae7d6a22b5debc0905dfb98ef09e7ef84ce1362fb2c56aa6116e9
2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598
319dd03f243221f432429fb8010c14f06e3e826db517bea5edcb3e6553d4f43f
31c70fc4fa7dee6db3f53f0c1db540813dfc6523f0226634179a701062d3e616
3ebf7c9cb0956ae4556c56a97dcb5e40f069414ba7cd03c84e8ad9513ab72336
400c872105fbf93f667e74652201efbf2e0c1548a412801a96219c38235cb9a8
40abdeac166fefaba0d5acbbbc1d0162de634b16d9f11550b3d54656f6d544b7
439211cb90e7da0f52c80f15dc2ca868ac9419e83350a1ff2d0372031f359986
45f43d136ff26a4b1e3725336dbfb3210ceab52ce24f2b6cc1fc4579f1a3e818
467b1db9776e63a47ad4b041976647f292a3ce02da70383613325e4dea1ef734
49aa932b1a0d10e7ca14496abc8935ba27bbbe94ed8df207065a223e526d2901
4d319c04441624eb40340cb010fdd277340d8789e0cd154ba2b86be1521467d7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a
52ea4c4a224e6215157096b53cb5d4dab976d6393a9a94c29eb88783f1a18991
5d41611e5eebd5d06c370e181fd7a8c96e668b86f279fcc96798e71feca4c347
72b59d9449d39bb7d7a4d3637e3b9e3d5040aee7efd14872b3f52982295e73a9
7371c64d7ae781cad22d9f6b3298091f8cfa117b5ac3836bdb9cb615576c5ce8
75d886a9078e612f4592992285b4745c2c7223a2eb321e057fc388cb673cfdf3
770a5be4937bf757134b47d4845e28c82e6dda0c7eee72875fda2ad3dbc93718
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81804a1b2b20350ec009ba6429a4f58124c16ca30683af0af255544cd98c8fa6
832cb0c3c5cc624b1055fe54f83ca3868af91288687c5de974f3ba43f4e7e197
8544cf73bbfe4bf47e14b215cd0a72e2c4b618d30798e823bba6393fa2821152
85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c
86924cd006db30b9d4f1418e06cd7bd83eef2be768a10f27d2cff26e6977cced
885ec3e51589244c6ab9a6b99e8fbfd5648258a0818c8074ffc4a1e014cf846a
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183
98de3f600c4ff915204d27a70fd224d9b428158a28c7b6d8e8d63ba2a0f6c374
99d1979045ca288b36f4a4fa6db2a8b9cfa55aaed6e8d7e2c2973c1fa19997ed
a2c0ab5111af029013d1d4adaa7c45ea328dc6421b7eb2d51992cd2e68ec7775
ace6f28cdb8de15640326250ce0854c634cd2910bd3a4a8641bb083bf35021a3
ae7e327fb326928a9a0b31188e28286f6cddae15d8dbe9de63114c7bae883d5f
af1165ad00402c5aa49b926268cc7e991012c6c982a1f051d53d278f84923d35
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
b0b1391f19119b5d24b3b908b96a6a3838d460717fa7b3b256b7f4c5f924b131
b5091f21d1a25da1caefae9a48d6e0142c7b874126ed6982691ed8c118bbf6b7
bafbed60844c7113252124ca42cf6cb3ab28905fac0c1260a7202dedf9025bf2
c007af53140e2ea40266ada07944c9c33a7b0e72dbab955db9da09d88ff5e91b
c248cda33f942842c869a9791948211e82c43c8caf2693fbb670c80231b06120
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
ca11694a03ad3ca894fa93c256afae29fb5064def2529ae56fc71a03c4aed32d
cf3bae39dd692048a8bf961182e6a34dfd323eeb0748e162eaf055107f1cb873
d6438c63069c5b897cbab71927f7069ec113a2917e0f1e7bc4ffb2fc4e03bccd
dc192958c74f52e9e196b96e3aee3cd99ad6ba6573e429fb731ba12e261691b2
de072fa8ec958a27adcb7caec34d45663bbf88c22696a081d2c6ae6ffcae743f
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3df9723f6e2da831c83563b02e9d5819070f628ee44949c0c1ac2e8d055df25
e4c27157420a83fb07e6c7bdbe273ceec1df5b0df8953f04c0880b75e97cd5dc
e76c642f8bbfc1241c91eb887f66bdfe6aae9e2a542bb72f2675312e7ef80e83
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ec4b53e1ad1916e5fa39669a367d0384a5cb741475961401eca28f5187607c72
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f167df5a5c92082d7d7b4f04443e8c65a1740be0546c12b443972210795c1193
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f403fad3806ce3425ef5364d1d161f63e7e23534eec42ac3be831d6a9cb6ba6b
f5a1212852709b2be58bf29e94fb8b53575c6596d744b192d2979474b062c4b3
fa85dcb00a408381b7639601205d10c5482f850365cee1632fba0ec4bdc55875
fb1720927d146fe5dc6901717017a7b373a4a55acbb15ed36677cfa5d2abcb08
fb6d86692cd6763ea425040ea01f9db1af7d9afc3831d9d7befce4cd766a67b3
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

controlc.com Open in urlscan Pro 2606:4700:3033::681b:bf2d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

133 Requests

100 %HTTPS

37 %IPv6

27 Domains

42 Subdomains

32 IPs

7 Countries

1531 kBTransfer

3532 kBSize

9 Cookies

0 Outgoing links

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

controlc.com Open in urlscan Pro
2606:4700:3033::681b:bf2d Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

100 %
HTTPS

37 %
IPv6

27
Domains

42
Subdomains

32
IPs

7
Countries

1531 kB
Transfer

3532 kB
Size

9
Cookies

133 HTTP transactions
6 data transactions