gofobo.com Open in urlscan Pro
44.226.64.252 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gofobo.ticktbox.com/redirect/8NkNSn
Effective URL:
https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Submission: On September 01 via api (September 1st 2021, 10:09:39 pm UTC) from US

Summary HTTP 210 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 81 IPs in 11 countries across 63 domains to perform 210 HTTP transactions. The main IP is 44.226.64.252, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is gofobo.com.
TLS certificate: Issued by Amazon on March 2nd 2021. Valid for: a year.

This is the only time gofobo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	44.226.64.252 44.226.64.252	16509 (AMAZON-02) (AMAZON-02)
32	13.32.118.17 13.32.118.17	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223c:ec00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.92.64 18.66.92.64	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:27::... 2620:1ec:27::cafe:2154	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:4700::68... 2606:4700::6811:4f22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1	94.31.29.248 94.31.29.248	33438 (HIGHWINDS2) (HIGHWINDS2)
1	108.161.188.128 108.161.188.128	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.112.122 18.66.112.122	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2 4	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.30 18.66.112.30	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2600:1f18:730... 2600:1f18:730:b150:9292:c5da:e647:d689	14618 (AMAZON-AES) (AMAZON-AES)
1	54.146.217.90 54.146.217.90	14618 (AMAZON-AES) (AMAZON-AES)
8	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
9 9	52.57.222.152 52.57.222.152	16509 (AMAZON-02) (AMAZON-02)
2	44.235.82.75 44.235.82.75	16509 (AMAZON-02) (AMAZON-02)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
4	104.111.219.144 104.111.219.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.36.109.156 54.36.109.156	16276 (OVH) (OVH)
1	34.210.245.148 34.210.245.148	16509 (AMAZON-02) (AMAZON-02)
2	34.213.121.83 34.213.121.83	16509 (AMAZON-02) (AMAZON-02)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:223... 2600:9000:223c:ba00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 4	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
3	52.29.213.60 52.29.213.60	16509 (AMAZON-02) (AMAZON-02)
1	213.19.162.41 213.19.162.41	26667 (RUBICONPR...) (RUBICONPROJECT)
2 11	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	52.58.12.132 52.58.12.132	16509 (AMAZON-02) (AMAZON-02)
2	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.32.121.3 13.32.121.3	16509 (AMAZON-02) (AMAZON-02)
1 6	54.84.63.116 54.84.63.116	14618 (AMAZON-AES) (AMAZON-AES)
1	2.16.186.186 2.16.186.186	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 4	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 5	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	54.194.53.150 54.194.53.150	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:444... 2600:1f18:444a:4602:4614:a08b:388f:2234	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.159.171.176 18.159.171.176	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::300 2a04:4e42:3::300	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
5 6	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	213.155.156.168 213.155.156.168	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11 12	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
1 2	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
3	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
2 2	18.159.182.76 18.159.182.76	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.235.66 52.214.235.66	16509 (AMAZON-02) (AMAZON-02)
5 5	52.30.92.119 52.30.92.119	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.144 185.86.138.144	201081 (SMARTADSE...) (SMARTADSERVER)
210	81

10 44.226.64.252 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-226-64-252.us-west-2.compute.amazonaws.com

gofobo.ticktbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gofobo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 13.32.118.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-17.fra60.r.cloudfront.net

dk2d6nav3mn9d.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:ec00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.92.64 (United States)

ASN16509 (AMAZON-02, US)

d2u384mreupnc8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:2154 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eb.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.248 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.248.IPYX-077437-ZYO.above.net

asset.pagefair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.188.128 (United States)

ASN33438 (HIGHWINDS2, US)

asset.pagefair.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.122 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.30 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:9292:c5da:e647:d689 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.217.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-217-90.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.57.222.152 (Frankfurt am Main, Germany) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-222-152.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.235.82.75 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-82-75.us-west-2.compute.amazonaws.com

usync.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.156 (Sheridan, United States)

ASN16276 (OVH, FR)
PTR: p07.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.210.245.148 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-245-148.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.213.121.83 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-121-83.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:ba00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.244 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.213.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-213-60.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

propermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.12.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-12-132.eu-central-1.compute.amazonaws.com

pre.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-3.fra60.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.84.63.116 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-63-116.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.186 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-186.deploy.static.akamaitechnologies.com

sli.gofobo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.132.241 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 76.223.111.131 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.53.150 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-53-150.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:4614:a08b:388f:2234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.171.176 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-171-176.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3ae4f9a453f681a3a3c1c06bb32960f2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.15 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.4.25 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.168 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.98 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.112.63 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.182.76 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.235.66 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.30.92.119 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	cloudfront.net dk2d6nav3mn9d.cloudfront.net d2u384mreupnc8.cloudfront.net	587 KB
23	doubleclick.net 11 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	165 KB
14	pubmatic.com 1 redirects hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image4.pubmatic.com image2.pubmatic.com simage2.pubmatic.com	35 KB
13	googlesyndication.com 3ae4f9a453f681a3a3c1c06bb32960f2.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	223 KB
11	openx.net 2 redirects propermedia-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
11	liadm.com 2 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com i.liadm.com i6.liadm.com	18 KB
10	ampproject.org cdn.ampproject.org	203 KB
10	gofobo.com gofobo.com sli.gofobo.com	55 KB
9	bidswitch.net 9 redirects x.bidswitch.net	3 KB
9	youtube.com img.youtube.com	210 KB
8	clarity.ms 1 redirects www.clarity.ms c.clarity.ms e.clarity.ms	24 KB
7	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	6 KB
7	proper.io global.proper.io usync.proper.io bids.proper.io eb.proper.io	115 KB
6	adform.net 5 redirects c1.adform.net	3 KB
6	cookielaw.org cdn.cookielaw.org	120 KB
5	bidr.io 5 redirects match.prod.bidr.io	3 KB
5	adsrvr.org 4 redirects match.adsrvr.org	2 KB
5	yahoo.com 4 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	4 KB
4	google.com 2 redirects adservice.google.com www.google.com	1 KB
4	mathtag.com 4 redirects sync.mathtag.com	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com	37 KB
4	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	14 KB
4	fastclick.net secure.cdn.fastclick.net	92 KB
4	quantserve.com 2 redirects secure.quantserve.com pixel.quantserve.com	10 KB
3	tynt.com de.tynt.com	867 B
3	33across.com ssc.33across.com	673 B
3	sharethrough.com btlr.sharethrough.com	328 B
3	facebook.com www.facebook.com	489 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
2	avct.cloud 2 redirects ads.avct.cloud	888 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	903 B
2	googletagservices.com www.googletagservices.com	64 KB
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	addthis.com 1 redirects x.dlx.addthis.com	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	dotomi.com web.hb.ad.cpe.dotomi.com proc.ad.cpe.dotomi.com	1 KB
2	districtm.io dmx.districtm.io cdn.districtm.io	280 B
2	justpremium.com pre.ads.justpremium.com	5 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	113 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com maxcdn.bootstrapcdn.com	31 KB
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	simpli.fi um.simpli.fi	610 B
1	onaudience.com 1 redirects pixel.onaudience.com	398 B
1	criteo.com dis.criteo.com	338 B
1	de17a.com d5p.de17a.com	134 B
1	google.pl adservice.google.pl	853 B
1	taboola.com trc.taboola.com	229 B
1	lijit.com ap.lijit.com	595 B
1	casalemedia.com as-sec.casalemedia.com	391 B
1	sonobi.com apex.go.sonobi.com	610 B
1	1rx.io tag.1rx.io	166 B
1	quantcount.com rules.quantcount.com	428 B
1	bing.com 1 redirects c.bing.com	393 B
1	rlcdn.com api.rlcdn.com Failed ats.rlcdn.com	61 KB
1	sharedid.org id.sharedid.org	210 B
1	id5-sync.com id5-sync.com	528 B
1	pagefair.net asset.pagefair.net	348 B
1	pagefair.com asset.pagefair.com	332 B
1	onetrust.com geolocation.onetrust.com	373 B
1	googletagmanager.com www.googletagmanager.com	37 KB
1	ticktbox.com 1 redirects gofobo.ticktbox.com	847 B
210	63

	Domain	Requested by
32	dk2d6nav3mn9d.cloudfront.net	gofobo.com dk2d6nav3mn9d.cloudfront.net
12	cm.g.doubleclick.net	11 redirects eu-u.openx.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	x.bidswitch.net	9 redirects
9	img.youtube.com	gofobo.com
9	gofobo.com	gofobo.com
8	tpc.googlesyndication.com	gofobo.com securepubads.g.doubleclick.net tpc.googlesyndication.com
8	securepubads.g.doubleclick.net	global.proper.io securepubads.g.doubleclick.net gofobo.com www.googletagservices.com
6	eu-u.openx.net	1 redirects global.proper.io eu-u.openx.net
6	c1.adform.net	5 redirects ads.pubmatic.com
6	i.liadm.com	1 redirects b-code.liadm.com i.liadm.com
6	cdn.cookielaw.org	gofobo.com cdn.cookielaw.org
5	match.prod.bidr.io	5 redirects
5	image2.pubmatic.com	1 redirects ads.pubmatic.com
5	match.adsrvr.org	4 redirects eu-u.openx.net
4	us-u.openx.net	1 redirects eu-u.openx.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	sync.mathtag.com	4 redirects
4	e.clarity.ms	www.clarity.ms
4	c.amazon-adsystem.com	global.proper.io c.amazon-adsystem.com
4	ib.adnxs.com	3 redirects global.proper.io
4	secure.cdn.fastclick.net	global.proper.io secure.cdn.fastclick.net
4	ups.analytics.yahoo.com	4 redirects
3	de.tynt.com	global.proper.io
3	simage2.pubmatic.com	ads.pubmatic.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	ssc.33across.com	global.proper.io
3	btlr.sharethrough.com	global.proper.io
3	pixel.quantserve.com	2 redirects gofobo.com
3	www.facebook.com	gofobo.com
2	ads.avct.cloud	2 redirects
2	pm.w55c.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	secure.adnxs.com	1 redirects
2	eus.rubiconproject.com	global.proper.io eus.rubiconproject.com
2	ads.pubmatic.com	global.proper.io ads.pubmatic.com
2	googleads.g.doubleclick.net	gofobo.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	prod.perf-serving.com	2 redirects
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	2 redirects
2	pre.ads.justpremium.com	global.proper.io
2	c.clarity.ms	1 redirects gofobo.com
2	bids.proper.io	global.proper.io
2	usync.proper.io	gofobo.com
2	www.google-analytics.com	gofobo.com www.google-analytics.com
2	global.proper.io	gofobo.com global.proper.io
2	www.clarity.ms	gofobo.com www.clarity.ms
2	connect.facebook.net	gofobo.com connect.facebook.net
2	b-code.liadm.com	gofobo.com b-code.liadm.com
1	rtb-csync.smartadserver.com	eu-u.openx.net
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	d5p.de17a.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cdn.districtm.io	global.proper.io
1	acdn.adnxs.com	global.proper.io
1	3ae4f9a453f681a3a3c1c06bb32960f2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.pl	securepubads.g.doubleclick.net
1	trc.taboola.com	i.liadm.com
1	i6.liadm.com	i.liadm.com
1	eb.proper.io	global.proper.io
1	sli.gofobo.com	gofobo.com
1	ats.rlcdn.com	secure.cdn.fastclick.net
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	web.hb.ad.cpe.dotomi.com	global.proper.io
1	ap.lijit.com	global.proper.io
1	as-sec.casalemedia.com	global.proper.io
1	dmx.districtm.io	global.proper.io
1	apex.go.sonobi.com	global.proper.io
1	hbopenbid.pubmatic.com	global.proper.io
1	propermedia-d.openx.net	global.proper.io
1	fastlane.rubiconproject.com	global.proper.io
1	tag.1rx.io	global.proper.io
1	rules.quantcount.com	secure.quantserve.com
1	c.bing.com	1 redirects
1	id.sharedid.org	global.proper.io
1	id5-sync.com	global.proper.io
1	rp4.liadm.com	gofobo.com
1	rp.liadm.com	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	secure.quantserve.com	global.proper.io
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	asset.pagefair.net	gofobo.com
1	asset.pagefair.com	gofobo.com
1	static.hotjar.com	gofobo.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.googletagmanager.com	gofobo.com
1	d2u384mreupnc8.cloudfront.net	gofobo.com
1	maxcdn.bootstrapcdn.com	gofobo.com
1	stackpath.bootstrapcdn.com	gofobo.com
1	gofobo.ticktbox.com	1 redirects
0	api.rlcdn.com Failed	global.proper.io
210	100

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
instagram.com
proper.io
onetrust.com

Subject Issuer	Validity	Valid
gofobo.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.liadm.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-06-12` - `2021-09-10`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
asset.pagefair.com Let's Encrypt Authority X3	`2020-01-22` - `2020-04-21`	3 months	crt.sh
asset.pagefair.net Let's Encrypt Authority X3	`2020-02-08` - `2020-05-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2020-12-20` - `2022-01-20`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2021-03-11` - `2022-03-15`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
id.sharedid.org Amazon	`2021-01-08` - `2022-02-06`	a year	crt.sh
c.msn.com Microsoft Azure TLS Issuing CA 02	`2021-06-27` - `2022-06-22`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
tracking.justpremium.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
sli.gofobo.com R3	`2021-07-06` - `2021-10-04`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.google.pl GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.pbp.bf2.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-18` - `2021-11-17`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Frame ID: 85149BB58A2A027880EA523D1BEBF78B
Requests: 135 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 76EFA0C6EAFDEFFE29C09693EC0944E0
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-00jp?s=&cim=&ps=true&ls=false&duid=0304f7a82132--01fehphk508rwdr0ryqvcwe2zm&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 5D9A888817BE7A950C0DC0BE3DFE698F
Requests: 8 HTTP requests in this frame

Frame: https://3ae4f9a453f681a3a3c1c06bb32960f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F5D3D25F7D0EF01B204AF2C3A27D14F0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: 5ABFE143F92ABDCC261B74269992BF28
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: F00135909886C00A5CB23759579F4CA9
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYuC-0-7X8AYyAHg9iJrzDiM2xP-F_VJOS7pXv36JR9P5nhw5knbOfiUVXAjb4evOcuIGWrnUQ7dSYqEvp3u1mOVl68vCEZRWU_JZP9RKwOFNmB_nRgrnevXhpTFXlMp9Ex3asD4UnZ25WXdDZveOzhb1ELOWJvvDMJxi7imRmIq75uQNeiqmh3Y-92PlBY3zFO55bHmtI9rc41Ao2qfZUJybURMOHAr7Y2sYBMgVSk3kCpnGKnSpArjcI2MtBXljEaqo1a3WlvfsUA2K69ovRQpylekAuk91riv7Rn98_BuAJVK6YX1xb_dlpRoj-kLpaZP-HW2yB&sai=AMfl-YQMJvPSUdBQIuUWNGQVakZoz9tg2iJomYYEPOm90rl2YmP_jOtfMk2wXMMzKdk3c5Fj-vMyOOo4X2vODjmrMJepGo8ZEAOyxU7zOTR28JlVBLUGbVXWOMgXt4rJMV5h&sig=Cg0ArKJSzNsssS64bDjDEAE&urlfix=1&adurl=
Frame ID: EA0C68D0E700EF15ECAF1D5E7859A760
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B4A2AC581F64553C0974D3E41B6405DD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EDD25F103394736FFD61CF82C33C28FB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: E007F8874083D21B1C1E543FF556C0CE
Requests: 2 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: AFB7F5C1DE4D8F4A9C93E13DA6BB2437
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ahyqire1630534159740
Frame ID: 2F9DC5A855974ADE5B15FF3EB01450C7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2D8B647D1653BF8F70EF38220714AC5A
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9F63402A398D590CF501B3AC95CF3664
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=5E944C5E-A842-41E6-B09A-8149729212B7
Frame ID: 2638F892E0DCF1F76C88B4AB64D17878
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 47C6EF850F9957D492E1BD4A33D020FE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: BFFED52E10ADC9C7D2BCA65F96A4C1C1
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Frame ID: 200C678B8F4703ABCEBDDA185ABB0B51
Requests: 11 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dEJ4uepHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 2FF9AAAAB973770C44D4CEB5320E746B
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dIiXMspHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: DD421D0B3B6E777BCC86EDB99FD049C2
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dVJisCpHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: E15C8C68EC66F4F1A1E48353FCEC3086
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gofobo Trailers | THE GUILTYBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://gofobo.ticktbox.com/redirect/8NkNSn HTTP 307
https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
script /owl\.carousel.*\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
script /owl\.carousel.*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

210
Requests

99 %
HTTPS

35 %
IPv6

63
Domains

100
Subdomains

81
IPs

11
Countries

2313 kB
Transfer

5977 kB
Size

31
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://gofobo.com/main/trailerDetails/68520334
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://gofobo.com/main/trailerDetails/68520334
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gofobo

Search URL Search Domain Scan URL

URL: https://twitter.com/gofobo

Search URL Search Domain Scan URL

URL: https://instagram.com/gofobo_official?ref=badge

Search URL Search Domain Scan URL

URL: https://proper.io/?from=sticky

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gofobo.ticktbox.com/redirect/8NkNSn HTTP 307
https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://rp.liadm.com/j?tna=v2.0.1&aid=a-00jp&wpn=lc-bundle&pu=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&duid=0304f7a82132--01fehphk508rwdr0ryqvcwe2zm&se=e30&dtstmp=1630534159690 HTTP 302
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-00jp&wpn=lc-bundle&pu=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&duid=0304f7a82132--01fehphk508rwdr0ryqvcwe2zm&se=e30&dtstmp=1630534159690&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Request Chain 80

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D2146d766-5f40-4712-96d8-3c7b637f76a7%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_0efee6cb_8d141668_1 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D2146d766-5f40-4712-96d8-3c7b637f76a7%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_0efee6cb_8d141668_1 HTTP 302
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=2146d766-5f40-4712-96d8-3c7b637f76a7&uid=793bae66-bdf4-4a77-9a1e-3a9555944a64

Request Chain 81

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_f4fe5efe_778690df_2 HTTP 302
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_f4fe5efe_778690df_2&verify=true HTTP 302
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-80RBZ9tE2uGz_LYl7P1g_41BOyoxgfit~A

Request Chain 88

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=51AFA495907C4482A5748B7AE05293DD&RedC=c.clarity.ms&MXFR=35D9D0AB5F16610F2DE2C00E5B166F87 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=51AFA495907C4482A5748B7AE05293DD&MUID=36C82B3E863F66F73D5C3B9B875467BD

Request Chain 125

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00jp%2F0%2F9f43c9f4ddf44c02b983f1bc7c5c662d%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&f39775bb-6e33-48e7-b6c7-a2936c77edfb HTTP 302
https://i.liadm.com/s/e/a-00jp/0/9f43c9f4ddf44c02b983f1bc7c5c662d?mpid=7156&muid=a837612f-fa10-4d00-8ea7-b4718b664afc

Request Chain 126

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1 HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=eb1ecfb3-7384-4f6d-aeeb-9481ae022341

Request Chain 127

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=f39775bb-6e33-48e7-b6c7-a2936c77edfb&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00jp%2F0%2F9f43c9f4ddf44c02b983f1bc7c5c662d%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=f39775bb-6e33-48e7-b6c7-a2936c77edfb&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00jp%2F0%2F9f43c9f4ddf44c02b983f1bc7c5c662d%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-00jp/0/9f43c9f4ddf44c02b983f1bc7c5c662d?mpid=82775&muid=14836310011843240863400091672088808734

Request Chain 128

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f39775bb-6e33-48e7-b6c7-a2936c77edfb HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f39775bb-6e33-48e7-b6c7-a2936c77edfb&rd=Y

Request Chain 129

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=f39775bb-6e33-48e7-b6c7-a2936c77edfb&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=793bae66-bdf4-4a77-9a1e-3a9555944a64 HTTP 303
https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=793bae66-bdf4-4a77-9a1e-3a9555944a64

Request Chain 130

https://x.bidswitch.net/sync?ssp=liveintent&user_id=f39775bb-6e33-48e7-b6c7-a2936c77edfb HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=47a996af-c808-492d-b779-aad529451b5b&ssp=liveintent&user_group=1 HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=793bae66-bdf4-4a77-9a1e-3a9555944a64

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 180

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Request Chain 181

https://c1.adform.net/serving/cookie/match?party=14&cid=5E944C5E-A842-41E6-B09A-8149729212B7 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=5E944C5E-A842-41E6-B09A-8149729212B7

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XpRMXqhCQeawmoFJcpIStw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XpRMXqhCQeawmoFJcpIStw%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 185

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=01d4612f-fa14-4b00-9328-52fc2d86593f

Request Chain 186

https://pixel.onaudience.com/?partner=214&mapped=5E944C5E-A842-41E6-B09A-8149729212B7 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=b906afe84d855d56 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a61636e5-cd61-4d5b-62d3-5268a01eaa9e&reqId=b0a4884e-def9-4fdc-62a3-c83bf5997b4a&zcluid=b906afe84d855d56&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEAdKhEf_esvxa7Nc9kfDk0Q&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a61636e5-cd61-4d5b-62d3-5268a01eaa9e&reqId=b0a4884e-def9-4fdc-62a3-c83bf5997b4a&zcluid=b906afe84d855d56&zdid=1332

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUU5NDRDNUUtQTg0Mi00MUU2LUIwOUEtODE0OTcyOTIxMkI3&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUU5NDRDNUUtQTg0Mi00MUU2LUIwOUEtODE0OTcyOTIxMkI3&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIXk7wO1NrQk-GPcGvKegt8&google_cver=1

Request Chain 190

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8554564874852016072

Request Chain 191

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1b7f612f-fa14-4200-bae5-eeff8916dfaa&gdpr=0&gdpr_consent=

Request Chain 192

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2853e95c-6c1c-4c1d-ae40-bde5014bec2a

Request Chain 193

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1359133349976932397&gdpr=0&gdpr_consent=

Request Chain 194

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5E944C5E-A842-41E6-B09A-8149729212B7&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5E944C5E-A842-41E6-B09A-8149729212B7&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2j1EUA1E2uVHzd27Nh40XgEzBC3OylU-~A&gdpr=0&gdpr_consent=

Request Chain 196

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bavCyD37wZt2qMnIPv_dzTqqkZl2_seWbfktbma5

Request Chain 197

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

Request Chain 201

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=4RW4tbVj1Mlyqa5

Request Chain 202

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=04c09608-35e7-4e8d-a673-4e107c28f056&ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=59&user_id=04c09608-35e7-4e8d-a673-4e107c28f056&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4bd75160-9c0e-40ad-b0b4-a0a4e54e3fb3 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=4bd75160-9c0e-40ad-b0b4-a0a4e54e3fb3

Request Chain 203

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7815508401945729883

Request Chain 204

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZEZrN0NYX1FBQUJwdVRzMkNDZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1&_bee_ppp=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAV5E7CX_QAAC_tkY7Beg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAV5E7CX_QAAC_tkY7Beg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 205

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f321612f-fa15-4d00-9e0a-8fae8e26869f

Request Chain 206

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=SSNHARlzRFFSIhRXTSVYBElwTQVSK0NfSiNeC8FL

Request Chain 207

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6995772497767755417

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWY3NzYzMTItOTIyMi02MWM1LTc0YjktOGM1MWQwZTRkODY5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWY3NzYzMTItOTIyMi02MWM1LTc0YjktOGM1MWQwZTRkODY5&google_tc=

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJjmIZaqqVET5-yVchU-Lpo&google_cver=1

210 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request the-guilty-official-teaser Show response
gofobo.com/main/trailerDetails/68520334/
Redirect Chain

https://gofobo.ticktbox.com/redirect/8NkNSn
https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

56 KB
15 KB

950ms
524ms

Document
text/html

44.226.64.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.64.252 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-64-252.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

14bbd7dc458547217e73508bdca93db93d281dd7cfb2fec8184fd145dc8c8538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gofobo.com
:scheme: https
:path: /main/trailerDetails/68520334/the-guilty-official-teaser
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:18 GMT
content-type: text/html; charset=UTF-8
content-length: 14999
set-cookie: AWSALB=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; Expires=Wed, 08 Sep 2021 22:09:18 GMT; Path=/ AWSALBCORS=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; Expires=Wed, 08 Sep 2021 22:09:18 GMT; Path=/; SameSite=None; Secure gfb_session=6uh9ad8tfok4voh94bmcoc02frrev0j3; expires=Thu, 02-Sep-2021 00:09:18 GMT; Max-Age=7200; path=/; secure; HttpOnly;HttpOnly;Secure
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
feature-policy: geolocation 'self'; vibrate 'none'
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 01 Sep 2021 22:09:18 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
set-cookie: AWSALB=EWxgxm5F2VCxjzbs3w9vFuIXjZi4z5fazoxVA6fKYdoJim2BZ17rp9tJZ/KlbW7rOn+CD6zMOsVm1crQrAiOh8NsB0axVXfUZCDykfqhOwXVzbXW4bR08uy/1jnF; Expires=Wed, 08 Sep 2021 22:09:17 GMT; Path=/ AWSALBCORS=EWxgxm5F2VCxjzbs3w9vFuIXjZi4z5fazoxVA6fKYdoJim2BZ17rp9tJZ/KlbW7rOn+CD6zMOsVm1crQrAiOh8NsB0axVXfUZCDykfqhOwXVzbXW4bR08uy/1jnF; Expires=Wed, 08 Sep 2021 22:09:17 GMT; Path=/; SameSite=None; Secure ci_session=m2v154irbrense51vleuo2q751kg4o8v; expires=Thu, 02-Sep-2021 00:09:18 GMT; Max-Age=7200; path=/; secure; HttpOnly;HttpOnly;Secure
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
feature-policy: geolocation 'self'; vibrate 'none'
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 owl.carousel.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 2 KB
985 B 145ms
45ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/owl.carousel.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f74c7a92c69ab24c6054008b0432a5de08bc7631e7f4655d2eafadac7503e35

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 10:22:01 GMT
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1338439
etag: W/"5b1b4e9e314501512a5406395c3d3d1c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: DMC5x8G0qmU_jhpccblK0E5g1EQ3QI04
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P1
content-type: text/css
x-amz-cf-id: BKUem1j0usrXuegC0-K7AGVTFWL8sNhCCqWIbbYcuXJMyNTROdNH8w==

GET
H2 200 owl.theme.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 2 KB
1 KB 229ms
130ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/owl.theme.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6de7b0a3574cf8f5a665d1b932c9a0163d6354f3f600b21ff044f469a1d3f508

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 3zYYkWMBqOFrlcdj3XxyzyIKSkqKFGLV
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1514123
etag: W/"9ebcb5f76b9f1fb23e2d7089ba022ac0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 09:33:57 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: VZxhMwT-vEqRWWoEH1ejt1BGI8OFIQjix7E7RlXsXHhPZY2-nCyVAA==

GET
H2 200 owl.transitions.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 4 KB
1 KB 188ms
89ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/owl.transitions.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 711bc5b0b8c40e39b2560e65797d175e72a89b49ebbc266a7c7b581c4bec4b21

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: qTlJ3Cgv15COr2KrTR.MYnRmDqFrlTae
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1255303
etag: W/"b1bdaeac4065bf67a7d7a06213192964"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 09:27:37 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: -FWYnQ24RfEBzTNUdcHS5I4DbcN9sVKfPQsq2oNXCSLJlmecZQEBUA==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 30ms
14ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BC5xsXKGgJbQbCzkLNvwBQ==
age: 2171909
vary: Accept-Encoding
content-length: 6328
x-ms-lease-status: unlocked
last-modified: Wed, 04 Aug 2021 01:49:58 GMT
server: cloudflare
etag: 0x8D956EA2A6E73F4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b8d637e9-f01e-012a-80bd-8bebf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6881d27ea90d4e56-FRA

GET
H2 200 global.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 36 KB
8 KB 181ms
83ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/global.css?v=2.2
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb1613b6665088384c39215af1aaa40f996f9383b9d66d85557c834bfad12cae

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: KxLXHZCfpAeHGu2bA9L1RxS7GFiRq1vG
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 18:36:07 GMT
server: AmazonS3
age: 1514426
etag: W/"77a1bf0e7697e7f08db80871b4d004c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 09:28:54 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 57Q0Vn6RmPIxL8gMi37QuKnkhzyH4Km4suQ3Merd6Eitl9-09bgX0Q==

GET
H2 200 mobile.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 110 KB
21 KB 150ms
53ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/mobile.css?v=2.5
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5750d5f9f4a1d00e94aca997fb9c99e465e41778b91f85e1f9bb83ef77a885e5

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: vYlZlORRx2SAlAIzmWfkQcyGLW8_0k9T
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 22:36:22 GMT
server: AmazonS3
age: 430292
etag: W/"04dc4a7fb5452df4cd122ae6b4263ced"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Fri, 27 Aug 2021 22:37:48 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Lfks6or3hUXAw2KL84gm-80Sx_UcUNsiVrUtsqEhs7RnYNDzAwX-SQ==

GET
H2 200 desktop.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 72 KB
14 KB 267ms
169ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/desktop.css?v=2.5
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2900690278e8dac8de33fa5d408382bde63f759cd607ce481d30463eaf73b7ff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: STfO49IiGewr8_bKQ4ohbDpm6hqD43qP
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 19:15:34 GMT
server: AmazonS3
age: 1514430
etag: W/"4fda59a2819de5207ff225c3dbc3204e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 09:28:50 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: jBCj-ajVM9r3q7jI9kWgjhB4B-9Sa0bCQgQsT-J8z2794dFww5Ipkw==

GET
H2 200 fonts.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 2 KB
780 B 143ms
45ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/fonts.css?v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ad951a46493b7d422aed00ea837dfff94508fe1a39120ba56f23a99f3c4c8b1

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: AHkJorMJI30gdzTFOltw8xAh17Zisw2U
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1340896
etag: W/"b7882d4faeca508f6e8035733dc7f340"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Tue, 17 Aug 2021 09:41:04 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: -EFjpr187XevWzDPQWNJ8q1Dodr54d4Z1LjqcfGvrcXc1eSwLM82oQ==

GET
H2 200 vendor.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 2 KB
1 KB 186ms
89ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/vendor.css??v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9436816d54666c2f33eb0c6d3d556f10dd70ed6721906a82c6adbf6100a008bc

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: iCVjc0ErYLH1QGcz9T1qrs7VIUsagAkU
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1520555
etag: W/"5c36192a2ce86ec4dbedca28c3b79e3a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 07:46:45 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 7z8wVHmTJ4OuZ8YGwZ6GVbKi1_bRGnGgJVUoTTfdReuOK7pzYl05nQ==

GET
H2 200 jquery-ui.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 31 KB
6 KB 185ms
88ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/jquery-ui.css??v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66c9fd744a3db46f3dce06826004b9f756b9ba03a5b9cdc21d86427e7a688386

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: RRHzJ7UsEXbG5Lqe0IcnAC_ALzT.xBtX
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1340898
etag: W/"9cf8b8d3a33766a642812643efa4494e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Tue, 17 Aug 2021 09:41:02 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: NDRLCj0LfbHNAqNofoyxKjvHccW9PNJLgBMOG9kyqqumHo3kDTpuoA==

GET
H2 200 datepicker.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 4 KB
1 KB 186ms
89ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/datepicker.css??v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82664a18c949f3d66ba8a6251c55dd1cb28e25620bdf43dcf4611ab4842a10ab

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 1bQPMpMNLv_zNtFARBYOR.mkEgrN3I_K
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1260243
etag: W/"5b6bc4be9145f55901fb934d1b2d5c63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 08:05:17 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ySZqvw7XjPB61qWKau47D8a_zWxriBTTJk-mYcZOjpkR4u-Fkhafqw==

GET
H2 200 menu.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 864 B
1 KB 142ms
45ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/menu.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36ac80a2a51a5f030f93b08bbd4601e3944accb8152db9d175fd2aeb394b1ae7

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: WfYB_HgAPEhMDaYSsRm3lf1svzh9.ciy
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1341829
etag: "9738c0503f080721b4bc0a5b75dcc8f5"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=2592000
date: Tue, 17 Aug 2021 09:25:31 GMT
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 864
x-amz-cf-id: 0CCYLTCjgAcQ2xpIOBN6fJQUsuNQWZbInnJbTqEc28w0Q6TrsONTtg==

GET
H2 200 dd.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 4 KB
2 KB 188ms
91ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/dd.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88d51c99298c6ade08c4e754c7c92d0ccb5af58e71232f79f018dfa4763aca16

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 1bj8sX27DFYBVPukk7Od1Nlkqa15G6tq
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1513694
etag: W/"afb92ee82b5a8d06693c4c6421ab6ffc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 09:41:06 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: umYHUYV-bqC0t8dJNrBfzV0EsRPE7o9G2XZT60PKtvQRHIPjKsi7Hw==

GET
H2 200 flags.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 10 KB
2 KB 153ms
56ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/flags.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4349f665a853d8970813d466168d4d2ebba277d4ba4cc57b1a2ebbcb4b49cc0e

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: lqgeO_hdOHF53DBQb0A2MmISOIx4foBO
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:47 GMT
server: AmazonS3
age: 1339604
etag: W/"badb33147fec855b27ee82fce94bb3d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Tue, 17 Aug 2021 10:02:36 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: _DTJzLSnOm9z7k0KgHWeht43R-ZRbirfm7025moHTKbfDeLNr-fJkw==

GET
H2 200 jquery-1.12.4.min.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 95 KB
33 KB 196ms
100ms Script
application/javascript 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery-1.12.4.min.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: RsPt_OSQ8F7nBhqgG4cfaNND5y0jEypg
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1258879
etag: W/"0fca26b5a37a66d68d0f4406976be4b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 08:28:01 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: HYYTJQxoTE55f5toHAAz6FEF6j0rGz64TiHXYAI2-ao76yUL1RqhAw==

GET
H2 200 jquery.cookie.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 2 KB
1 KB 221ms
124ms Script
application/javascript 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery.cookie.js?v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aee8ab892144e88f83a00a907676bd1e0e9a83e8a0879518ca3a77f897c8128d

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: m2zvFN6rnWCpPKRzYjG2fiZQI636DOmB
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1521823
etag: W/"324c4f698275d2afb1ae67f16c8aabbc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 07:25:37 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: G41UnlhGtkegknG45NxeIerTJfnjI-h5DARj_Jj_avEBVAc01Mkr3Q==

GET
H2 200 jquery.form.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 18 KB
7 KB 207ms
110ms Script
application/javascript 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery.form.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 478a01bfa3c2eb215f345963e7e4a89343d2fb5eb5726e248495ea6606c72801

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: YgBKWKrUGBWXyiDx5QfbUSnu7qoNC7Tz
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1256581
etag: W/"cd93c12dc002783e7888c3af9c6e1cd0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 09:06:18 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Mr6n3NTJoMTBvn8TS5Bepwc4A8LN0C7msIz9cjmaK7cCe7AbtRwfew==

GET
H2 200 jquery.validate.min.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 21 KB
7 KB 225ms
129ms Script
application/javascript 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery.validate.min.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c19a958735b85cda3c841c910a0e45ff2f188c8d532de5dfb21860d2e8eb70a

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: CaAzU2ghGLyOIKr.8Xpge2oHbiFchUbZ
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 224580
etag: W/"924f6ce5d53e521a8b1ab6e351024c30"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Mon, 30 Aug 2021 08:37:30 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: R6_U_J4AaJctZOXwiBLCgaPQBoCkLN-cMlIjlLQkFHm6e-8BhdLAGA==

GET
H2 200 ui.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 7 KB
3 KB 261ms
165ms Script
application/javascript 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/ui.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0abcc9427a6673f19254270c4c92fa1c8179e79e54d8961434537bcee780f07b

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: o6w6zZyEHgbRR06mmrfc2cqEJbpEu05S
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1254177
etag: W/"c1260260378aa59b8923e4ac21807c6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 09:46:22 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: lwVG0DjlqhUvtlL3Vc7YqtWuP3Ox0hIcvxvQgI3gZJwhEr3qHfOGcw==

GET
H2 200 modernizr.custom.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 8 KB
4 KB 260ms
164ms Script
application/javascript 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/modernizr.custom.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76ab9639d9948ade3d2b0c06432f41689c328173322c8eb3da3c60447126831e

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: XohF9XIhLflxDU2RKEW.SWYVdmYmj6sG
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1341878
etag: W/"9b168f2700a02d1c3ce4cbbc399c1644"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Tue, 17 Aug 2021 09:24:42 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: S0LzajyCr1TRj_AL5_0ipyoYN9wgGALq6m-nul_ItxJ-kW3_ztsgDQ==

GET
H2 200 instagram.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 7 KB
3 KB 187ms
92ms Script
application/javascript 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/instagram.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e5471e6216c3677a79cbf10721752fdfff5340e0c29d0b86d436821301edeedd

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: x.jp4rruNTnJjzw3Uertb5c8PjuKCX0Y
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1256707
etag: W/"2f0204a5d4480d4565945dd567318601"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 09:04:13 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 6Lh6kuqriWyBJci22hXgRT-_ChX6WtrRwteA7pcFmuIwbWMpirN7dw==

GET
H2 200 jquery-ui.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 222 KB
59 KB 242ms
146ms Script
application/javascript 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery-ui.js?v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d24e83fb832a53db6e3b4e6452db348b9428436a36a3be2cff207cfb31d0c231

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: G5KXfjnZB.60fDa4eaHCc6s2ZGcvLxP8
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 224590
etag: W/"31ce159985cb3b82a12586316e7c4ec9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Mon, 30 Aug 2021 08:37:30 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: maLKbi3c0MAYE0jXrAV9o0H1PxCEvt_H6rm4WqQFbWDO2hsuNo5csA==

GET
H2 200 jquery-ui-timepicker-addon.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 69 KB
18 KB 235ms
140ms Script
application/javascript 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery-ui-timepicker-addon.js?v=3
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77516e87f9273512485c9e6daaf80dd6696b98a3583e83e79e68fd52220c82d4

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: TnohKRqbcvbLZokivpyuUQWjIlpEZdaI
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1257731
etag: W/"cfa6dd10078ffe10841a2773680ffff4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 08:47:08 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: MXCMIbFe7iml4KAwJSSmMO7tI4z_WYOz1SC4s6NcGAUfCF0ChEmGHw==

GET
H2 200 jquery.dd.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 53 KB
13 KB 230ms
134ms Script
application/javascript 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery.dd.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a891fc0d213b1a1ceb5a8f13c61dd9b274e163bd172758318648fad77c9a422

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 9H3I8baR5sPSAcO4FU.sqkFIgk8xVai1
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1345640
etag: W/"d82e4a94f7c0824a75f17b04c7686d2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Tue, 17 Aug 2021 08:22:00 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: oy9Y4rdF80usqfS3w6pK8l4lHExSjSNYqU_vmNLoYxvBLk20xR7pZw==

GET
H2 200 a-00jp.min.js Show response
b-code.liadm.com/ 25 KB
10 KB 39ms
7ms Script
application/javascript 2600:9000:223c:ec00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-00jp.min.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ec00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ZIO-Http /
Resource Hash: 2e3eb27ed780ac5ac845756a51d8120e4a30cd3bb4cdc11ab18d265763373e48

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 05:12:13 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
server: ZIO-Http
age: 61026
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P2
content-encoding: gzip
x-amz-cf-id: KhKOSscditnYP2-d5ILdaCFHZcM7rtQ9NMBi4n4j1OX-KZEnaMolrA==

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
21 KB 33ms
17ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://gofobo.com
Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 366991
cdn-cachedat: 2021-06-08 21:08:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f1a4a41d3e254de26232c0f15ac1b170
cf-ray: 6881d27ebc4d4e31-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 trailers.css
dk2d6nav3mn9d.cloudfront.net/assets/css/ 4 KB
2 KB 185ms
90ms Stylesheet
text/css 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/trailers.css
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49bae4bb549c5f46a159708ec23de2405d006b456d79936ef04298ad6de2550f

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: SH9hdx2LkxPoC.lrjVla0P.mzjVMbJ2z
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 20:04:14 GMT
server: AmazonS3
age: 1252064
etag: W/"6cf7f2abe073bd25c97372e14a2bb286"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 10:21:36 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: b4z3WXZcSGSCg2RJlekoMiKp2lCvV2YJd3q3acRPWHjroKrnUPcRGg==

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 30ms
14ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617
age: 14087389
cdn-cachedat: 2021-03-11 11:57:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3033c5b7ea34684b20a8f4234fea378f
cf-ray: 6881d27eb87d5cb6-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 owl.carousel.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 29 KB
7 KB 257ms
162ms Script
application/javascript 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/owl.carousel.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 265acaa7671ecc0fb94f926ffe9d1b4661006e4924eea3234f1dc72a44ce58d1

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Wm2prL5O.MDarGtdyLpKjdzdagP0zivt
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
age: 1514102
etag: W/"5ec575b2e4b6b9c38769dde657150908"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 09:34:18 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 2NKo_TK7Jiv3N8wdQj5HbP4PxVEFoVnBU5BkRjARs7O3PQzLT-xvsA==

GET
H2 200 GofoboLogo.png
dk2d6nav3mn9d.cloudfront.net/assets/img/sr_image/menu/ 15 KB
15 KB 44ms
44ms Image
image/png 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/img/sr_image/menu/GofoboLogo.png
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c8207e762acd72dd9114ca3e6de823f69ede6c9c5db711dceadefabaf05284c

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 794S.iJ6fBkrN9l2iVPDpyljOnuCPCg7
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified: Fri, 03 Apr 2020 19:35:54 GMT
server: AmazonS3
age: 1514400
etag: "ee25c8fd15a84e8b58301a87fe89c275"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
date: Sun, 15 Aug 2021 09:29:20 GMT
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 15330
x-amz-cf-id: q3w7Eq19C-XQ-HDcvMuoQ5aMtGu-P7hxI3HBbCdFscd3NqMRdz7Myg==

GET
H2 403 /
d2u384mreupnc8.cloudfront.net/assets/trailers/videos/ 0
0 351ms
248ms Image
application/xml 18.66.92.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2u384mreupnc8.cloudfront.net/assets/trailers/videos/
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 playButton.png
gofobo.com/assets/img/trailers/ 19 KB
20 KB 219ms
214ms Image
image/png 44.226.64.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gofobo.com/assets/img/trailers/playButton.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.64.252 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-64-252.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

db0de5884aa9acc96486bee8a22ccaa36c43f3a2574033fd9b823182fb8bef8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/img/trailers/playButton.png
pragma: no-cache
cookie: AWSALB=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; AWSALBCORS=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; gfb_session=6uh9ad8tfok4voh94bmcoc02frrev0j3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
feature-policy: geolocation 'self'; vibrate 'none'
x-content-type-options: nosniff
set-cookie: AWSALB=ovsuyvXnLJipE++vpY7hM6D5lye240GM1heyiW12mcIpLbsWoIqRuZ27/wW6nRfMNzyXi80MUx9/gQeL+5dAra3WtV6G9C4Dc8pN0ENi/XPhJEKNAcLv1ZptM5d9; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/ AWSALBCORS=ovsuyvXnLJipE++vpY7hM6D5lye240GM1heyiW12mcIpLbsWoIqRuZ27/wW6nRfMNzyXi80MUx9/gQeL+5dAra3WtV6G9C4Dc8pN0ENi/XPhJEKNAcLv1ZptM5d9; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 19952
x-xss-protection: 1; mode=block
expires: Fri, 01 Oct 2021 22:09:19 GMT

GET
H2 200 btn_facebookShare.png
gofobo.com/assets/img/trailers/ 2 KB
3 KB 428ms
423ms Image
image/png 44.226.64.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gofobo.com/assets/img/trailers/btn_facebookShare.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.64.252 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-64-252.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

16029f893c7cc7fb7964515bf0b56b7182f428b11bceca36fffc9e689fbe12cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/img/trailers/btn_facebookShare.png
pragma: no-cache
cookie: AWSALB=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; AWSALBCORS=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; gfb_session=6uh9ad8tfok4voh94bmcoc02frrev0j3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
feature-policy: geolocation 'self'; vibrate 'none'
x-content-type-options: nosniff
set-cookie: AWSALB=qC3/dOGLcWl50P+d/xNnSvAk9Ikjw70IVO0yyDEcL2ZYTvYcmBiYeBAJArKgpljaYU6fzF0IQxM5MRLsGSf6ZtUBylo2zYEuklfcOQgdsaIFdF0nvQyJVUfsiC/0; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/ AWSALBCORS=qC3/dOGLcWl50P+d/xNnSvAk9Ikjw70IVO0yyDEcL2ZYTvYcmBiYeBAJArKgpljaYU6fzF0IQxM5MRLsGSf6ZtUBylo2zYEuklfcOQgdsaIFdF0nvQyJVUfsiC/0; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 1900
x-xss-protection: 1; mode=block
expires: Fri, 01 Oct 2021 22:09:19 GMT

GET
H2 200 btn_twitterShare.png
gofobo.com/assets/img/trailers/ 2 KB
3 KB 218ms
213ms Image
image/png 44.226.64.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gofobo.com/assets/img/trailers/btn_twitterShare.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.64.252 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-64-252.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

1b4e1722333b8a418079194a24d0685cb14b77df6a2b69aff56d76cba7a54c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/img/trailers/btn_twitterShare.png
pragma: no-cache
cookie: AWSALB=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; AWSALBCORS=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; gfb_session=6uh9ad8tfok4voh94bmcoc02frrev0j3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
feature-policy: geolocation 'self'; vibrate 'none'
x-content-type-options: nosniff
set-cookie: AWSALB=MPCqe4MLQ9RaTBB+ZUgekZd5tsUiyua9+3Dtm4wPZyjUuIEZgqDvhhWn5pGf7KOdQStVY4QQcwKTyrqd1zFOQGpmxpQ4E1Ik6PUmTdB16Q+aacDcyfTq8Ny1vAvT; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/ AWSALBCORS=MPCqe4MLQ9RaTBB+ZUgekZd5tsUiyua9+3Dtm4wPZyjUuIEZgqDvhhWn5pGf7KOdQStVY4QQcwKTyrqd1zFOQGpmxpQ4E1Ik6PUmTdB16Q+aacDcyfTq8Ny1vAvT; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 1937
x-xss-protection: 1; mode=block
expires: Fri, 01 Oct 2021 22:09:19 GMT

GET
H2 200 btn_copyToClipboard.png
gofobo.com/assets/img/trailers/ 3 KB
4 KB 219ms
214ms Image
image/png 44.226.64.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gofobo.com/assets/img/trailers/btn_copyToClipboard.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.64.252 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-64-252.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ff72eb9381c10f07bbcfa3095def0bede7c1f01f7c299043caf8bd51551e7a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/img/trailers/btn_copyToClipboard.png
pragma: no-cache
cookie: AWSALB=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; AWSALBCORS=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; gfb_session=6uh9ad8tfok4voh94bmcoc02frrev0j3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
feature-policy: geolocation 'self'; vibrate 'none'
x-content-type-options: nosniff
set-cookie: AWSALB=Yix/wD8K7DZGnT76i4RWQqWKJ25/sEUgiwt9koWCSg/OxeSKQRzG3z3NW8vVdeMaBZm7DyErFZPoedmMa3vknS96st2rQB+R9t98c9RClzRm+kje5+eQXmXPxaIt; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/ AWSALBCORS=Yix/wD8K7DZGnT76i4RWQqWKJ25/sEUgiwt9koWCSg/OxeSKQRzG3z3NW8vVdeMaBZm7DyErFZPoedmMa3vknS96st2rQB+R9t98c9RClzRm+kje5+eQXmXPxaIt; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 3055
x-xss-protection: 1; mode=block
expires: Fri, 01 Oct 2021 22:09:19 GMT

GET
H2 200 btn_moreInfo.png
gofobo.com/assets/img/trailers/ 3 KB
4 KB 427ms
423ms Image
image/png 44.226.64.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gofobo.com/assets/img/trailers/btn_moreInfo.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.64.252 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-64-252.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

34760d3b326d757f095dfeb18d3da4c6f420f809671d40bc13ed920b0daf60e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/img/trailers/btn_moreInfo.png
pragma: no-cache
cookie: AWSALB=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; AWSALBCORS=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; gfb_session=6uh9ad8tfok4voh94bmcoc02frrev0j3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
feature-policy: geolocation 'self'; vibrate 'none'
x-content-type-options: nosniff
set-cookie: AWSALB=FGcc2tAdylFfC7vQ81yWPnHWG/xV1x5YT71F0jNt/w7NINp7Cb08yjRatQlzBilBmr6Z4ari92RznHcMs27neHp3TnsT6DG74y/A5wgXh9YY0QOZ0H6gtLo/HQPW; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/ AWSALBCORS=FGcc2tAdylFfC7vQ81yWPnHWG/xV1x5YT71F0jNt/w7NINp7Cb08yjRatQlzBilBmr6Z4ari92RznHcMs27neHp3TnsT6DG74y/A5wgXh9YY0QOZ0H6gtLo/HQPW; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 3241
x-xss-protection: 1; mode=block
expires: Fri, 01 Oct 2021 22:09:19 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/xafvL1ElRlA/ 6 KB
6 KB 35ms
9ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/xafvL1ElRlA/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7550da538809c87dcd03885b3fd788b5fd583f337a1619b5b7692e9f3d44855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:04:56 GMT
x-content-type-options: nosniff
server: sffe
age: 263
etag: "1630363453"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6272
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:09:56 GMT

GET
H2 200 trailerType.png
gofobo.com/assets/img/trailers/ 3 KB
4 KB 425ms
421ms Image
image/png 44.226.64.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gofobo.com/assets/img/trailers/trailerType.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.64.252 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-64-252.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ae2b763616807405d6c7a3dd24ae33b6fc25f01866768ac1ca8439722e57d07f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/img/trailers/trailerType.png
pragma: no-cache
cookie: AWSALB=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; AWSALBCORS=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; gfb_session=6uh9ad8tfok4voh94bmcoc02frrev0j3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000
feature-policy: geolocation 'self'; vibrate 'none'
x-content-type-options: nosniff
set-cookie: AWSALB=mu9ayVV57OoSIwJ/TX248Y7i3WimFQjGx3CwTJ7KzFrhR+kP7Cq8GPeqsAfqDPm2aSuRq8m9zwQGz8j4Rx4/r1LsmiLYc8iDlDm/yN62dWsoIgeK2C+E6JC0OaCX; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/ AWSALBCORS=mu9ayVV57OoSIwJ/TX248Y7i3WimFQjGx3CwTJ7KzFrhR+kP7Cq8GPeqsAfqDPm2aSuRq8m9zwQGz8j4Rx4/r1LsmiLYc8iDlDm/yN62dWsoIgeK2C+E6JC0OaCX; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
content-length: 3299
x-xss-protection: 1; mode=block
expires: Fri, 01 Oct 2021 22:09:19 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/N_gD9-Oa0fg/ 10 KB
10 KB 37ms
12ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/N_gD9-Oa0fg/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6943a1d90abac5b3cc437b49d853b05ce8549a0f89e7c0c5d70d54d72efee25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:17 GMT
x-content-type-options: nosniff
server: sffe
age: 2
etag: "1630422599"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10252
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:14:17 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/Uh4r95VBU2Q/ 14 KB
14 KB 32ms
6ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Uh4r95VBU2Q/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

670cd3c2119382575d13452455fe2a316b85b08468bb75f5cdaaaf12d3e374f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 20:14:12 GMT
x-content-type-options: nosniff
server: sffe
age: 6907
etag: "1629936411"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14418
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:14:12 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/cIV4BgGdNNc/ 16 KB
16 KB 43ms
17ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/cIV4BgGdNNc/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afe3fd34bb642300e836507874a15aff0d549fa68c6500570990ec73f4837700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
vary: Origin
server: sffe
age: 0
etag: "1629758781"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type: image/jpeg
cache-control: public, max-age=7200
x-content-type-options: nosniff
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16252
x-xss-protection: 0
expires: Thu, 02 Sep 2021 00:09:19 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/jkHBbEIqvdI/ 13 KB
13 KB 51ms
26ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/jkHBbEIqvdI/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c32d83b0bcee868363b7e0b83bcb91d3869cadf040a37b2f1d09c9f1ea880ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1629993934"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
expires: Thu, 02 Sep 2021 00:09:19 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/QjMqQZuIFWo/ 13 KB
13 KB 50ms
25ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/QjMqQZuIFWo/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

528f9142e0d57fe914cefe9cb890bf6cf5899d39dfed394cde0ba55d2bda29f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1629936543"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13249
x-xss-protection: 0
expires: Thu, 02 Sep 2021 00:09:19 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/BrGpBZijCzA/ 6 KB
6 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/BrGpBZijCzA/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37f950d9cac10dc60810b77355d0481d46465738bbfaae59fcab5fb9002386f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 20:25:43 GMT
x-content-type-options: nosniff
server: sffe
age: 6216
etag: "1622742490"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5976
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:25:43 GMT

GET
H2 200 mqdefault.jpg
img.youtube.com/vi/BPa06HfWfb8/ 12 KB
12 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/BPa06HfWfb8/mqdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88faa037d81cb486dd86f58f5df43d3165e01b69c80c9f9cc85716bab3b56483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1629995879"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11854
x-xss-protection: 0
expires: Thu, 02 Sep 2021 00:09:19 GMT

GET
H2 200 classie.js Show response
gofobo.com/assets/js/ 2 KB
1 KB 425ms
422ms Script
text/javascript 44.226.64.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gofobo.com/assets/js/classie.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.64.252 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-64-252.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

4ea3d321090cb97cb30e2660c64aa24c5d197a3a27deccbc1ed797e2dd0e778c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/js/classie.js
pragma: no-cache
cookie: AWSALB=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; AWSALBCORS=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; gfb_session=6uh9ad8tfok4voh94bmcoc02frrev0j3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 681
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800
feature-policy: geolocation 'self'; vibrate 'none'
set-cookie: AWSALB=1TUJMc60ErzS0S4un1xnq9CIWtiokCLA08qOoZ+r47TpZs3013x9S4/LSTzO22RvF7TBG65GQeBoFy3ppNmB3c5MCvG61M3KwPDc0qJvGw+TepzrV5Kt4PJDKsNT; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/ AWSALBCORS=1TUJMc60ErzS0S4un1xnq9CIWtiokCLA08qOoZ+r47TpZs3013x9S4/LSTzO22RvF7TBG65GQeBoFy3ppNmB3c5MCvG61M3KwPDc0qJvGw+TepzrV5Kt4PJDKsNT; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
expires: Wed, 08 Sep 2021 22:09:19 GMT

GET
H2 200 demo1.js Show response
gofobo.com/assets/js/ 1 KB
1 KB 425ms
422ms Script
text/javascript 44.226.64.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gofobo.com/assets/js/demo1.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.64.252 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-226-64-252.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

b7cb70e1076d694f4f8b86a9d00b2c8736899425c41925f051162872fc85bec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/js/demo1.js
pragma: no-cache
cookie: AWSALB=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; AWSALBCORS=vNOgxJuVePfp7S3ucThroeur5HPcxbLv2PJFiavix/8QeURNqZlEy2lMLBthlPFuWin9tl0ZBIyfUlhxCJm5tpwk9v7It2PMOU+ykj67vzKDVlMRJILUq6jJ8IwT; gfb_session=6uh9ad8tfok4voh94bmcoc02frrev0j3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gofobo.com
referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 478
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Mar 2020 21:57:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800
feature-policy: geolocation 'self'; vibrate 'none'
set-cookie: AWSALB=bWRH/jh9CBCxwllby+VmJqMIapZBTd3rk/3zNQvg/d9BWOyqYPznWSrw+oe0bmzqF+tmHav6lTnlTjyfZzGe5NUyy+mOeSLb1rYCNnYWHFAtfUqxEfKqAVpPqPHN; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/ AWSALBCORS=bWRH/jh9CBCxwllby+VmJqMIapZBTd3rk/3zNQvg/d9BWOyqYPznWSrw+oe0bmzqF+tmHav6lTnlTjyfZzGe5NUyy+mOeSLb1rYCNnYWHFAtfUqxEfKqAVpPqPHN; Expires=Wed, 08 Sep 2021 22:09:19 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
expires: Wed, 08 Sep 2021 22:09:19 GMT

GET
H2 200 edb7bc5d-bafa-46e2-8069-72f66608bc9d.json Show response
cdn.cookielaw.org/consent/edb7bc5d-bafa-46e2-8069-72f66608bc9d/ 3 KB
2 KB 27ms
13ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/edb7bc5d-bafa-46e2-8069-72f66608bc9d/edb7bc5d-bafa-46e2-8069-72f66608bc9d.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d460e6c9b0d0b49df6a39d58934883108101e83d1e7375c901232ca0e0a10ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: tVbfShQUwqaZpCl6iP8lGA==
age: 2171424
vary: Accept-Encoding
content-length: 1325
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jan 2021 19:07:41 GMT
server: cloudflare
etag: 0x8D8BE3FD35ED4DA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c5c29e73-b01e-00c7-2ebe-8ba427000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6881d27eefa15b68-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
37 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSPT2WQ

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0ecd3ab7f67d96378951f1236e5f5d8dc87c929c1fdb0eef3e38860b89eedda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37983
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Sep 2021 22:09:19 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
373 B 39ms
21ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6881d28098325363-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: 2e+jIuUaUtnNzrlOAVYJmKK9qU9hDSx+ruLtwoNtmB5PftT1l+GZT8aX/rVSSLJTDqoR7SyNvsyPwITy7EIRFw==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 01 Sep 2021 22:09:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 42wleqiafj Show response
www.clarity.ms/tag/ 582 B
961 B 177ms
124ms Script
application/x-javascript 2620:1ec:27::cafe:2154
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/42wleqiafj
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2154 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 37b2807535112a55808bd5da745558576be2fe38a7fa2d87949d6a45fd21e8e3

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
x-powered-by: ASP.NET
x-azure-ref: 0D/ovYQAAAAAjuutN9BKeTpC5PLklfSmZUk9NMzBFREdFMDcyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
content-length: 582
expires: -1

GET
H2 200 gofobo.min.js Show response
global.proper.io/ 18 KB
6 KB 51ms
17ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/gofobo.min.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6276ec8d74799bf29a42dd02c32637e1a1806919d82ba78fe5ecd73337afcd53

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 Aug 2021 20:37:18 GMT
server: cloudflare
age: 536970
etag: W/"6120127e-46be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6881d280ead34ee6-FRA
expires: Wed, 01 Sep 2021 22:14:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2220
date: Wed, 01 Sep 2021 21:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 01 Sep 2021 23:32:19 GMT

GET
H2 200 hotjar-6292.js Show response
static.hotjar.com/c/ 4 KB
2 KB 77ms
77ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-6292.js?sv=3

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

24babc4185d2bfe1b9057ad60180c75bd6314c7394887f2f8969445c3105b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/f88d437f987b84193b2dce964c3175bd
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1897
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-id: C9BPytSq4z-Phj6IMZurYD7RmJaTN6RFLoSeA1iLc4mMYHKClxEMKQ==

GET
H2 200 img-backgroud.jpg
dk2d6nav3mn9d.cloudfront.net/assets/img/trailers/ 80 KB
81 KB 45ms
45ms Image
image/jpeg 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/img/trailers/img-backgroud.jpg
Requested by: Host: dk2d6nav3mn9d.cloudfront.net
URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/trailers.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56d31ad13a941747a83fbc0cb352801d35cda752c70e4f70eea695b79bbc3f21

Request headers

Referer: https://dk2d6nav3mn9d.cloudfront.net/assets/css/trailers.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 7NYqILr_oHwSHYCtKKkQvzh22Ho25VoM
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified: Fri, 03 Apr 2020 19:35:54 GMT
server: AmazonS3
age: 1256335
etag: "a48e062cdcd27ff7a9287eb0407e67ea"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 09:10:24 GMT
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 82259
x-amz-cf-id: zGkuWDiCU46oRmGsqMn0GoTDHcf6rzzTgr6dzeZoo9KncAKgCJgSaA==

GET
H2 200 Lato-Reg.ttf
dk2d6nav3mn9d.cloudfront.net/assets/fonts/lato/ 117 KB
50 KB 136ms
49ms Font
application/font-sfnt 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/fonts/lato/Lato-Reg.ttf
Requested by: Host: dk2d6nav3mn9d.cloudfront.net
URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/fonts.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7

Request headers

Origin: https://gofobo.com
Referer: https://dk2d6nav3mn9d.cloudfront.net/assets/css/fonts.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: SOw4Bl_R06Pzt3_0loX6t_3f67STH2Ze
content-encoding: gzip
etag: W/"7f690e503a254e0b8349aec0177e07aa"
age: 1510541
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 03 Apr 2020 19:35:48 GMT
server: AmazonS3
date: Sun, 15 Aug 2021 10:33:39 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/font-sfnt
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ZwSCfXUG-hDv7lxm_ZGbqFASj0ygmWX58-kHi40Bb7grBOwcIylIKA==

GET
H2 200 Lato-Bol.ttf
dk2d6nav3mn9d.cloudfront.net/assets/fonts/lato/ 119 KB
51 KB 166ms
97ms Font
application/font-sfnt 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/fonts/lato/Lato-Bol.ttf
Requested by: Host: dk2d6nav3mn9d.cloudfront.net
URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/fonts.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14f7de6b616950395062902eb8f70f01c0a901223db5d40f2a05728ac4a830f6

Request headers

Origin: https://gofobo.com
Referer: https://dk2d6nav3mn9d.cloudfront.net/assets/css/fonts.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: luuLuzVQoV.PY17o6IZA0Oq.WTTTheHL
content-encoding: gzip
etag: W/"44dfe8cc676882243911a3197a50169e"
age: 1338463
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 03 Apr 2020 19:35:48 GMT
server: AmazonS3
date: Tue, 17 Aug 2021 10:21:36 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/font-sfnt
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: tmO0vfGoKCXgpkg8GkgtRz_qWCyM0-xszkLHrIH2heh2s4jHoeapdQ==

GET
H2 200 footer-g.png
dk2d6nav3mn9d.cloudfront.net/assets/img/logos/ 2 KB
2 KB 47ms
46ms Image
image/png 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/img/logos/footer-g.png
Requested by: Host: dk2d6nav3mn9d.cloudfront.net
URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/desktop.css?v=2.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d502121116ea9588bd7edfb519575a09ded0e6daaf30427d6093e03d6dc777ea

Request headers

Referer: https://dk2d6nav3mn9d.cloudfront.net/assets/css/desktop.css?v=2.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 0tcJ6ViOUPetAQR82NuJb1Yb524tBAan
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified: Fri, 03 Apr 2020 19:35:51 GMT
server: AmazonS3
age: 1254727
etag: "91a0d1b8f89769c3f7f2b7ffefdc6ba6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 09:37:13 GMT
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 1873
x-amz-cf-id: AMDioC_0C7p6CPTyxMrFudtCpfZVTN5z1Oyza6Qu3Ek2lmQgFjtkJw==

GET
H2 200 sprite.png
dk2d6nav3mn9d.cloudfront.net/assets/img/sprite/ 163 KB
163 KB 47ms
46ms Image
image/png 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/img/sprite/sprite.png
Requested by: Host: dk2d6nav3mn9d.cloudfront.net
URL: https://dk2d6nav3mn9d.cloudfront.net/assets/css/global.css?v=2.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddd20fbc250587ac6f1671023aaf2180594d9dcd520add2c6b212044b4a2af12

Request headers

Referer: https://dk2d6nav3mn9d.cloudfront.net/assets/css/global.css?v=2.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 7Zpr3vx3nJBW6hHevY7tJPKLH0sLoFny
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified: Fri, 03 Apr 2020 19:35:53 GMT
server: AmazonS3
age: 1258880
etag: "e015276b099c2320dcd16754f0ae3dad"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
date: Wed, 18 Aug 2021 08:28:00 GMT
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 166768
x-amz-cf-id: BsZ7v_JrV5hwPfs9pufY7XtSHQeGM1L8rSyQTa-drh1Nl_EkRPUPEw==

GET
H2 200 owl.carousel.js Show response
dk2d6nav3mn9d.cloudfront.net/assets/js/ 29 KB
7 KB 228ms
227ms Script
application/javascript 13.32.118.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/owl.carousel.js?_=1630534159410
Requested by: Host: dk2d6nav3mn9d.cloudfront.net
URL: https://dk2d6nav3mn9d.cloudfront.net/assets/js/jquery-1.12.4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 265acaa7671ecc0fb94f926ffe9d1b4661006e4924eea3234f1dc72a44ce58d1

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:20 GMT
content-encoding: gzip
last-modified: Fri, 03 Apr 2020 19:35:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"5ec575b2e4b6b9c38769dde657150908"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: Wm2prL5O.MDarGtdyLpKjdzdagP0zivt
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
content-type: application/javascript
x-amz-cf-id: D2yjRYsz_c5hRIDl2-yIjIhUVMgh_df-Vm1fTBc_s5WFxpr7-JGT2Q==

GET
H2 200 measure.min.js Show response
asset.pagefair.com/ 2 B
332 B 538ms
43ms Script
application/javascript 94.31.29.248
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.pagefair.com/measure.min.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.248 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.248.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:20 GMT
last-modified: Tue, 11 Feb 2020 22:50:25 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 0Q66ABMNP41J2N9D
etag: "7bc0ee636b3b83484fc3b9348863bd22"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2
x-amz-id-2: gG7AGcTjVMRzy+YgQ+gj05tJCfHWOpDwgEPFAfWiyC00WlS/wcuP0LSBscJiqUGifAxG3Gr8Nq8=
expires: Thu, 02 Sep 2021 22:09:20 GMT

GET
H2 200 ads.min.js Show response
asset.pagefair.net/ 0
348 B 538ms
44ms Script
application/x-javascript 108.161.188.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.pagefair.net/ads.min.js
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.128 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:20 GMT
content-encoding: gzip
last-modified: Fri, 09 Mar 2018 17:19:02 GMT
server: NetDNA-cache/2.2
x-amz-request-id: NNJ4WPA14TMDGVAA
etag: "263dfc0b0e2e32b880781aa6f238a031"
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=7200
accept-ranges: bytes
content-length: 31
x-amz-id-2: ee8LcSFlnriOg7FZ6Bg0+1hR7Loa7dDBMwtFSKrCrovmjTHJQaxYEwSQblYugbAqq0C385fhTT8=

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 6ms
6ms Script
application/javascript 2600:9000:223c:ec00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-00jp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ec00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 18 Aug 2021 10:39:33 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 16:15:01 GMT
server: AmazonS3
age: 1250987
etag: W/"ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: CQKQeFXs_ero.dSxGj8yyrCkT6TzPcRS
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: XqqCeI3AXDDLVcb3cu2hj6pGmIVUkT-ubmi9flcuXm7mHnJbsFf5vg==

GET
H3-29 200 393879024716738 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 62ms
61ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/393879024716738?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6880f6230bbf84d9b731543ae8bfe6d39ba0a6a04091e1eb3545f09308278976

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: MZbvN3b4G2JfxF64TkGU+DYR84U63UDT9wrob0b+6/8vOP2Zk1juQqa6ZAyNwCWbWXps+OqhuWxTTTglJI05eQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 01 Sep 2021 22:09:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.12.0/ 361 KB
80 KB 11ms
11ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d97729299024aa64b03739e244f254966f9b546045de88bd835701a473045d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Aib4Vlvkay7u77hQspwwDQ==
age: 8475014
vary: Accept-Encoding
content-length: 81328
x-ms-lease-status: unlocked
last-modified: Wed, 20 Jan 2021 07:04:09 GMT
server: cloudflare
etag: 0x8D8BD11958F56CC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 68dd2b4f-101e-0060-4169-529dc4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6881d2811d7d4e56-FRA
expires: Thu, 09 Sep 2021 22:09:19 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1692893544&t=pageview&_s=1&dl=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&ul=en-us&de=UTF-8&dt=Gofobo%20Trailers%20%7C%20THE%20GUILTY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=38940078&gjid=842976425&cid=1684242527.1630534160&tid=UA-145160-3&_gid=887815343.1630534160&_r=1&_slc=1&z=77826100

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gofobo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 401 KB
104 KB 23ms
23ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/gofobo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bd5c81ed2892e35e7b6f4fb3809e3539610c1a23c21d93cadaf9385492d8089

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Jul 2021 18:20:02 GMT
server: cloudflare
age: 2865282
etag: W/"60de0752-645d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6881d2813b404ee6-FRA
expires: Wed, 01 Sep 2021 22:14:19 GMT

GET
H2 200 modules.189ddfe225c89657c20d.js Show response
script.hotjar.com/ 221 KB
59 KB 67ms
66ms Script
application/javascript 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.189ddfe225c89657c20d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-6292.js?sv=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 08:57:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 479534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59569
access-control-allow-origin: *
last-modified: Fri, 27 Aug 2021 08:56:36 GMT
etag: "00ab92e1048f75ffd0466b24cae7a3f0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: rYeVHRg2ibNobfX860-nBSTL5yrw5v0axXoercvnzZaqNY3tc-p8Wg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
81 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-145160-3&cid=1684242527.1630534160&jid=38940078&gjid=842976425&_gid=887815343.1630534160&_u=IEBAAEAAAAAAAC~&z=2050848916

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 01 Sep 2021 22:09:19 GMT
content-type: text/plain
access-control-allow-origin: https://gofobo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/edb7bc5d-bafa-46e2-8069-72f66608bc9d/5647eea2-8487-4183-a49c-e04655885680/ 76 KB
13 KB 18ms
18ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/edb7bc5d-bafa-46e2-8069-72f66608bc9d/5647eea2-8487-4183-a49c-e04655885680/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9247ce2bd50f80397e8e5ff3538bae254d226d3f9d23b15f16bac61580c187e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: yZViXkwKR/aO3km/Z4TYlw==
age: 2171421
vary: Accept-Encoding
content-length: 13002
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jan 2021 19:07:41 GMT
server: cloudflare
etag: 0x8D8BE3FD3AA1CFD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a1820f28-601e-004d-12be-8b1e04000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6881d2814b1d5b68-FRA

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.12.0/assets/ 13 KB
3 KB 14ms
13ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.12.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d105b0a793af6426ddf8c1ef8b26ae81d889617ef5f248a72e06b8c71d91e1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: IpszPceh6jWRl6sjS0PrYA==
age: 11375377
vary: Accept-Encoding
content-length: 3212
x-ms-lease-status: unlocked
last-modified: Wed, 20 Jan 2021 07:04:01 GMT
server: cloudflare
etag: 0x8D8BD1190DD964B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 96061c6e-f01e-016e-7308-38379a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6881d2817b635b68-FRA
expires: Thu, 09 Sep 2021 22:09:19 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.12.0/assets/ 62 KB
15 KB 17ms
17ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.12.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92c705f444d62f823dc852694d8faabc0afc96f642a90ff7e0c775d29689e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ZQjkSMldlHpRPgVBEAOG1A==
age: 11325072
vary: Accept-Encoding
content-length: 14950
x-ms-lease-status: unlocked
last-modified: Wed, 20 Jan 2021 07:04:02 GMT
server: cloudflare
etag: 0x8D8BD11912C615E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d900fc9e-201e-0041-517d-38f0f5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6881d2817b645b68-FRA
expires: Thu, 09 Sep 2021 22:09:19 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 26ms
9ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 08 Sep 2021 22:09:19 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 76EF 2 KB
1 KB 183ms
44ms Document
text/html 18.66.112.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-6292.js?sv=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fb49d852ca52c03c834ce98098b51517.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: PzOPKNOi0MW7aSZFVKs8jKAdH8O4FTmXZ9RCv3DtkTfn0bUYSBeaqg==
age: 3966769

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=393879024716738&ev=PageView&dl=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&rl=&if=false&ts=1630534159676&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1630534159675.734777210&it=1630534159528&coo=false&rqm=GET

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Sep 2021 22:09:19 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 19ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=393879024716738&ev=Purchase&dl=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&rl=&if=false&ts=1630534159679&cd[value]=1&cd[currency]=1&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1630534159675.734777210&it=1630534159528&coo=false&rqm=GET

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 01 Sep 2021 22:09:19 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?tna=v2.0.1&aid=a-00jp&wpn=lc-bundle&pu=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&duid=0304f7a82132--01fehphk508rwdr0ryqvcwe2zm&...
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-00jp&wpn=lc-bundle&pu=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&duid=0304f7a82132--01fehphk508rwdr0ryqvcwe2zm...

43 B
599 B

432ms
135ms

XHR
application/json

54.146.217.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?tna=v2.0.1&aid=a-00jp&wpn=lc-bundle&pu=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&duid=0304f7a82132--01fehphk508rwdr0ryqvcwe2zm&se=e30&dtstmp=1630534159690&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.146.217.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-146-217-90.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

a43eb929a5f667e26f866e75458c0639b56c9da1bc2f47b354d2319e2d712ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:20 GMT
x-pixel-event-id: 99bd4199-c4fa-4543-9b70-7cefbf533ff0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 1
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 7da2d1e89d9e7120

Redirect headers

date: Wed, 01 Sep 2021 22:09:19 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
location: https://rp4.liadm.com/j?tna=v2.0.1&aid=a-00jp&wpn=lc-bundle&pu=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&duid=0304f7a82132--01fehphk508rwdr0ryqvcwe2zm&se=e30&dtstmp=1630534159690&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://gofobo.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 16b7153fa1c7822d
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 72 KB
25 KB 157ms
58ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

3824eab125e2556af52e1151929d8de49a92fef642e4499881d2bb6040614661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "975 / 534 of 1000 / last-modified: 1630518285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25628
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:09:19 GMT

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D2146d766-5f40-4712-96d8-3c7b637f76a7%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D2146d766-5f40-4712-96d8-3c7b637f76a7%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=2146d766-5f40-4712-96d8-3c7b637f76a7&uid=793bae66-bdf4-4a77-9a1e-3a9555944a64

183 B
387 B

622ms
201ms

Script
text/javascript

44.235.82.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=2146d766-5f40-4712-96d8-3c7b637f76a7&uid=793bae66-bdf4-4a77-9a1e-3a9555944a64
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.235.82.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-82-75.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 9c92f1ce3ae1fd92146fba299d2dc7aa914d9dfb65b59d2c38d2e1fd29705f29

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Sep 2021 22:09:20 GMT
server: nginx/1.18.0
content-length: 183
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=2146d766-5f40-4712-96d8-3c7b637f76a7&uid=793bae66-bdf4-4a77-9a1e-3a9555944a64
date: Wed, 01 Sep 2021 22:09:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_f4fe5efe_778690df_2
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_f4fe5efe_778690df_2&verify=true
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-80RBZ9tE2uGz_LYl7P1g_41BOyoxgfit~A

151 B
360 B

602ms
201ms

Script
text/javascript

44.235.82.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-80RBZ9tE2uGz_LYl7P1g_41BOyoxgfit~A
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.235.82.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-82-75.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 71c835cecbfb0b8626c3e5712ef063831c15fa9b0abfdb347273c6e8477c0438

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Sep 2021 22:09:20 GMT
server: nginx/1.18.0
content-length: 151
content-type: text/javascript

Redirect headers

Date: Wed, 01 Sep 2021 22:09:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-80RBZ9tE2uGz_LYl7P1g_41BOyoxgfit~A
Connection: keep-alive
Content-Length: 0

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 10 KB
4 KB 215ms
66ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "2988-5b94848b276f9-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 3813
expires: Wed, 01 Sep 2021 22:24:19 GMT

POST
H/1.1 200 445.json Show response
id5-sync.com/g/v2/ 213 B
528 B 176ms
44ms XHR
application/json 54.36.109.156
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/445.json

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.156 Sheridan, United States, ASN16276 (OVH, FR),

Reverse DNS

p07.id5-sync.com

Software

Resource Hash

a5be6628169a8548cf8cc5b4b1dc116677995c57499b5f81a7039f0bc82675a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://gofobo.com
Date: Wed, 01 Sep 2021 22:09:10 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 204 id Show response
id.sharedid.org/ 0
210 B 616ms
200ms XHR
text/plain 34.210.245.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.245.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-245-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
pragma: no-cache
date: Wed, 01 Sep 2021 22:09:20 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 885ms
218ms XHR
application/octet-stream 34.213.121.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.213.121.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-213-121-83.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 01 Sep 2021 22:09:20 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-b/s/0.6.22/ 50 KB
22 KB 132ms
131ms Script
application/javascript 2620:1ec:27::cafe:2154
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-b/s/0.6.22/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/42wleqiafj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2154 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 68d525dc844915e4d71d79addf52397416bccfe244e7927fb8d9812cd7d0f70f

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: br
etag: "1d79cc6c435f50b"
last-modified: Sun, 29 Aug 2021 11:12:34 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 0D/ovYQAAAADW07QcUs5zSrWVmjGvSynoUk9NMzBFREdFMDcyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=51AFA495907C4482A5748B7AE05293DD&RedC=c.clarity.ms&MXFR=35D9D0AB5F16610F2DE2C00E5B166F87
https://c.clarity.ms/c.gif?CtsSyncId=51AFA495907C4482A5748B7AE05293DD&MUID=36C82B3E863F66F73D5C3B9B875467BD

42 B
357 B

62ms
62ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=51AFA495907C4482A5748B7AE05293DD&MUID=36C82B3E863F66F73D5C3B9B875467BD
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:19 GMT
last-modified: Fri, 02 Jul 2021 16:12:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9d284f105d6fd71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:19 GMT
x-msedge-ref: Ref A: 383421DA1F3E4369BD52D9D501713AD3 Ref B: FRAEDGE1511 Ref C: 2021-09-01T22:09:19Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=51AFA495907C4482A5748B7AE05293DD&MUID=36C82B3E863F66F73D5C3B9B875467BD
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 B
428 B 22ms
6ms Script
application/javascript 2600:9000:223c:ba00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 21:24:27 GMT
via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
age: 2694
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 02:39:21 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: gSCvvhyhc0KxlUxKC4gr8WvAUQTPVgOsDHSwr7BmwzMbH5Lu4c2yDQ==

GET
H3-29 200 maxresdefault.jpg
img.youtube.com/vi/7w9tumq4_34/ 119 KB
119 KB 21ms
7ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/7w9tumq4_34/maxresdefault.jpg

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28570948520c0aecae6bf9629f949dfaf737593e63a2bfa59149f45ff5ec4a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:04:42 GMT
x-content-type-options: nosniff
server: sffe
age: 277
etag: "1630256382"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122075
x-xss-protection: 0
expires: Thu, 02 Sep 2021 00:04:42 GMT

GET
H2 200 pixel;r=1332517928;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser;uht=2;fpan=1;fpa=P0-1231587746-1630534159790;pbcn=u;pbc=;ns=0;...
pixel.quantserve.com/ 35 B
371 B 11ms
10ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1332517928;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser;uht=2;fpan=1;fpa=P0-1231587746-1630534159790;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=gofobo.com;je=0;sr=1600x1200x24;dst=1;et=1630534159790;tzo=-120;ogl=image.https%3A%2F%2Fimg%252Eyoutube%252Ecom%2Fvi%2F7w9tumq4_34%2Fhqdefault%252Ejpg%2Cimage%3Atype.image%2Fpng%2Cimage%3Awidth.480%2Cimage%3Aheight.360%2Ctype.website%2Curl.https%3A%2F%2Fgofobo%252Ecom%2Fmain%2FtrailerDetails%2F68520334%2Ctitle.Gofobo%20Trailers%20%7C%20THE%20GUILTY%2Cdescription.A%20troubled%20police%20detective%20demoted%20to%20911%20operator%20duty%20scrambles%20to%20save%20a%20dis

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
694 B 143ms
49ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:09:19 GMT
X-Proxy-Origin: 194.99.105.102; 194.99.105.102; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0b24b8da-d8e8-4fb9-83bd-b16b95435898
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://gofobo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/82082/0/ 0
166 B 172ms
66ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/82082/0/mvo?z=1r&hbv=4.25,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://gofobo.com
pragma: no-cache
date: Wed, 01 Sep 2021 22:09:19 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
110 B 136ms
46ms XHR
text/plain 52.29.213.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=SvbaiwAUC2Anyjhaey9vmCKc&bidId=SvbaiwAUC2Anyjhaey9vmCKc&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=2146d766-5f40-4712-96d8-3c7b637f76a7&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5962152-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-213-60.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 22:09:19 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 137ms
47ms XHR
text/plain 52.29.213.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=do46vcyKzkimuinUNKb6WPHn&bidId=do46vcyKzkimuinUNKb6WPHn&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=2146d766-5f40-4712-96d8-3c7b637f76a7&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5962152-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-213-60.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 22:09:19 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
109 B 137ms
47ms XHR
text/plain 52.29.213.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=YaCtqFKRVNytuFBMH4RYcMaZ&bidId=YaCtqFKRVNytuFBMH4RYcMaZ&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=2146d766-5f40-4712-96d8-3c7b637f76a7&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5962152-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.213.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-213-60.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 22:09:19 GMT
access-control-allow-credentials: true
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 470 B
3 KB 215ms
67ms XHR
application/json 213.19.162.41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=145710&zone_id=686076&size_id=2&alt_size_ids=57%3B57%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=7a430945-c529-41be-8352-4c15843d592b%3Baab38621-62f3-4c88-afdd-6bd7c9fb949a%3Bf9ed6008-6857-44a9-8532-6283cbbab22f&p_screen_res=1600x1200&tg_fl.eid=686076-1%3B686076-2%3B686076-4&rf=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&x_source.pchain=proper.io%3Ae5962152-eb92-11e9-a488-69e3386c7506&ppuid=2146d766-5f40-4712-96d8-3c7b637f76a7&rp_schain=1.0%2C1!proper.io%2Ce5962152-eb92-11e9-a488-69e3386c7506%2C1&slots=3&rand=0.19540201803075608
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ea297a2d925b01d3cdef873292a2d3a087a30fd632d4530b4f01c6b4dfe1ffde

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:09:19 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://gofobo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 470
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
propermedia-d.openx.net/w/1.0/ 173 B
701 B 154ms
55ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&aus=728x90%2C970x250%7C728x90%2C970x250%7C728x90&auid=539109007%2C539109008%2C539109012&aumfs=100%2C100%2C100&dddid=38d4fba1-4420-4655-ae4b-d1144c6bab6a%2C25086c30-9223-4e25-ace4-aec5ade81f5f%2C0af7ba1b-d1a8-4487-a52a-e5845871b220&divIds=openx-f4568bde-9000-465b-b824-b0552f993bd0%2Copenx-e23b4c8e-5c40-4311-8808-6f640be260e4%2Copenx-291f186a-455f-427b-8c63-3d1510364fa2&be=1&bc=hb_pb_3.0.1&nocache=1630534159812&schain=1.0%2C1!proper.io%2Ce5962152-eb92-11e9-a488-69e3386c7506%2C1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: e5803f20fa6ae42e0cb9c75663efbffe052343c35e4dbf7b77882f725afb6f25

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://gofobo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 127 KB
34 KB 157ms
55ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:22:22 GMT
content-encoding: gzip
age: 67616
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 03VHHYD57TPK7GPF04FJ
etag: 708a268139e52bdfbe59398b3e766151
vary: Accept-Encoding
x-amz-version-id: bUOtLa_JuiaVr315AmNwDAtieSptDO4R
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: M1fkQ1QGPeAXv7Thfp4Xl5cDQsOYlj0F3JUTHVDQ1nbQ38MvI6S3ow==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 214ms
110ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 22:09:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 30 B
610 B 229ms
57ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2264fb291b6e94be836bdb%22%3A%2264fb291b6e94be836bdb%7C728x90%7C0.1%22%2C%22a7ed1445f63ff290b23b%22%3A%22a7ed1445f63ff290b23b%7C728x90%7C0.1%22%2C%22a3d3f63c0ffec8084675%22%3A%22a3d3f63c0ffec8084675%7C728x90%7C0.1%22%2C%22b6fd1dc87a0742d83627%22%3A%22b6fd1dc87a0742d83627%7C970x250%7C0.1%22%2C%229faa42e585d1b8098851%22%3A%229faa42e585d1b8098851%7C970x250%7C0.1%22%7D&ref=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&s=3fe6e09c-5335-44d9-b994-c002296de476&pv=ccfd0a20-77e2-4fe3-9383-fc35c52296a8&vp=desktop&lib_name=prebid&lib_v=4.25.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%7B%7D%7D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5962152-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

a117924f559cb8da7692dc5a758f590fff1a959d1908f7055f2ec7a3efd35332

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:09:20 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://gofobo.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 30
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 xhr Show response
pre.ads.justpremium.com/v/2.0/t/ 43 B
247 B 203ms
101ms XHR
application/json 52.58.12.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1630534159814
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.12.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-12-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 62d956e0d5fc84fcd6b7d2bbd8d13e0dde19d29e3381beeff57d185a2b917477

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 22:09:19 GMT
cache-control: public, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
280 B 175ms
58ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://gofobo.com
access-control-allow-credentials: true
cf-ray: 6881d283b90e4c08-AMS
access-control-allow-headers: Content-Type, Origin

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
315 B 220ms
133ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: d0118c24df7674b9e6e9d4ee8b3023c97fe6b48d724fa7cacf8460440fa7a19b

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gofobo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 222ms
136ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 9b64d14f25354cacebf3583dec46e80a5f496584f0d54f43ebe25c1044afb51a

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gofobo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 223ms
137ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 079b7d9c4718f1116138c007754f5d87b992fafe73d0a066592a7d4e958e049a

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gofobo.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK headertag Show response
as-sec.casalemedia.com/ 0
391 B 283ms
82ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%2269585310%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-EOl9s%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-EOl9s%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-2-PikXB%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-PikXB%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-3-rm91H%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-3-rm91H%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x90-1-cYXql%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x90-1-cYXql%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x90-2-WBIRX%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x90-2-WBIRX%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x250-1-jrEN8%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x250-1-jrEN8%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x250-2-ioBpL%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x250-2-ioBpL%22%2C%22siteID%22%3A362743%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5962152-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&t=300&fn=window.proper_bb6db59e_057c9e63_3
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:09:20 GMT
X-AK-INITIAL-GEO: CC:[PL], RC:[], CN:[EU], CIP:[194.99.105.102], XFF:[]
Server: Apache
Vary: Is-Traffic-Invalid
Content-Type: text/javascript
X-CS-CLIENT-GEO: 09
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 09
Expires: Wed, 01 Sep 2021 22:09:20 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 45 B
595 B 177ms
59ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.25.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8dae4f804354d13494c671c278d47b8baa7f73b364cf77ef51c2612ffbd67f70

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 01 Sep 2021 22:09:19 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://gofobo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 65

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 346 B
527 B 40ms
13ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e614afb8de677a0d0cbdc22b5c8ba39b7c26b8228d2fa49cf6d1e8decf8a753

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:19 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://gofobo.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 346
expires: 0

GET
H3-29 200 pubads_impl_2021082701.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
117 KB 110ms
57ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 15:07:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119397
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:09:20 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 126 B
123 B 106ms
53ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gofobo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

3c28b1e7455fd67f101920be78112595a077582ef5a992b9f13850cc2b861e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:09:20 GMT

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 41 KB
15 KB 67ms
66ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:20 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "a253-5b94848b276f1-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 14886
expires: Wed, 01 Sep 2021 22:24:20 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 134ms
45ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 96XhsjGsBxsrm3kyucJOVw9g9hT2d.yB
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 44505
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 21 Aug 2021 01:59:01 GMT
server: AmazonS3
date: Wed, 01 Sep 2021 09:47:36 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: If3rB_Xz6PwAQtVcMNXX1pPJnbXMLo0HzfHk7ROXaB2RiMZbo5fmCw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
298 B 143ms
142ms XHR
text/plain 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:19 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: https://gofobo.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: e8eh1_zmimFZ6xDA7-5gCOv2NpueCjDWT3byPfL61kI0b9e7uR858g==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
367 B 85ms
84ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&pid=bdJHrp6alpdTw&cb=0&ws=1600x1200&v=7.68.00&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&cfgv=0&schain=1.0%2C1!proper.io%2Ce5962152-eb92-11e9-a488-69e3386c7506%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:20 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://gofobo.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 9vzy3RJq_SwcVuctA8fNl3QPbcnHC6ccbyCPBsKQRm_4GWZqcNoMMg==

POST
H2 204 collect Show response
e.clarity.ms/ 0
171 B 539ms
269ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.22/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 22:09:19 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 423 B
625 B 13ms
11ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.0.8&lid=616
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 18c3ad9d69f010a2b28ea73c99136fd5d631996a7cd0a5b11e8e6b1d3c48ff5f

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:20 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://gofobo.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 423
expires: Wed, 01 Sep 2021 22:39:20 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 69ms
69ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:20 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Wed, 01 Sep 2021 22:24:20 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 187 KB
56 KB 89ms
89ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c66fbd9aa8bea7f30b0a58ed13d4397ffee9ccbfa02f6a42155883e2227ecf77

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:20 GMT
content-encoding: gzip
last-modified: Tue, 03 Aug 2021 17:08:08 GMT
server: Apache
etag: "2ebff-5c8aabae001f5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 57184
expires: Wed, 01 Sep 2021 22:24:20 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 14ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=393879024716738&ev=Microdata&dl=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&rl=&if=false&ts=1630534160178&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gofobo%20Trailers%20%7C%20THE%20GUILTY%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fimg.youtube.com%2Fvi%2F7w9tumq4_34%2Fhqdefault.jpg%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fpng%22%2C%22og%3Aimage%3Awidth%22%3A%22480%22%2C%22og%3Aimage%3Aheight%22%3A%22360%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%22%2C%22og%3Atitle%22%3A%22Gofobo%20Trailers%20%7C%20THE%20GUILTY%22%2C%22og%3Adescription%22%3A%22A%20troubled%20police%20detective%20demoted%20to%20911%20operator%20duty%20scrambles%20to%20save%20a%20distressed%20caller%20during%20a%20harrowing%20day%20of%20revelations%20%E2%80%94%20and%20reckonings.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1630534159675.734777210&it=1630534159528&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 01 Sep 2021 22:09:20 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 184 KB
61 KB 153ms
46ms Script
application/x-javascript 13.32.121.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-3.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a08c01d451bd2649996e79c2480e43b5ede3f2833fdadc14ef8ab7a99e7a6fca

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Rht9EGj5CLLTbc7c28hGHR3r.Br9AlUg
content-encoding: gzip
etag: W/"ba9fcbd6e70c7f8f2ee116f4f3ed4eb6"
age: 34075
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:c6969df7-acd4-4ae9-964a-80694e0cd836
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 11cd83118869b3620c5f956dedb0813c
last-modified: Mon, 30 Aug 2021 12:41:18 GMT
server: AmazonS3
date: Wed, 01 Sep 2021 12:41:49 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: c6f0e019387f43cbaa51d31fb47cc3472809786965b16f39b6e0a64940f2e81d
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-type: application/x-javascript
x-amz-cf-id: 5SeVHAXXDbYp87Qr20dIyXrA4f838Q1sPcbJEddOIHx3Fv3CZ0kZ8Q==

GET
H/1.1 200
OK Cookie set a-00jp Show response
i.liadm.com/s/c/ Frame 5D9A 1 KB
1 KB 529ms
138ms Document
text/html 54.84.63.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-00jp?s=&cim=&ps=true&ls=false&duid=0304f7a82132--01fehphk508rwdr0ryqvcwe2zm&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.63.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-63-116.compute-1.amazonaws.com

Software

Resource Hash

78dca59ec8e5f062c1bb51c91706f5b089bdb60797242117153ae032b3c4bd28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: i.liadm.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gofobo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: lidid=f39775bb-6e33-48e7-b6c7-a2936c77edfb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

Cache-Control: private, no-cache, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Sep 2021 22:09:20 GMT
ETag: 1.61803398874
Set-Cookie: _li_ss=MgUIBhClEDIFCAoQpRAyBQh6EKQQMgYIiwEQpRAyBQgLEKUQMgUICxClEDIFCHkQpBA; Max-Age=2592000; Expires=Fri, 01 Oct 2021 22:09:20 GMT; SameSite=None; Path=/s; Secure
Strict-Transport-Security: max-age=31536000; includeSubDomains
trace-id: ade845a55ba8afd9
Vary: Accept-Encoding
Content-Length: 639
Connection: keep-alive

GET
H/1.1 200
OK baker
sli.gofobo.com/ 19 B
363 B 262ms
67ms Image
image/gif 2.16.186.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sli.gofobo.com/baker?dtstmp=1630534160417
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.186 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-186.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:09:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Expires: Wed, 01 Sep 2021 22:09:20 GMT
Connection: keep-alive
Content-Length: 19
Content-Type: image/gif

POST
H2 200 s2s Show response
eb.proper.io/ 5 KB
4 KB 184ms
174ms XHR
application/json 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eb.proper.io/s2s?proper_uid=2146d766-5f40-4712-96d8-3c7b637f76a7
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f12cecc628dc51b51d6dd6b76df3dbf954be7ba3ba906f4dc13847530173a6

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:20 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://gofobo.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: dur:144
cf-ray: 6881d2879ce34ee6-FRA
expires: -1

GET
H/1.1

200
OK

9f43c9f4ddf44c02b983f1bc7c5c662d
i.liadm.com/s/e/a-00jp/0/ Frame 5D9A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00jp%2F0%2F9f43c9f4ddf44c02b983f1bc7c5c662d%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&f39775bb-6e33-48e7-b6c7-a29...
https://i.liadm.com/s/e/a-00jp/0/9f43c9f4ddf44c02b983f1bc7c5c662d?mpid=7156&muid=a837612f-fa10-4d00-8ea7-b4718b664afc

43 B
285 B

135ms
130ms

Image
image/gif

54.84.63.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-00jp/0/9f43c9f4ddf44c02b983f1bc7c5c662d?mpid=7156&muid=a837612f-fa10-4d00-8ea7-b4718b664afc

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00jp?s=&cim=&ps=true&ls=false&duid=0304f7a82132--01fehphk508rwdr0ryqvcwe2zm&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.63.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-63-116.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 22:09:20 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: eea0d0eae55f73bf
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Date: Wed, 01 Sep 2021 22:09:21 GMT
Server: MT3 3905 f19d76c master zrh-pixel-x7
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://i.liadm.com/s/e/a-00jp/0/9f43c9f4ddf44c02b983f1bc7c5c662d?mpid=7156&muid=a837612f-fa10-4d00-8ea7-b4718b664afc
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 01 Sep 2021 22:09:20 GMT

GET
H/1.1

200
OK

35759
i.liadm.com/s/ Frame 5D9A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=eb1ecfb3-7384-4f6d-aeeb-9481ae022341

43 B
447 B

202ms
131ms

Image
image/gif

54.84.63.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=eb1ecfb3-7384-4f6d-aeeb-9481ae022341

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.63.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-63-116.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 22:09:20 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 9d7822202b392a70
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=eb1ecfb3-7384-4f6d-aeeb-9481ae022341
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1

200
OK

9f43c9f4ddf44c02b983f1bc7c5c662d
i.liadm.com/s/e/a-00jp/0/ Frame 5D9A
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=f39775bb-6e33-48e7-b6c7-a2936c77edfb&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00jp%2F0%2F9f43c9f4ddf44c02b983f1bc7c5c662d%3Fmpid%3D82775%26muid%3D%2...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=f39775bb-6e33-48e7-b6c7-a2936c77edfb&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00jp%2F0%2F9f43c9f4ddf44c02b983f1bc7c5c662d%3Fmp...
https://i.liadm.com/s/e/a-00jp/0/9f43c9f4ddf44c02b983f1bc7c5c662d?mpid=82775&muid=14836310011843240863400091672088808734

43 B
285 B

256ms
132ms

Image
image/gif

54.84.63.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-00jp/0/9f43c9f4ddf44c02b983f1bc7c5c662d?mpid=82775&muid=14836310011843240863400091672088808734

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.63.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-63-116.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 22:09:21 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: bd3e593a2f005231
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-1-v015-0148eb490.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 4rw0ddTkQrE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-00jp/0/9f43c9f4ddf44c02b983f1bc7c5c662d?mpid=82775&muid=14836310011843240863400091672088808734
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 5D9A
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f39775bb-6e33-48e7-b6c7-a2936c77edfb
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f39775bb-6e33-48e7-b6c7-a2936c77edfb&rd=Y

43 B
602 B

226ms
226ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f39775bb-6e33-48e7-b6c7-a2936c77edfb&rd=Y

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:21 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 01 Sep 2021 22:09:21 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f39775bb-6e33-48e7-b6c7-a2936c77edfb&rd=Y
pragma: no-cache
date: Wed, 01 Sep 2021 22:09:21 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 01 Sep 2021 22:09:21 GMT

GET
H/1.1

200
OK

52176
i6.liadm.com/s/ Frame 5D9A
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=f39775bb-6e33-48e7-b6c7-a2936c77edfb&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=793bae66-bdf4-4a77-9a1e-3a9555944a64
https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=793bae66-bdf4-4a77-9a1e-3a9555944a64

43 B
447 B

292ms
97ms

Image
image/gif

2600:1f18:444a:4602:4614:a08b:388f:2234
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=793bae66-bdf4-4a77-9a1e-3a9555944a64

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:444a:4602:4614:a08b:388f:2234 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 22:09:21 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 33614003af043c5a
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=793bae66-bdf4-4a77-9a1e-3a9555944a64
Date: Wed, 01 Sep 2021 22:09:20 GMT
Connection: keep-alive
trace-id: fc42d32292849e80
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

52164
i.liadm.com/s/ Frame 5D9A
Redirect Chain

https://x.bidswitch.net/sync?ssp=liveintent&user_id=f39775bb-6e33-48e7-b6c7-a2936c77edfb
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=liveintent
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=47a996af-c808-492d-b779-aad529451b5b&ssp=liveintent&user_group=1
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=793bae66-bdf4-4a77-9a1e-3a9555944a64

43 B
447 B

216ms
130ms

Image
image/gif

54.84.63.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=793bae66-bdf4-4a77-9a1e-3a9555944a64

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.63.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-63-116.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 22:09:21 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 2489b0af2644408e
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

location: //i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=793bae66-bdf4-4a77-9a1e-3a9555944a64
date: Wed, 01 Sep 2021 22:09:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame 5D9A 43 B
229 B 29ms
14ms Image
image/gif 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00jp?s=&cim=&ps=true&ls=false&duid=0304f7a82132--01fehphk508rwdr0ryqvcwe2zm&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 01 Sep 2021 22:09:20 GMT
via: 1.1 varnish
server: nginx
x-timer: S1630534161.967296,VS0,VE9
x-served-by: cache-fra19170-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
853 B 49ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=gofobo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gofobo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 99 KB
21 KB 359ms
359ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1762277185358562&correlator=2555629361745961&output=ldjh&impl=fifs&eid=31062297&vrg=2021082701&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20210901&iu_parts=5376056%2Cgofobo_main_1%2Cgofobo_main_2%2Cgofobo_sticky_dynamic%2Cdynamic_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2F4&prev_iu_szs=1x1%7C728x90%7C970x250%7C970x90%2C1x1%7C728x90%7C970x250%7C970x90%2C1x1%7C728x90&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D6972%26proper_site%3Dgofobo%26proper_slot%3D1%26tags%3Dunknown_desktop%252Cunknown%26proper_floor%3D0.10%26s_depth%3D1%26proper_bidder%3Dgofobo_verizon_media_s2s%26proper_bid%3D0.10%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D6972%26proper_site%3Dgofobo%26proper_slot%3D2%26tags%3Dunknown_desktop%252Cunknown%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D6972%26proper_site%3Dgofobo%26proper_slot%3D5.01%26tags%3Dunknown_desktop%252Cunknown%26proper_sticky%3Dtrue%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1630534160&dt=1630534160991&dlt=1630534159130&idt=1053&frm=20&biw=1600&bih=1200&oid=3&adxs=245%2C245%2C-12245933&adys=140%2C1589%2C-12245933&adks=1289986997%2C1212421020%2C452034833&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1140x0%7C1140x0%7C0x-1&msz=1140x0%7C1140x0%7C0x-1&ga_vid=1684242527.1630534160&ga_sid=1630534161&ga_hid=1692893544&ga_fc=false&fws=0%2C0%2C640&ohw=0%2C0%2C0&btvi=0%7C1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

d8ec9f4de5cd7b885ea6439cfa4ebae59c3fdda4f371e51dcab6bfaf30b689dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21016
x-xss-protection: 0
google-lineitem-id: -1,-1,2151234376
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138203123257
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gofobo.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3ae4f9a453f681a3a3c1c06bb32960f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F5D3 6 KB
3 KB 47ms
13ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ae4f9a453f681a3a3c1c06bb32960f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3ae4f9a453f681a3a3c1c06bb32960f2.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Sep 2021 22:09:21 GMT
expires: Thu, 01 Sep 2022 22:09:21 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108170213000/ Frame 5ABF 188 KB
55 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55333
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 21:15:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55ff93a1040e5c38"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 21:15:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5ABF 13 KB
5 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5ABF 89 KB
28 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5ABF 4 KB
2 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 5ABF 40 KB
13 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
DATA 200
OK truncated
/ Frame 5ABF 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c40a9e06a28730cbbb04c7422860aaa83bc1791289c1f76debf10f1c2010a06

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 12252779112347374508
tpc.googlesyndication.com/simgad/ Frame 5ABF 65 KB
65 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12252779112347374508?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmUuVDZm3qoBZintq8q4Tw1jCHQCw

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4765f0aa381a6e92f4ca707380c01e3834e6bd8ae2006106efb437323ef1dff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 15:15:06 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 15:18:14 GMT
server: sffe
age: 370455
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66622
x-xss-protection: 0
expires: Sun, 28 Aug 2022 15:15:06 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5ABF 2 KB
3 KB 35ms
13ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
age: 39908
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 02 Sep 2021 11:04:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5ABF 295 B
778 B 27ms
6ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 07:57:47 GMT
x-content-type-options: nosniff
server: cafe
age: 51094
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 02 Sep 2021 07:57:47 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5ABF 0
0 82ms
81ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CP4JcEfovYduCBNSp3gPU0bKgAfbsmfRk3ZPs8Y8OjaGLmJweEAEg2Oq2IGDp5MmF2BqgAYTS99YDyAECqQKlGBEJ-qSRPuACAKgDAcgDCKoEggJP0MW70dzOPW0DPNO4o7lF7W-itga05Zz7lURfYpuJjl7Q_iqdBBx8iV9NzQGZq7OJK5wsG0HlRhKhGmAMXnmraiUfcnIOUXKhwC4CxpFmlAzi9KRg-btjJGV2DzVwHQvD1j94DbTLPatF4kPhihdU46kgoqQNciUMOI978SJgkr41bdR0eh0P-13Crvm8DsA4DJwcA14q0EkyzYD_7qnTU3UpCqrKxsJnsmSPxeJm3oqjxcbMXcgBEIQGMLc2mwJD_AeXPggOHce59NjmFlt5vG8rRzGJKM71AmcapwKWc83_HFlz3ggSKC1JtP4iHxXq8EB1p9h27jUvaHJr5ZqphHzABPe8zu_eA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfkrYgpqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBBD-rSvSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTYzMzUwNzE3Njg0NTcyNDmACgPICwHYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjg5NzkwMjE5MTcxNDgzMxjQnBI&sigh=9s9U2RmvEFQ
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108170213000/ Frame F001 188 KB
54 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55333
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 21:15:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55ff93a1040e5c38"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 21:15:05 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame F001 13 KB
5 KB 29ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame F001 89 KB
28 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame F001 4 KB
2 KB 29ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame F001 40 KB
13 KB 28ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F001 2 KB
3 KB 15ms
15ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
age: 39908
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 02 Sep 2021 11:04:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F001 295 B
353 B 16ms
15ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 07:57:47 GMT
x-content-type-options: nosniff
server: cafe
age: 51094
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 02 Sep 2021 07:57:47 GMT

GET
DATA 200
OK truncated
/ Frame F001 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0441a6694dacc6835008558d977f65ea12dda344aa19989937fc4baef922874c

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA0C 0
0 80ms
79ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYuC-0-7X8AYyAHg9iJrzDiM2xP-F_VJOS7pXv36JR9P5nhw5knbOfiUVXAjb4evOcuIGWrnUQ7dSYqEvp3u1mOVl68vCEZRWU_JZP9RKwOFNmB_nRgrnevXhpTFXlMp9Ex3asD4UnZ25WXdDZveOzhb1ELOWJvvDMJxi7imRmIq75uQNeiqmh3Y-92PlBY3zFO55bHmtI9rc41Ao2qfZUJybURMOHAr7Y2sYBMgVSk3kCpnGKnSpArjcI2MtBXljEaqo1a3WlvfsUA2K69ovRQpylekAuk91riv7Rn98_BuAJVK6YX1xb_dlpRoj-kLpaZP-HW2yB&sai=AMfl-YQMJvPSUdBQIuUWNGQVakZoz9tg2iJomYYEPOm90rl2YmP_jOtfMk2wXMMzKdk3c5Fj-vMyOOo4X2vODjmrMJepGo8ZEAOyxU7zOTR28JlVBLUGbVXWOMgXt4rJMV5h&sig=Cg0ArKJSzNsssS64bDjDEAE&urlfix=1&adurl=

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:09:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 01 Sep 2021 22:09:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA0C 122 KB
37 KB 46ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:09:21 GMT

GET
H3-29 200 16164197863327543788
tpc.googlesyndication.com/simgad/ Frame F001 115 KB
115 KB 23ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16164197863327543788?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnOksoJxvsFf0AsWdju3EbM4BcoNA

Requested by

Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9674197b2bb985a8115e292205174fc5a700d4cd0ff9e981ac04e2b4ea4df5e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 08:00:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 08:15:02 GMT
server: sffe
age: 396540
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117948
x-xss-protection: 0
expires: Sun, 28 Aug 2022 08:00:21 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F001 0
0 82ms
81ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNQH4EfovYdyCBNSp3gPU0bKgAb6qqN9k3oWi-qgO2tkeEAEg2Oq2IGDp5MmF2BqgAbnnk7YDyAEC4AIAqAMByAMIqgSEAk_QdkOIjZ3MpYns7UdqpzKj3ze2vbvms_ul9BA3kMGwHe6VdQPZ6h-0OYhiR5UZAQoz34Tu4xJzo0UCAH3AQAu1MIzBjCxP12HkHi6Rm2LXrIn5dhXFRi2FNpUzv7BDu_8RP-8GvUp1xvywhlTVYj6uwIj3f6TN-6w-BXLZntg5zlkvMBdyRxi2yLDhWPPb-WznV2vHsb3GmHDBvJinETsSvCJF0Z93K80vrqCoTmqZrK1z81Uc1wIMVeq89H2xSDgtK1-M1duHYvvc5SganXAmM_Uu7-VZ15c0ghF7-lRi2EpqUoGUlYQVH01q8WOLfW0GIab64tAxJsZNwh8BAtkpN8pBwASU4qDX9gPgBAGSBQQIBBgBkgUECAUYBKAGAoAHr5jsSagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwQQ9vQW0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi02MzM1MDcxNzY4NDU3MjQ5gAoDyAsB2BMC0BUBmBYBgBcBshceChwIABIUcHViLTY4OTc5MDIxOTE3MTQ4MzMY0JwS&sigh=CtfgunPeLyY
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:09:21 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 267ms
267ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.22/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 22:09:21 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5ABF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Wed, 01 Sep 2021 22:09:21 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA0C 0
0 81ms
80ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste6Ictx4t9J2_3RtJbASv2rGd5dXxGZYpYJLVytcxf1h-QSQ406dO9jqoPg4b-dmCBhKVJ_JOdd6S8Wbtd1blsabhT0LtZ_kDgfZ_lYOXmg27ku5ymTQlppP3LmVlpoobzNxSvE1yJm6Ium5V9GP3gtzaAUeuD21IxdZJHKSpVi4sW7vVbX4N3-tnOwsAYVCk_wI7ro3GZk60A5TX_G69o857dX5UlGtbuU6Dlog8vzplU3LnH8ZEStSsJ2lg5MEc6g-6t6jUOgWBi2mRlLxZuQ4AP8tzHNf7erRewB-JqtdaRbyg9xjJVqtALgby5HCEcT7XTTwscEaM&sai=AMfl-YSpDs_FgP38XigYxz1ES_HB5hFUtCkKm7hxRoS_txcaD4T2VvS1qMh7BbzmXnR19quP5JOQthx_yiRxHgQwgYFFCoyemlWlJ1nNtxw4s_sdjurOjfuGnqCLmhaF7afn&sig=Cg0ArKJSzC51IdYzc4YgEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:09:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 01 Sep 2021 22:09:21 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F001
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

28ms
14ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: gofobo.com
URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Wed, 01 Sep 2021 22:09:21 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 216ms
215ms XHR
application/octet-stream 34.213.121.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.213.121.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-213-121-83.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 01 Sep 2021 22:09:21 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 43ms
23ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95e18424831a8f04f6bfbc89eca050ff1443848a89ea377fa6c52b7ad82e4afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 22:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8406
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 01 Sep 2021 22:09:21 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B4A2 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 01 Sep 2021 21:59:47 GMT
expires: Thu, 01 Sep 2022 21:59:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EDD2 783 B
530 B 54ms
53ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5eec5b37a4de1c73a4f088c81a890024f2f5d007de11294f4bb968a4c9cf91ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XtslT42YoaQrv9UwyWswgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

expires: Wed, 01 Sep 2021 22:09:21 GMT
date: Wed, 01 Sep 2021 22:09:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-XtslT42YoaQrv9UwyWswgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response
pagead2.googlesyndication.com/bg/ Frame B4A2 35 KB
13 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 12:05:10 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021082701&jk=1762277185358562&bg=!FRalFlLNAAZOkH6FTpA7ACkAdvg8WhPfzFX1PsN0FSsUiiP5uTw_MWDjGG1PM-QaJn_HmzwzlELr9AIAAABoUgAAAA1oAQcKAQPMX0AxCTEGqn4y6QnHwP4fC9C9Dcr56gigYa2nmdx4ZSG6UMnBow30tn5UP6PZsADWlB3K13p_i-gSrx5uByCvR-KnJWXj7-C1fBHzmh61-7dUZhlDwclRrj1_bnwgwtWN9R2gi-maFCrwUwMwf24Eg6W9PpPqg11eUGXF-l2_CR2zNaPBfhDtbNc6QCHzNYPpcCfueNAeI1uiTh2vMEseQWjsOozVCVGXjisVLLWr0_d6EF0Ez2S2nGB6jFEdl-lupYGGYOXAt-3hQFWMSY547xp5jZyeHpeZQNzSheqIiOXgtD5s7xje8BTHTAQxzlMXYxlt3RdFaDNmlFNzZWnNjeH0mQJpLyD8PDbj2VMZN_qI79wX9nBBIsSfWCwH87voQSVUz5tRC0pUBV3zm9cNCGNL3HXD23QnDRyyrJ6neDyw26dbb_u6lTpSRhC1Ci3wJbZm4L31SKh5Y58coJIPBroV31Q59aRQBRh04L6vvNHFIt8x4plaifcjO3RambwhUQYbD8ha1xieOH0i4gaGb6DYJqCmEGtyGCDe7k6aRmIT9rGdRitjj-fRcAp47yeE_YGV1xyQ7LeW2N1Xusd5IxB0rGRJdF0bqvWG8dNtcgfFCKJkK20IkLuM3L9x4Z4UDSuOu0S9RbyK2E9jm0zuETjlBB7zV2obcZhUNOgosD8g6ccYX0pEqJZKF9nWNo8XOWPa_vLwomdLNqqqoLiH3iA3qtlYZ2hXcbD-pcUZ08JYZzjho5vNE9abe6bVowlrv6qpPejuUHCvv0mafJXH9lOhtKyR6WwcDp1rNr-zTHQHIy168XD3HrYCZoNoysDBma-S6t-NfTrlyl5JWmacw88_TthyDxGPBL58ND_u6u8IazX4O_rdPdg06dVyB-7mtkdeoVHIoPU09y_3XAP6l6PEPrkfBdTxGjKDNfaD2Y0Rhga-TVFTJPw8nXilWm3k-Y2P80UzHGQRONTx3qahtD97kV6R7e7C_kq-_qfwH0pI8blVnkWjhwaLfn6y82H-jyI0skUaRcF_CysDEo3DZ0yoYmrdCGHMukZIVSaLAddOLOZjXc59mQpd2ZCXOrlisQ6rh9c-FVp_l3EREQ29ISSSk1RkcJbHZF-r0VL7zApRMk6JKkfBeKXZP1Heiki3QDZgUFXZgRHZHznonTI
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5ABF 42 B
64 B 47ms
46ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuq67CoBNY-9L0q18mFIY-OgZmGNUl2jsKgIgOj3Uk3tl3LfjPd4PLDSj8Oihkn7TCgtThiM3ytCFz2XwMZXaeXV63BV5zD-SHe9r2qt0K2z-dx8rwqahZEDZrS66ximhrMkKDT5ixuS-FD51lOBA1Gug&sai=AMfl-YSyIsomK2Uhp_gjchNWIoB27SEpMK5YGr5Zfi3ujfeTUwKmlOTFOEFxfqErp9aY3xNWB0-TpHVPFxYNFX4U3WORu5OIvKiq9_LyPrEP2NAHEkklMuxOHi9Kxrgz-v2l&sig=Cg0ArKJSzOPsSLoq8lgsEAE&id=ampim&o=330,140&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=199&tls=1199&g=100&h=100&tt=1199&r=v&avms=ampa&adk=1289986997

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 271ms
271ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.22/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 22:09:23 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame E007 995 B
875 B 188ms
59ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gofobo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 01 Sep 2022 22:09:24 GMT
Date: Wed, 01 Sep 2021 22:09:24 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 index.html
cdn.districtm.io/ids/ Frame AFB7 0
0 59ms
57ms Document
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

date: Wed, 01 Sep 2021 22:09:24 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6881d29f8ee64c08-AMS

GET
H2 200 sync Show response
pre.ads.justpremium.com/v/1.0/t/ Frame 2F9D 4 KB
4 KB 55ms
55ms Document
text/html 52.58.12.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=ahyqire1630534159740
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.12.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-12-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2b901411db170c99ca61aa554ce15cc57a244955bf0da1d9b636831bbd7190d3

Request headers

:method: GET
:authority: pre.ads.justpremium.com
:scheme: https
:path: /v/1.0/t/sync?_c=ahyqire1630534159740
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

date: Wed, 01 Sep 2021 22:09:24 GMT
content-type: text/html; charset=utf-8
cache-control: public, no-cache, no-store, must-revalidate

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2D8B 38 KB
14 KB 193ms
63ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=61262
expires: Thu, 02 Sep 2021 15:10:26 GMT
date: Wed, 01 Sep 2021 22:09:24 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9F63 281 B
554 B 139ms
45ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gofobo.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Sep 2021 22:09:24 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9F63 31 KB
10 KB 46ms
46ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 55a56f73a3a80cdb4cb0526e3ee3e9af1e17752219178fba21f473b7b5e106e7

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 22:09:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45614
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Thu, 02 Sep 2021 10:49:38 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 9F63 284 B
536 B 206ms
55ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2D8B 3 KB
3 KB 162ms
52ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64487270&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 8dacb13db3ff420996c13d89f6277cfd8cf7c04ecbf2ff7e5afd2476709610dc

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:22 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame E007
Redirect Chain

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

0
805 B

169ms
169ms

Script
text/html

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:09:25 GMT
X-Proxy-Origin: 194.99.105.102; 194.99.105.102; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d68fb6de-bdca-44fc-8623-de0dce00f3af
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:09:24 GMT
X-Proxy-Origin: 194.99.105.102; 194.99.105.102; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9f541c27-27e0-426a-a2fb-5c98c21cb915
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 2638
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=5E944C5E-A842-41E6-B09A-8149729212B7
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=5E944C5E-A842-41E6-B09A-8149729212B7

35 B
476 B

46ms
46ms

Document
image/gif

37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=5E944C5E-A842-41E6-B09A-8149729212B7

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=5E944C5E-A842-41E6-B09A-8149729212B7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 01 Sep 2021 22:09:25 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=364796519007830311; expires=Sun, 31 Oct 2021 22:09:25 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Wed, 01 Sep 2021 22:09:25 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=5E944C5E-A842-41E6-B09A-8149729212B7
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Fri, 01 Oct 2021 22:09:25 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame 47C6 35 B
134 B 157ms
51ms Document
image/gif 213.155.156.168
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.168 Uppsala, Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method: GET
:authority: d5p.de17a.com
:scheme: https
:path: /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame BFFE 43 B
338 B 185ms
61ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Wed, 01 Sep 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1379
date: Wed, 01 Sep 2021 22:09:24 GMT
content-length: 43

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2D8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XpRMXqhCQeawmoFJcpIStw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=XpRMXqhCQeawmoFJcpIStw%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

65ms
65ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:25 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=102783
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Fri, 03 Sep 2021 02:42:28 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 2D8B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=01d4612f-fa14-4b00-9328-52fc2d86593f

0
260 B

157ms
52ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=01d4612f-fa14-4b00-9328-52fc2d86593f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 01 Sep 2021 22:09:24 GMT
Server: MT3 3905 f19d76c master zrh-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=01d4612f-fa14-4b00-9328-52fc2d86593f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 01 Sep 2021 22:09:23 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 2D8B
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=5E944C5E-A842-41E6-B09A-8149729212B7
https://spl.zeotap.com/?zdid=1332&zcluid=b906afe84d855d56
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a61636e5-cd61-4d5b-62d3-5268a01eaa9e&reqId=b0a4884e-def9-4fdc-62a3-c83bf5997b4a&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEAdKhEf_esvxa7Nc9kfDk0Q&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a61636e5-cd61-4d5b-62d3-5268a01eaa9e&reqId=b0a4884e-def9-4fdc-62a3-c83...

95 B
164 B

39ms
36ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEAdKhEf_esvxa7Nc9kfDk0Q&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a61636e5-cd61-4d5b-62d3-5268a01eaa9e&reqId=b0a4884e-def9-4fdc-62a3-c83bf5997b4a&zcluid=b906afe84d855d56&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6881d2a49e405b7a-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEAdKhEf_esvxa7Nc9kfDk0Q&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a61636e5-cd61-4d5b-62d3-5268a01eaa9e&reqId=b0a4884e-def9-4fdc-62a3-c83bf5997b4a&zcluid=b906afe84d855d56&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2D8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUU5NDRDNUUtQTg0Mi00MUU2LUIwOUEtODE0OTcyOTIxMkI3&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUU5NDRDNUUtQTg0Mi00MUU2LUIwOUEtODE0OTcyOTIxMkI3&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

52ms
51ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:24 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:306
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2D8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIXk7wO1NrQk-GPcGvKegt8&google_cver=1

42 B
282 B

52ms
52ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIXk7wO1NrQk-GPcGvKegt8&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:24 GMT
cache-control: no-store, no-cache, private
x-lat: amspug009:0:466
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIXk7wO1NrQk-GPcGvKegt8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 2D8B 43 B
610 B 180ms
58ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 31 Aug 2021 22:09:25 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2D8B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8554564874852016072

42 B
389 B

53ms
52ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8554564874852016072
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:25 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:370
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:25 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8554564874852016072
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2D8B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1b7f612f-fa14-4200-bae5-eeff8916dfaa&gdpr=0&gdpr_consent=

42 B
339 B

124ms
55ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1b7f612f-fa14-4200-bae5-eeff8916dfaa&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:24 GMT
cache-control: no-store, no-cache, private
x-lat: amspug005:0:2613
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 01 Sep 2021 22:09:24 GMT
Server: MT3 3905 f19d76c master zrh-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1b7f612f-fa14-4200-bae5-eeff8916dfaa&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 01 Sep 2021 22:09:23 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2D8B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2853e95c-6c1c-4c1d-ae40-bde5014bec2a

42 B
447 B

111ms
52ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2853e95c-6c1c-4c1d-ae40-bde5014bec2a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:24 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:291
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2853e95c-6c1c-4c1d-ae40-bde5014bec2a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2D8B
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1359133349976932397&gdpr=0&gdpr_consent=

42 B
520 B

156ms
51ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1359133349976932397&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug002:0:391
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:09:24 GMT
X-Proxy-Origin: 194.99.105.102; 194.99.105.102; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f338a8e7-1af8-40a1-878c-22e03c93fe06
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1359133349976932397&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 2D8B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5E944C5E-A842-41E6-B09A-8149729212B7&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5E944C5E-A842-41E6-B09A-8149729212B7&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2j1EUA1E2uVHzd27Nh40XgEzBC3OylU-~A&gdpr=0&gdpr_consent=

0
48 B

53ms
52ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2j1EUA1E2uVHzd27Nh40XgEzBC3OylU-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 01 Sep 2021 22:09:25 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2j1EUA1E2uVHzd27Nh40XgEzBC3OylU-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 5E944C5E-A842-41E6-B09A-8149729212B7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2D8B 43 B
837 B 108ms
35ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/5E944C5E-A842-41E6-B09A-8149729212B7?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2D8B
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bavCyD37wZt2qMnIPv_dzTqqkZl2_seWbfktbma5

42 B
271 B

51ms
51ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bavCyD37wZt2qMnIPv_dzTqqkZl2_seWbfktbma5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:24 GMT
cache-control: no-store, no-cache, private
x-lat: amspug010:0:425
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:25 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=bavCyD37wZt2qMnIPv_dzTqqkZl2_seWbfktbma5
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pd Show response
eu-u.openx.net/w/1.0/ Frame 200C
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

1006 B
562 B

95ms
51ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 66f1eed63d87d8ffeddbfec298e6b256328327128b29d79f87bee483b89b0d4f

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=e0b48f81-f2d2-0096-3b8f-1e007e2125f4|1630534165
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=e0b48f81-f2d2-0096-3b8f-1e007e2125f4|1630534165; Version=1; Expires=Thu, 01-Sep-2022 22:09:26 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1630534166|mOgeginskin0vNomiygu; Version=1; Expires=Thu, 16-Sep-2021 22:09:26 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 01 Sep 2021 22:09:26 GMT
content-type: text/html
content-length: 543
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

set-cookie: i=e0b48f81-f2d2-0096-3b8f-1e007e2125f4|1630534165; Version=1; Expires=Thu, 01-Sep-2022 22:09:25 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.214.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
date: Wed, 01 Sep 2021 22:09:25 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame 2FF9 75 B
289 B 413ms
136ms Document
text/html 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dEJ4uepHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=dEJ4uepHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

cache-control: max-age=86400
expires: Thu, 02 Sep 2021 22:09:26 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Wed, 01 Sep 2021 22:09:25 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame DD42 75 B
289 B 412ms
137ms Document
text/html 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dIiXMspHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=dIiXMspHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

cache-control: max-age=86400
expires: Thu, 02 Sep 2021 22:09:26 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Wed, 01 Sep 2021 22:09:26 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 v2 Show response
de.tynt.com/deb/ Frame E15C 75 B
289 B 412ms
137ms Document
text/html 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=dVJisCpHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=dVJisCpHar6P1VaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gofobo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://gofobo.com/

Response headers

cache-control: max-age=86400
expires: Thu, 02 Sep 2021 22:09:26 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Wed, 01 Sep 2021 22:09:25 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3-29

200

sd
eu-u.openx.net/w/1.0/ Frame 200C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=4RW4tbVj1Mlyqa5

43 B
61 B

51ms
50ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=4RW4tbVj1Mlyqa5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:26 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:09:25 GMT
Server: PingMatch/v2.0.30-669-g517f080#rel-ec2-master i-0670be21af8977517@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=4RW4tbVj1Mlyqa5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

sd
us-u.openx.net/w/1.0/ Frame 200C
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
https://x.bidswitch.net/sync?dsp_id=59&user_id=04c09608-35e7-4e8d-a673-4e107c28f056&ssp=openx
https://x.bidswitch.net/ul_cb/sync?dsp_id=59&user_id=04c09608-35e7-4e8d-a673-4e107c28f056&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4bd75160-9c0e-40ad-b0b4-a0a4e54e3fb3
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=4bd75160-9c0e-40ad-b0b4-a0a4e54e3fb3

43 B
61 B

50ms
50ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=4bd75160-9c0e-40ad-b0b4-a0a4e54e3fb3
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:26 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=4bd75160-9c0e-40ad-b0b4-a0a4e54e3fb3
date: Wed, 01 Sep 2021 22:09:26 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-29

200

sd
eu-u.openx.net/w/1.0/ Frame 200C
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7815508401945729883

43 B
61 B

50ms
50ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7815508401945729883
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:26 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 22:09:26 GMT
X-Proxy-Origin: 194.99.105.102; 194.99.105.102; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f1f834c1-87f9-4dda-9436-f33d3671ec05
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7815508401945729883
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 200C
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDZEZrN0NYX1FBQUJwdVRzMkNDZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1&_bee_ppp=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAV5E7CX_QAAC_tkY7Beg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAV5E7CX_QAAC_tkY7Beg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...

43 B
163 B

271ms
147ms

Image
image/gif

185.86.138.144
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAV5E7CX_QAAC_tkY7Beg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 22:09:26 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAV5E7CX_QAAC_tkY7Beg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Date: Wed, 01 Sep 2021 22:09:26 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H3-29

200

sd
eu-u.openx.net/w/1.0/ Frame 200C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f321612f-fa15-4d00-9e0a-8fae8e26869f

43 B
61 B

63ms
62ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f321612f-fa15-4d00-9e0a-8fae8e26869f
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:26 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 01 Sep 2021 22:09:26 GMT
Server: MT3 3905 f19d76c master zrh-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=f321612f-fa15-4d00-9e0a-8fae8e26869f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 01 Sep 2021 22:09:25 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 200C
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=SSNHARlzRFFSIhRXTSVYBElwTQVSK0NfSiNeC8FL

43 B
122 B

53ms
52ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=SSNHARlzRFFSIhRXTSVYBElwTQVSK0NfSiNeC8FL
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:26 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=SSNHARlzRFFSIhRXTSVYBElwTQVSK0NfSiNeC8FL
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

sd
eu-u.openx.net/w/1.0/ Frame 200C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6995772497767755417

43 B
61 B

50ms
50ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6995772497767755417
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:26 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:26 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6995772497767755417
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 200C 70 B
264 B 62ms
61ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=3318b0d8-5b55-3f61-6159-d6e81a061609&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 200C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWY3NzYzMTItOTIyMi02MWM1LTc0YjktOGM1MWQwZTRkODY5
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWY3NzYzMTItOTIyMi02MWM1LTc0YjktOGM1MWQwZTRkODY5&google_tc=

170 B
188 B

165ms
165ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWY3NzYzMTItOTIyMi02MWM1LTc0YjktOGM1MWQwZTRkODY5&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MWY3NzYzMTItOTIyMi02MWM1LTc0YjktOGM1MWQwZTRkODY5&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

sd
us-u.openx.net/w/1.0/ Frame 200C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJjmIZaqqVET5-yVchU-Lpo&google_cver=1

43 B
61 B

51ms
51ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJjmIZaqqVET5-yVchU-Lpo&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:26 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 22:09:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJjmIZaqqVET5-yVchU-Lpo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 135ms
135ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.22/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://gofobo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://gofobo.com
date: Wed, 01 Sep 2021 22:09:26 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=72

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/	1970-01-20 14:26:46	Name: lidid Value: f39775bb-6e33-48e7-b6c7-a2936c77edfb
.gofobo.com/	1970-01-19 20:55:35	Name: properSessionData Value: eyJ1dWlkIjoiMDExOGRjZjgtMzI5ZC00OTQzLWI1YWYtNTlhNjc4NmI3N2UxIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLjAwMDIyLCJiaWRfYXZnIjp7fX0=
.gofobo.com/	1970-01-19 22:21:58	Name: cookies_cookie Value: %5Bobject%20Object%5D
.gofobo.com/	1970-01-19 22:21:58	Name: verizon_media_cookie Value: y-80RBZ9tE2uGz_LYl7P1g_41BOyoxgfit~A
.gofobo.com/	1970-01-19 22:21:58	Name: mediagrid_cookie Value: 793bae66-bdf4-4a77-9a1e-3a9555944a64
.gofobo.com/	1970-01-19 20:57:00	Name: _clsk Value: 1q2f4fy\|1630534160556\|1\|1\|e.clarity.ms/collect
gofobo.com/	1970-01-19 21:05:38	Name: AWSALBCORS Value: qC3/dOGLcWl50P+d/xNnSvAk9Ikjw70IVO0yyDEcL2ZYTvYcmBiYeBAJArKgpljaYU6fzF0IQxM5MRLsGSf6ZtUBylo2zYEuklfcOQgdsaIFdF0nvQyJVUfsiC/0
gofobo.com/	1970-01-19 21:05:38	Name: AWSALB Value: qC3/dOGLcWl50P+d/xNnSvAk9Ikjw70IVO0yyDEcL2ZYTvYcmBiYeBAJArKgpljaYU6fzF0IQxM5MRLsGSf6ZtUBylo2zYEuklfcOQgdsaIFdF0nvQyJVUfsiC/0
.gofobo.com/	1970-01-19 20:55:35	Name: _hjFirstSeen Value: 1
i.liadm.com/s	1970-01-19 21:38:46	Name: _li_ss Value: MgUIBhClEDIFCAoQpRAyBQh6EKQQMgYIiwEQpRAyBQgLEKUQMgUICxClEDIFCHkQpBAyCQj_____BxClEA
gofobo.com/	1970-01-19 21:38:46	Name: _lr_env_src_ats Value: false
.gofobo.com/	1970-01-20 06:20:02	Name: __qca Value: P0-1231587746-1630534159790
gofobo.com/	1970-01-19 20:55:37	Name: _lr_retry_request Value: true
.gofobo.com/	1970-01-20 14:26:46	Name: _ga Value: GA1.2.1684242527.1630534160
gofobo.com/	1970-02-18 20:55:34	Name: _li_ss Value: MgUIBhClEDIFCAoQpRAyBQh6EKQQMgYIiwEQpRAyBQgLEKUQMgUICxClEDIFCHkQpBA
.gofobo.com/	1970-01-19 20:57:00	Name: _gid Value: GA1.2.887815343.1630534160
.gofobo.com/	1970-01-20 05:41:10	Name: _pubcid Value: e691e68e-ac58-4e7a-9cdf-4ac1795abe5c
.gofobo.com/	1970-01-20 05:41:10	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Sep+02+2021+00%3A09%3A19+GMT%2B0200+(Central+European+Summer+Time)&version=6.12.0&hosts=&landingPath=https%3A%2F%2Fgofobo.com%2Fmain%2FtrailerDetails%2F68520334%2Fthe-guilty-official-teaser&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.gofobo.com/	1970-01-20 06:17:10	Name: __gads Value: ID=9ff4287807b9e2a5-22a3c10dedc80067:T=1630534161:S=ALNI_MYM_jl0N-ZjV9FcePbdwwn16_HPsg
.gofobo.com/	1970-01-20 14:26:46	Name: _lc2_fpi Value: 0304f7a82132--01fehphk508rwdr0ryqvcwe2zm
gofobo.com/	1970-01-19 21:38:46	Name: sharedid Value: %7B%22id%22%3A%2201FEHPHKZKAZR9GSB6AZJZKMHM%22%2C%22ts%22%3A1630534160372%2C%22ns%22%3Atrue%7D
.gofobo.com/	1970-01-19 23:05:10	Name: _fbp Value: fb.1.1630534159675.734777210
gofobo.com/main/trailerDetails/68520334	1970-01-19 20:55:34	Name: _liChk Value: 0.9066753744859077
.gofobo.com/	1970-01-20 05:41:10	Name: _hjid Value: f3c646d9-74e3-436b-870a-6cd2702afdb6
.gofobo.com/main/trailerDetails/68520334	1969-12-31 23:59:59	Name: _dlt Value: 1
gofobo.com/main/trailerDetails/68520334	1969-12-31 23:59:59	Name: loglevel Value: WARN
gofobo.com/	1970-01-19 20:55:41	Name: gfb_session Value: 6uh9ad8tfok4voh94bmcoc02frrev0j3
gofobo.com/	1970-01-19 21:38:46	Name: sharedid_last Value: Wed%2C%2001%20Sep%202021%2022%3A09%3A20%20GMT
.gofobo.com/	1970-01-20 05:41:10	Name: _clck Value: 1y2butz\|1\|eud\|0
.gofobo.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .gofobo.com
.gofobo.com/	1970-01-19 20:55:34	Name: _gat Value: 1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Parameter 'currency' is invalid for event 'Purchase'.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USPAPI workflow exceeded timeout threshold.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: CMP workflow exceeded timeout threshold.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP not found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: GDPR CMP not found.
console-api	log	URL: https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser(Line 97) Message: success
console-api	error	URL: https://c.amazon-adsystem.com/aax2/apstag.js(Line 2) Message: TypeError: Cannot read property 'getItem' of null
console-api	info	URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser
console-api	info	URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://gofobo.com/main/trailerDetails/68520334/the-guilty-official-teaser

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3ae4f9a453f681a3a3c1c06bb32960f2.safeframe.googlesyndication.com
acdn.adnxs.com
ads.avct.cloud
ads.pubmatic.com
adservice.google.com
adservice.google.pl
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
as-sec.casalemedia.com
asset.pagefair.com
asset.pagefair.net
ats.rlcdn.com
b-code.liadm.com
bids.proper.io
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.ampproject.org
cdn.cookielaw.org
cdn.districtm.io
cm.g.doubleclick.net
connect.facebook.net
d2u384mreupnc8.cloudfront.net
d5p.de17a.com
de.tynt.com
dis.criteo.com
dk2d6nav3mn9d.cloudfront.net
dmx.districtm.io
dpm.demdex.net
e.clarity.ms
eb.proper.io
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
geolocation.onetrust.com
global.proper.io
gofobo.com
gofobo.ticktbox.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.sharedid.org
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.youtube.com
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
proc.ad.cpe.dotomi.com
prod.perf-serving.com
propermedia-d.openx.net
rp.liadm.com
rp4.liadm.com
rtb-csync.smartadserver.com
rules.quantcount.com
script.hotjar.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sli.gofobo.com
spl.zeotap.com
ssc.33across.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
sync.mathtag.com
tag.1rx.io
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usync.proper.io
vars.hotjar.com
web.hb.ad.cpe.dotomi.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.dlx.addthis.com
api.rlcdn.com
104.109.78.125
104.111.215.191
104.111.219.144
104.16.190.66
108.161.188.128
13.32.118.17
13.32.121.3
142.250.185.98
169.50.137.190
172.217.18.98
178.162.133.150
178.250.0.163
18.159.171.176
18.159.182.76
18.66.109.174
18.66.112.122
18.66.112.30
18.66.92.64
18.66.97.10
185.29.132.241
185.33.220.244
185.33.221.15
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.86.138.144
2.16.186.186
2.18.232.130
2.18.233.180
2.18.234.21
20.62.48.180
213.155.156.168
213.19.147.42
213.19.162.41
216.52.2.39
2600:1f18:444a:4602:4614:a08b:388f:2234
2600:1f18:730:b150:9292:c5da:e647:d689
2600:9000:223c:ba00:6:44e3:f8c0:93a1
2600:9000:223c:ec00:8:8845:1500:93a1
2606:4700:10::6814:b944
2606:4700:10::6816:1857
2606:4700::6810:9440
2606:4700::6811:4f22
2606:4700::6812:acf
2606:4700::6812:bcf
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:27::cafe:2154
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:800::200e
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c0c::9a
2a02:fa8:8806:20::2100
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:3::300
3.126.56.137
34.149.20.76
34.210.245.148
34.213.121.83
35.244.159.8
37.157.4.25
44.226.64.252
44.235.82.75
51.210.112.63
52.142.114.2
52.214.235.66
52.29.213.60
52.30.92.119
52.57.222.152
52.58.12.132
54.146.217.90
54.194.53.150
54.36.109.156
54.84.63.116
67.202.105.34
69.173.144.138
76.223.111.131
94.31.29.248
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
0441a6694dacc6835008558d977f65ea12dda344aa19989937fc4baef922874c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
079b7d9c4718f1116138c007754f5d87b992fafe73d0a066592a7d4e958e049a
0abcc9427a6673f19254270c4c92fa1c8179e79e54d8961434537bcee780f07b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb
14bbd7dc458547217e73508bdca93db93d281dd7cfb2fec8184fd145dc8c8538
14f7de6b616950395062902eb8f70f01c0a901223db5d40f2a05728ac4a830f6
16029f893c7cc7fb7964515bf0b56b7182f428b11bceca36fffc9e689fbe12cb
18c3ad9d69f010a2b28ea73c99136fd5d631996a7cd0a5b11e8e6b1d3c48ff5f
1a891fc0d213b1a1ceb5a8f13c61dd9b274e163bd172758318648fad77c9a422
1b4e1722333b8a418079194a24d0685cb14b77df6a2b69aff56d76cba7a54c47
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1d97729299024aa64b03739e244f254966f9b546045de88bd835701a473045d8
24babc4185d2bfe1b9057ad60180c75bd6314c7394887f2f8969445c3105b5d8
265acaa7671ecc0fb94f926ffe9d1b4661006e4924eea3234f1dc72a44ce58d1
28570948520c0aecae6bf9629f949dfaf737593e63a2bfa59149f45ff5ec4a05
2900690278e8dac8de33fa5d408382bde63f759cd607ce481d30463eaf73b7ff
2b901411db170c99ca61aa554ce15cc57a244955bf0da1d9b636831bbd7190d3
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2e3eb27ed780ac5ac845756a51d8120e4a30cd3bb4cdc11ab18d265763373e48
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
34760d3b326d757f095dfeb18d3da4c6f420f809671d40bc13ed920b0daf60e7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36ac80a2a51a5f030f93b08bbd4601e3944accb8152db9d175fd2aeb394b1ae7
37b2807535112a55808bd5da745558576be2fe38a7fa2d87949d6a45fd21e8e3
37f950d9cac10dc60810b77355d0481d46465738bbfaae59fcab5fb9002386f4
3824eab125e2556af52e1151929d8de49a92fef642e4499881d2bb6040614661
3c28b1e7455fd67f101920be78112595a077582ef5a992b9f13850cc2b861e86
3e614afb8de677a0d0cbdc22b5c8ba39b7c26b8228d2fa49cf6d1e8decf8a753
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4349f665a853d8970813d466168d4d2ebba277d4ba4cc57b1a2ebbcb4b49cc0e
4765f0aa381a6e92f4ca707380c01e3834e6bd8ae2006106efb437323ef1dff7
478a01bfa3c2eb215f345963e7e4a89343d2fb5eb5726e248495ea6606c72801
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49bae4bb549c5f46a159708ec23de2405d006b456d79936ef04298ad6de2550f
4d460e6c9b0d0b49df6a39d58934883108101e83d1e7375c901232ca0e0a10ad
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea3d321090cb97cb30e2660c64aa24c5d197a3a27deccbc1ed797e2dd0e778c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
528f9142e0d57fe914cefe9cb890bf6cf5899d39dfed394cde0ba55d2bda29f1
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a56f73a3a80cdb4cb0526e3ee3e9af1e17752219178fba21f473b7b5e106e7
56d31ad13a941747a83fbc0cb352801d35cda752c70e4f70eea695b79bbc3f21
5750d5f9f4a1d00e94aca997fb9c99e465e41778b91f85e1f9bb83ef77a885e5
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5bd5c81ed2892e35e7b6f4fb3809e3539610c1a23c21d93cadaf9385492d8089
5c19a958735b85cda3c841c910a0e45ff2f188c8d532de5dfb21860d2e8eb70a
5c40a9e06a28730cbbb04c7422860aaa83bc1791289c1f76debf10f1c2010a06
5eec5b37a4de1c73a4f088c81a890024f2f5d007de11294f4bb968a4c9cf91ce
6276ec8d74799bf29a42dd02c32637e1a1806919d82ba78fe5ecd73337afcd53
62d956e0d5fc84fcd6b7d2bbd8d13e0dde19d29e3381beeff57d185a2b917477
66c9fd744a3db46f3dce06826004b9f756b9ba03a5b9cdc21d86427e7a688386
66f1eed63d87d8ffeddbfec298e6b256328327128b29d79f87bee483b89b0d4f
670cd3c2119382575d13452455fe2a316b85b08468bb75f5cdaaaf12d3e374f2
6880f6230bbf84d9b731543ae8bfe6d39ba0a6a04091e1eb3545f09308278976
68d525dc844915e4d71d79addf52397416bccfe244e7927fb8d9812cd7d0f70f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6de7b0a3574cf8f5a665d1b932c9a0163d6354f3f600b21ff044f469a1d3f508
6f74c7a92c69ab24c6054008b0432a5de08bc7631e7f4655d2eafadac7503e35
711bc5b0b8c40e39b2560e65797d175e72a89b49ebbc266a7c7b581c4bec4b21
71c835cecbfb0b8626c3e5712ef063831c15fa9b0abfdb347273c6e8477c0438
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76ab9639d9948ade3d2b0c06432f41689c328173322c8eb3da3c60447126831e
77516e87f9273512485c9e6daaf80dd6696b98a3583e83e79e68fd52220c82d4
789370b292863a4c8d56e96d78b683704016735dbb08d7a2aa88b876cb100ae4
78dca59ec8e5f062c1bb51c91706f5b089bdb60797242117153ae032b3c4bd28
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82664a18c949f3d66ba8a6251c55dd1cb28e25620bdf43dcf4611ab4842a10ab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
88d51c99298c6ade08c4e754c7c92d0ccb5af58e71232f79f018dfa4763aca16
88faa037d81cb486dd86f58f5df43d3165e01b69c80c9f9cc85716bab3b56483
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
8c8207e762acd72dd9114ca3e6de823f69ede6c9c5db711dceadefabaf05284c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dacb13db3ff420996c13d89f6277cfd8cf7c04ecbf2ff7e5afd2476709610dc
8dae4f804354d13494c671c278d47b8baa7f73b364cf77ef51c2612ffbd67f70
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
9436816d54666c2f33eb0c6d3d556f10dd70ed6721906a82c6adbf6100a008bc
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
95e18424831a8f04f6bfbc89eca050ff1443848a89ea377fa6c52b7ad82e4afe
9674197b2bb985a8115e292205174fc5a700d4cd0ff9e981ac04e2b4ea4df5e6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ad951a46493b7d422aed00ea837dfff94508fe1a39120ba56f23a99f3c4c8b1
9b64d14f25354cacebf3583dec46e80a5f496584f0d54f43ebe25c1044afb51a
9c92f1ce3ae1fd92146fba299d2dc7aa914d9dfb65b59d2c38d2e1fd29705f29
a08c01d451bd2649996e79c2480e43b5ede3f2833fdadc14ef8ab7a99e7a6fca
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a117924f559cb8da7692dc5a758f590fff1a959d1908f7055f2ec7a3efd35332
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a43eb929a5f667e26f866e75458c0639b56c9da1bc2f47b354d2319e2d712ada
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5be6628169a8548cf8cc5b4b1dc116677995c57499b5f81a7039f0bc82675a1
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9247ce2bd50f80397e8e5ff3538bae254d226d3f9d23b15f16bac61580c187e
ae2b763616807405d6c7a3dd24ae33b6fc25f01866768ac1ca8439722e57d07f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee8ab892144e88f83a00a907676bd1e0e9a83e8a0879518ca3a77f897c8128d
afe3fd34bb642300e836507874a15aff0d549fa68c6500570990ec73f4837700
b7cb70e1076d694f4f8b86a9d00b2c8736899425c41925f051162872fc85bec4
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
bb1613b6665088384c39215af1aaa40f996f9383b9d66d85557c834bfad12cae
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
c32d83b0bcee868363b7e0b83bcb91d3869cadf040a37b2f1d09c9f1ea880ac1
c66fbd9aa8bea7f30b0a58ed13d4397ffee9ccbfa02f6a42155883e2227ecf77
c6f12cecc628dc51b51d6dd6b76df3dbf954be7ba3ba906f4dc13847530173a6
c7550da538809c87dcd03885b3fd788b5fd583f337a1619b5b7692e9f3d44855
c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0118c24df7674b9e6e9d4ee8b3023c97fe6b48d724fa7cacf8460440fa7a19b
d105b0a793af6426ddf8c1ef8b26ae81d889617ef5f248a72e06b8c71d91e1c5
d24e83fb832a53db6e3b4e6452db348b9428436a36a3be2cff207cfb31d0c231
d502121116ea9588bd7edfb519575a09ded0e6daaf30427d6093e03d6dc777ea
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56
d8ec9f4de5cd7b885ea6439cfa4ebae59c3fdda4f371e51dcab6bfaf30b689dc
db0de5884aa9acc96486bee8a22ccaa36c43f3a2574033fd9b823182fb8bef8b
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47
ddd20fbc250587ac6f1671023aaf2180594d9dcd520add2c6b212044b4a2af12
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5471e6216c3677a79cbf10721752fdfff5340e0c29d0b86d436821301edeedd
e5803f20fa6ae42e0cb9c75663efbffe052343c35e4dbf7b77882f725afb6f25
e6943a1d90abac5b3cc437b49d853b05ce8549a0f89e7c0c5d70d54d72efee25
e92c705f444d62f823dc852694d8faabc0afc96f642a90ff7e0c775d29689e8e
ea297a2d925b01d3cdef873292a2d3a087a30fd632d4530b4f01c6b4dfe1ffde
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ecd3ab7f67d96378951f1236e5f5d8dc87c929c1fdb0eef3e38860b89eedda
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff72eb9381c10f07bbcfa3095def0bede7c1f01f7c299043caf8bd51551e7a87

gofobo.com Open in urlscan Pro 44.226.64.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

210 Requests

99 %HTTPS

35 %IPv6

63 Domains

100 Subdomains

81 IPs

11 Countries

2313 kBTransfer

5977 kBSize

31 Cookies

7 Outgoing links

Page URL History

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gofobo.com Open in urlscan Pro
44.226.64.252 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

99 %
HTTPS

35 %
IPv6

63
Domains

100
Subdomains

81
IPs

11
Countries

2313 kB
Transfer

5977 kB
Size

31
Cookies

210 HTTP transactions
3 data transactions