aubtu.biz Open in urlscan Pro
2606:4700:3031::ac43:8358 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Submission: On May 27 via manual (May 27th 2021, 9:45:51 pm UTC) from BE

Summary HTTP 340 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 34 domains to perform 340 HTTP transactions. The main IP is 2606:4700:3031::ac43:8358, located in United States and belongs to CLOUDFLARENET, US. The main domain is aubtu.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 3rd 2020. Valid for: a year.

This is the only time aubtu.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3031::ac43:8358	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
14	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
11	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
39	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3030::ac43:cf9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	144.202.54.102 144.202.54.102	20473 (AS-CHOOPA) (AS-CHOOPA)
3	207.148.25.39 207.148.25.39	20473 (AS-CHOOPA) (AS-CHOOPA)
10	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
6	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
45	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
4 9	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
7 12	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 8	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
7	54.154.115.239 54.154.115.239	16509 (AMAZON-02) (AMAZON-02)
4	54.217.85.43 54.217.85.43	16509 (AMAZON-02) (AMAZON-02)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	34.255.45.240 34.255.45.240	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
5	108.128.95.108 108.128.95.108	16509 (AMAZON-02) (AMAZON-02)
1 1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
4	34.248.169.210 34.248.169.210	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	108.177.15.157 108.177.15.157	15169 (GOOGLE) (GOOGLE)
340	53

16 2606:4700:3031::ac43:8358 (United States)

ASN13335 (CLOUDFLARENET, US)

aubtu.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::ac43:cf9e (United States)

ASN13335 (CLOUDFLARENET, US)

catsmylife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.202.54.102 (Elk Grove Village, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 144.202.54.102.vultr.com

gamezity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.148.25.39 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 207.148.25.39.vultr.com

olipfun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

s.vi-serve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nv.vi-serve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.15 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (United States) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.154.115.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-115-239.eu-west-1.compute.amazonaws.com

t.vi-serve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vis.vi-serve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.217.85.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-85-43.eu-west-1.compute.amazonaws.com

pixel.inforsea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

player.inforsea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.45.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-45-240.eu-west-1.compute.amazonaws.com

call.inforsea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.128.95.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-95-108.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.248.169.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-169-210.eu-west-1.compute.amazonaws.com

pixel.inforsea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
93	googlesyndication.com pagead2.googlesyndication.com bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	812 KB
62	doubleclick.net 7 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net bid.g.doubleclick.net	355 KB
23	2mdn.net s0.2mdn.net	699 KB
18	google.com 4 redirects adservice.google.com www.google.com	28 KB
18	youtube.com www.youtube.com	1 MB
16	aubtu.biz aubtu.biz	390 KB
14	googleapis.com fonts.googleapis.com imasdk.googleapis.com	1 MB
13	vi-serve.com s.vi-serve.com t.vi-serve.com vis.vi-serve.com nv.vi-serve.com	96 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	172 KB
11	imgur.com i.imgur.com	1 MB
10	inforsea.com pixel.inforsea.com player.inforsea.com call.inforsea.com	171 KB
9	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com	24 KB
9	googletagservices.com www.googletagservices.com	307 KB
5	adsafeprotected.com static.adsafeprotected.com	34 KB
5	ampproject.org cdn.ampproject.org	101 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	catsmylife.com catsmylife.com	165 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com	2 KB
3	openx.net 2 redirects us-u.openx.net	829 B
3	olipfun.com olipfun.com	153 KB
2	adform.net adx.adform.net	1 KB
2	smartadserver.com rtb-csync.smartadserver.com	326 B
2	yahoo.com 1 redirects ads.yahoo.com ups.analytics.yahoo.com	1 KB
2	teads.tv 1 redirects sync.teads.tv	415 B
2	ytimg.com i.ytimg.com	143 KB
2	ggpht.com yt3.ggpht.com	7 KB
2	google.de adservice.google.de	287 B
2	google-analytics.com www.google-analytics.com	19 KB
1	google.cz adservice.google.cz	799 B
1	googleadservices.com partner.googleadservices.com	258 B
1	cloudflare.com cdnjs.cloudflare.com	1 KB
1	gamezity.com gamezity.com	74 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
0	24hminecraft.com Failed animals.24hminecraft.com Failed
340	34

	Domain	Requested by
45	tpc.googlesyndication.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net aubtu.biz tpc.googlesyndication.com bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com s0.2mdn.net cdn.ampproject.org pagead2.googlesyndication.com
39	pagead2.googlesyndication.com	aubtu.biz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com srcdoc
23	s0.2mdn.net	aubtu.biz s0.2mdn.net imasdk.googleapis.com
22	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net aubtu.biz bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com www.googletagservices.com
18	www.youtube.com	aubtu.biz www.youtube.com
16	aubtu.biz	aubtu.biz
13	securepubads.g.doubleclick.net	aubtu.biz securepubads.g.doubleclick.net
12	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
11	i.imgur.com	aubtu.biz
10	imasdk.googleapis.com	player.inforsea.com imasdk.googleapis.com
10	www.google.com	4 redirects www.youtube.com aubtu.biz bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com tpc.googlesyndication.com
10	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
9	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net aubtu.biz s.vi-serve.com bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
8	pixel.inforsea.com	aubtu.biz player.inforsea.com
8	ib.adnxs.com	2 redirects googleads.g.doubleclick.net player.inforsea.com acdn.adnxs.com
8	googleads4.g.doubleclick.net	aubtu.biz
8	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
7	bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	t.vi-serve.com	aubtu.biz
5	static.adsafeprotected.com	player.inforsea.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	s.vi-serve.com	aubtu.biz s.vi-serve.com
5	catsmylife.com	aubtu.biz
4	pubads.g.doubleclick.net	imasdk.googleapis.com
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	aubtu.biz s0.2mdn.net securepubads.g.doubleclick.net
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	olipfun.com	aubtu.biz
2	ade.googlesyndication.com
2	adx.adform.net	player.inforsea.com
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	www.gstatic.com	www.youtube.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	acdn.adnxs.com	player.inforsea.com
1	ups.analytics.yahoo.com	1 redirects
1	call.inforsea.com	player.inforsea.com
1	nv.vi-serve.com	aubtu.biz
1	vis.vi-serve.com	s.vi-serve.com
1	adservice.google.cz	securepubads.g.doubleclick.net
1	player.inforsea.com	s.vi-serve.com
1	ads.yahoo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdnjs.cloudflare.com	aubtu.biz
1	gamezity.com	aubtu.biz
1	www.googletagmanager.com	aubtu.biz
0	animals.24hminecraft.com Failed	aubtu.biz
340	53

This site contains links to these domains. Also see Links.

Domain
fatcatart.com
imgur.com
catsmylife.com
animals.24hminecraft.com
gamezity.com
olipfun.com
www.facebook.com
twitter.com
plus.google.com
pinterest.com
www.linkedin.com
www.tumblr.com
reddit.com
telegram.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-03` - `2021-09-03`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
gamezity.com R3	`2021-05-08` - `2021-08-06`	3 months	crt.sh
olipfun.com R3	`2021-04-19` - `2021-07-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.vi-serve.com DigiCert SHA2 Secure Server CA	`2019-06-18` - `2021-08-25`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
teads.tv R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-11` - `2021-06-30`	2 months	crt.sh
*.inforsea.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-25` - `2022-03-27`	a year	crt.sh
*.google.cz GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh

This page contains 58 frames:

Primary Page: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Frame ID: 0E42EC96FE2B37B4EBADE39975175A98
Requests: 106 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Frame ID: C035403428E97AB58105FE0672EA3BC8
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed
Frame ID: DAC07F8DD4DB9980466F4F1A86C6C4A4
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed
Frame ID: C6B7B8DF06CF1453769C69B516D00275
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7002491002409919&output=html&h=280&slotname=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&adk=4015790502&adf=3021909456&pi=t.ma~as.aubtu.biz_adx%2Faubtu_&w=336&lmt=1622151930&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930225&bpp=4&bdt=268&idt=225&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=6252834043920&frm=20&pv=2&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HKpSZTCdDt&p=https%3A//aubtu.biz&dtd=248
Frame ID: CD4F07C36D0F440BF0D2B4D1FB5F2293
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4402329642115120&output=html&h=100&slotname=7390156190&adk=3173750309&adf=3215562993&pi=t.ma~as.7390156190&w=320&lmt=1622151930&psa=0&format=320x100&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930266&bpp=2&bdt=310&idt=224&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&correlator=6252834043920&frm=20&pv=2&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yrKDSX86We&p=https%3A//aubtu.biz&dtd=227
Frame ID: 0D4DEAD01BF849E76A6B8B31EF47A3C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4402329642115120&output=html&h=90&slotname=2329401204&adk=2953745035&adf=1801062927&pi=t.ma~as.2329401204&w=728&lmt=1622151930&psa=0&format=728x90&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930269&bpp=1&bdt=313&idt=231&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&correlator=6252834043920&frm=20&pv=1&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=g9V9DhFl39&p=https%3A//aubtu.biz&dtd=234
Frame ID: 44FBD9ECE64458FFF5979BDE34D08FFA
Requests: 11 HTTP requests in this frame

Frame: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DFEBDE2C285AD4600314E1D49A170815
Requests: 1 HTTP requests in this frame

Frame: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E3A4B1305EC2DBBF95CE26AD19071E4A
Requests: 1 HTTP requests in this frame

Frame: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A66D4D7B7DF8548F8F5F68ACAF722E14
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIisGRD6grHRAhie4dqpATAB&v=APEucNUEUvyQUkwpu_LC-OVeBQ7gWfir3XmWLg84YcByJrwXg2cFwbNlnWX1PBRWV3Aqe8u5cGiy06LLqPmZHd-bf8U30xq3RcxPDey4QRZzSeMhy7oDIjxaP_k9r0pp_K4l6x23yRqMImQIb6J4H_P3cFbsc3O3tN-2eNiUgf9HvaKLw7Bts6c
Frame ID: D819F0351AD2032FF7A4E6DEE65BBFA6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js
Frame ID: AEC81615A2603EC973D2A460B22CE412
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLVtgEQ3bycyAIYqNispAEwAQ&v=APEucNVqA5ijPQwqKBRjFJHgilpz4_tI5F_3cmT6LDhXOlwYz-CVFLCaWbOsaWTxQZ0iCvBOrnR3oWfTPach9vI1xy04MPwJICzzIIWYR9tpdsO-AhWiXEEZwL08boJhXUXNMxLAGxtiq8p6PhbB_l_3IuLIy57ny7PdPLntdfvBypgJ3_1WzRM
Frame ID: B901166F34FD4DB374630AA8624D9BE8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChPqHoT1lC239NcHQuh75VS0-T6Ilg_KGh47olasBCSg4vdH-p0tQs7Y4S9Q11E56EBNWZYCKz9MqXxtMWTnwskK-BPI7Yt4U4CRlO4tYqfqKJ-leSescRDpiRoTkRlb4i_J2WmIYNa5H4XIUX0b0C-n_7vA&dbm_d=AKAmf-DB9f8SL0EZQ-8wurcrBoc8OdzdTrOov_pHnPKUMTut2G-4_dpZFsnlztz5rkGj7m7b_5z3g3yDLEUpdFYcR-mlBeBD4rfp6G-qHhVlSKARW8qJh7xMKTB7b8AFhhZaC8rQxErMMZ4O-xKkgWgOnPHNxAIu0jwdJdDGlX_Tk0kh3UmjVsPhyy3haINoIHowhakV-vUkzBjs0oUaynDMFCzbCimls6GRdoCOzrDuwfP_i4SVPoZtk4tsEO0fg4QWbG3yOyNmBuM40lrGhwpdv54qvwJuGBbZw4R_Qt93PlY5RZXi8i06jQDswEAdmL33A9LWjqiKOukGRzZbLc5xc99zGxDAw4JgtQBhKY1bSO1MU011J-CQ80t-bP1fckRZ5uiuHp3m99nfHkjD03D58d_hC6cLlhQ6XR-atgvdqCuVMame_z3BXcW1qOP-fwSqtsS7OJuz2d9HHC7tBSYXMDUB4_QxwWLeNQ5k5QPn8zLZ4jrxrCCu1RU7cX0z1E2P8prGms-wFAAXK9bojA-HkbWuCwsADnX7zc-dPH2bTB3eJdbnvM6dor9rS246tkECNVUxckDEmh209cBfB63Fu5zg6_7FIEwlLDvf0sZxj6dpKFaAPAtic4NRBqZk6uRClPXLWxby0SMDh7Ol7TKEU_OIIGLgCo3jTAlDrlv-O-Ah8rEjyVhcUKpF8uVDQeyOT8uFxVEY0e7kCZp4Bfs0qlW59-0bQQDnTHu4qhbkDJAuuoktBDeaDv-SIGtBuOXuUXrdaEl0Zqf0P_9vuYeJKTsRuHREpPk1nfVbRCn29H7hOOPz6mkgcwCqxRW9G9-Fjbf0NYewjF7T3T8xiE1OkQqpPEgWoNd7rreeLGGZpDKrrc1bMcM_t4hgxYTf5fat2p5XmPDYvCHDTpYHkDqNomZz7EHJeLjgZ9E2epCo5ddoDfkbbG52nmtmus4LHbXa9Sy0eXC13DVELaK381kUhzhYK9RUegEzhMLarOsOOglcT2piUqStdPnYtthqMv90ly0gBXNNeiNErN1UmY5w-yZJuRxQT_3h63VxcG32hXlIUZQOYncCrXR_WjAmxVApv7aWZMkaABZIFVvOrRyE6uOv2xyuqt0yNZg2-M6RLiSpTHMe0e02r5IyBcKdkJSLJugm-vaY3d3_QM34sHIEQYGGpesM_jSQE2e72jsMpe3gbtIzMkKJ5lyvsSGuR8SDlzf6tMNksx_1nMX6z2x3dd_qqE86kH7xXsBPC9CLmj_XaPTgbowp_AcHgRfx4c7sp71gpYdBzNvH7nU8Jg51cUV3QFgFOOcNorZMjWS35KPdJrUqmrPLFT2n_OKNqyyKAqWhllx-_vvcTrDTHjixjGF5nUTUUlFGi_nY9mXyF43YrlC-mP_g8rrMAt7tFjXQFIR4vl6nHqoF8-jqGnbGJhzt_Q5FFGCkG75VIMtMcNZ_nxRn8WEYT3Tbw9rgSxtvKfo1x2sXNbIu8ufHhQS6-V3aJcdWE5nrfYElmSXCQDqGm2f4X_70klZDgr1aWPIk_IjyKvyW9LKiSpFVqKriHj9V6s3ZfpI3_mTdf5gkNKbCXrZ9wc7CT16h22KZ56YRlkfXKXNrM0uuxel6d8FJVklwT-vGz2B79pVFFQO4AjPMku0nJahcjr3uLryu8-bw7RHz2aPDLHH3PRZ980UurgDnoCgh11f-W62A9qsbelFXSC2eCfuQuia9zHSr0aAmDZquZOlgkx0WXFT8d0mRiRwO3MXMnD0_fPRYgZ-Raw1wyJPXROMr_ZZ5B2JfC7aJ7t6ZksICHjz9y038o_viL7TG5TzGmPznhO0QCfohL7rUTu9TOwo4H-ydAX7MrCmrjwPERGEkIU6KTBVos4pVKT2s8HUCv6MAK_RiWgUVUUDegbSoocK6CwcmEcNhMekW8JnwoJljCwHDx7zfYwgdRlTZfN6f0XZE4pEvDut_vF1DMZ9oLQnZcGMLsl8BxEDHNIs__ZHWYGmx5D6Bg6TpAqBmTDy0I-Dhv5ekH-EY_IwF_HNe7LmnnqB-RMy0_XUGVJY_0_-UdHSlY0glcQnIIsaFjsiF1yXMZHZo0MQPzsyRPI1k93tgpvjLMJUeTaTDOrNctQ242GyOS57zxY5MKDjYCmBGfDWOWxLUABbHtsumZuco83mfemMn_VTNnjPJyDA91OdD1LxTTlGzYFadNB6ZRshmzdZ-BaIMdX6VjazL0U5VlFIYOq_WEecawad-8jEjQ_NnUY0LaUzDO5hJdhG8cdCm1yGrdprndUdHirMYfeVDZ0F46u_2Lfi3aVlYws3_DTEkPy6i_uXKNyiQoXpCa-iM2klPmI4e1gGUO7MTnI37vzV6jn7AmCNSqVjsRpVRJICMa3YFUdTFtcNlSPMf1BbgVgWWx4p-IlC3wjkFG95yHwVf_UOLAsFa6rVXQhpHbbT5JVYb5fAo_zCF8LUh62OowYh94fDnVNZvb9P8vnjhEdzOS0fyLukbPggtOiKhN7bjqxj5iiMEVkTGv4sQ-sUhw8xthOUgZV1Jt4wtz5r9uYz8sB6jD3bRrmIIqNxXXFcTkgMmQj_08f7Xs6HwBdXO3EULv6wgI8roDzPaz-4Rn-qRTv9vi7Z4krjqZiFhJ_KrGdjdRB71B6nlOuzSguS21l0RMxy63rtYyCc3XcXCmzf9VT99sx0sPgQof93Y6cyI0_g7ZeKy4I8Jmq6T4FOSY2WdHdRTxawzizw_awKXUFaANyMXEGnzDX8U9I56KbT1Uun2Bz_zunFZzTDNd1sH43SmX-is_kwuaZjJpAHnhNrCrBVswEEaddqeUHvI7aucCm-uFLzswn6l_D0xzGB5HbPR5X61XBao4Gsdv0I-NBGuhGp0Hfw7qgcY4GNbBM5cP39BXviqgGFYjnphqzpRGxsJF1R5CUfVNEGbs-K6uypBWx2sA8TPa85jojqm8sLYWVGtR3Ghqk3zQAwQpWAq8SAWzyiYg8SCIAVtiDPDcOAZ0Rih_GqcjpL4Vo-4-7xvl4ApAnwYLX3na6zj53sOB_IeJBILOLSPGh9WDKoA9GW__LVtlT8ZsLRSmQD3eifXGFk-vQHsOz8vHCE40DYJWwcIo65erIWVoeFR32BUp_WV9k-nSWU6OFng-YhiqM3f5nLoXzOeGHzqaX3NU0eYAtQKXQ3GvorjTlR4A2QstqzHfp75Uvrxa03ettJKdYe3&cid=CAASPeRoHnCf11SSSehGWVybgUP6OSZNbE_-4n11vp59mqWOVRGoLL_mMO8W4SH6l0uDwWdANZ2TCe12I_59byQ&rfl=2%2Chttps%253A%252F%252Faubtu.biz%252F%240
Frame ID: BBDE382E0BF32F5C21A1A0D55B427F36
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D763949F2770A72925DD231A45557046
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQvfqfARi8l9qUATAB&v=APEucNWzI-OJUj9NTkjYciW2hGJQ9dfYKb2W59t-GyjVvJ0rxQZgL_xHNpXEX7kio1Bbh9j48v4KUiwJX0UFkanuAH2X2aQoZHNZ5gJXP-WHsL5pum_89Iq8i9OnI9riMOfgNrF2RjvdgC7kG9ZE3BXNvF6t-9mtSo1PsL8nUibtgA6TqYz6dKA
Frame ID: 8304BFCFB90AD234C1A8FE26584EE587
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADUgj9jmmmjjNbMksMReWy4-gUzVpWUdX-y7W-ndUMUwuD0m2ZDteBDWkUCJXvn4PuG_kdqQRLpAifLAaViSyvSwA742caoENva899fFpMw84qMcETi6giv7t3uPuICVtDo2otFVN-BUvynVw3rFTmgtp7fA&dbm_d=AKAmf-DrKPm_TsX9DxFlPYPkBiang-q6MR88bGw0NvWQo25Sj2njmqywchXLMSaFik3Xis8Mcp5Rx_Cz1a_q7lyfCPPOoX1_zxsBg0M_wElUhtdwzy-938Ae-5SyddM19QVOaD3qei9fgcoYJIduu6aTrWIJqzAow8HlDWXbECiJ2Q1AqdDcmNRslHqvID6pgTRr7NpcfyiAyCXBfii9dWcPFAXcMIjr_qERCv1ZWeC7BUm4cLwnMYZ0BszBzuaOeEtw3vSiT2ILAsXQ4hhp0rJ4jCNAqPiwarJgHTK3UB0tyChba_my7gdxY2ENWFPiRH_h6yNTFJaGAK53IpXTKH0dGilvAZI1hdycFA_e_Yj2G_Nbe2npjcLNbS3xmrOH56Q3fsskoDjNmBplsvAp84pGc__QPCqWSr4CRtDWI4jppT0bTUeBPkxNQUnx5c4YtaSsNQm96ga9iI2u_IMpbFv9vN-VZMfaxFoHSxI1RE-exqf1ZB_AAJr-_dl9b7g2IkEUkIWP280rC-6rZC0l4yTW4-5ej2pv6LCTjCu39sepP0SspWfTBVsHE57NCpkZZ55fVceMdyiTcKBVnCw-8wb4PAX2DUqm14qEX_vVP_9wY23iAayG_ujUvatA-U9Ck9wqQ0uTmW1TGpTRiRyv25Bi0odPpvzUoFkGNgnowJPBVbWwrPHGJ-MuywpWiNOaDa-5sHlgRQGBWTVmJXBDzyLSG-fqpS4HyEzGG_TSyvSWzOv2h4wH6ZfGOJJf3mnO7vFNphGrq5bn3R0nNc4kSzxh0_HZ_l3WyXWma0kPCgk18sBoL7K6DmitvgHaq_Jpv_OqlOeU_02xiPxdf9MknEjskHxDjbd843vypPg8w3XfR4E-Pi-xSmJosmdNUibkVNpqctxq1Ze02sXyRx7ThPbkuKvbbCu5PIZ2atHnqz6xLqIOBpj0xST9k0SWYLnMmeLyuauf-R9BHMTmeB4osVlR4wmV00Z48TVvDlBmaP6XgU_GReVAZqVbjMEPFLytNnpeCNxl2-YnqtD6VCctSjRJMlhrudeFGc2F8bUj0K3s3tYSyUyQUbQgb-Dr9QJIGPcfC2QIIWwS_MX4OQYftSzI4vx09K-QGT9O8_0IEImk6XgKn5BDF7BnaXYsz3uyzbtsBPyI0eAYlzkMFqXT9MkEcUotQ6SBsgVpFz3q3Ecoepf187SUAHKO9TPakTuFexUCfWbVldolqqP2gNWvRh57KLJ3MiwARFB1Vi6E0fkEXzpFM3bHdD4elXFu60hiZcr4XcI-IEU3U5BU5KiFGBcuQJzdOKbL3XOHanB0YoPJUV_kvmDkDi0MJV3iBHOB3ZF2qYjonYurT-rRrQtLtTamw3J5OHi_Np8FFdym2O2B0JEkVf-zcaKFh70I6sCHwO3qMyADRqXB-Sry01io6ZMwFQVhSsqQ-EAAe9M6Frindnh2uqr60JocquXGn8g45fVh5EWWeaLxYa1mu5EU1wG8EtT5sintrYb757qUUoGpyF6nWjcUqBcGqUJHe0urX1XnPknBdLGPZxcJ-lvckGVSzW15WGo6lGjqFspI-Em48G_nnjt0mP_26QlzRa18NpArwPj7lZahqI5e4TUl-XWaWywngJMO_mUU-i5YOshA_il0q7p544DXe32rFSMWvUvfI8J2RKyWCyjLY2umunoaHPxolhKMquJ1cpQZDuIm4wd_MXYxaEBEvIwG7GBcy06qM3zY-zDSSxLEVv6bxttbQwDKcsR6AA_qkoGkZT7yx_drxrslYqiZD5LQbPFQxk11K1uNsTYHl3f4QnMY59o2zlATfRFAey32Gv4M7mjj6g2vOHxYNugcTLwSdtTuTnGkbtqxPc02HMZ8TAE7eOa_fU8E57nD-mbNrE3hDB-pWy7YtL0j7VHABXyYty9kwP3Xwu0VvZijx70TMLEmdVzQZv54Jzt-0zim9qvU7ki6cadxaPSOOQcfSSfeYfldk6WZM3HmTGgaebU-mOreREW6wjnSXKHHOHRVFHbtABQCf-wA7dynm0xd276hRS3nIZGWFGN_EkALcW1DJqjZfk6_t9LiCW8DrmdWQVl9VTlr8wy3K99AKM0bWnKCgs-Bh9t0FOuv1AnNJjPX9P0qi0oPfVDpiVbQZrh3VP3eaEDpqw5F1jI7FTUagE9R6l3yySqvfVnSdx5toa5djULK2eIIypMHiMT6_MXSuSu-qA5DKLlfF7J_5Fd5BDmUt5pcRPDXVxDybFLb1vKC69Go5oASwy_TPmpOqk6kcYjMIYytTPtnl9aA4pplpLtxquSDh3W4eNjZgacHD4rv5WtqM58PEXknzIEf4pA74HwpoV0b0yTf4r3AG5Pds6SVjzHz1tWOh8QiVpBwymxQOlNRRB1dlKZGnSnfeAfcccGXCYZ22niPLUckM9A8THzPpW8rYY09aDW0IhhTRy40cyHy4AZzqaa7FZmZrsyVdfcpHFOECSnyFBmxe4WHWn5yGEMgqvE5HGeAKbxZl1d3I9ZYPBr-dq0bUMAh_CBa_UIkBBMIfCUs19h29UOVaJnDStACwmJLshNa0GPLy1A7kIhEvzQAP46AjsNzBXnPflYRo5cWyUyhSSVP_xLponkh5xOB8A4wL01Ht-NWSdpKqlZX21kxfVTeGYWaJloJ80YCpCzbLSPkL6yGizI0oakY4WB00-VgnQdUhqljGiS11yo0piSI3cA4REAmEwk3lJiPsb8cd8m_Y6P0oIq1EZhU7HS7Rf_78T-G2RUzdJg1yPkXM2-4J_GRupmNCzIFAlhPw1xGbciH7Ilb82MgNrPzy-PdnLmOUK0rL1f_IBTswA8kD02DECrmwl6UG_VxwHbkgaurx8dAYYgQMV4wMAWpZOhzR6NSKL3C-f1P34F3gBfcO9CZcrldYo5FGrW7ubP5s3DY1RBk4ipmgA-o5ErBUUICGQnHHregWVcxZEGOdY5Bl-9N5lv-YYF4ITili7rr4jTTkQ5PkUt2tMdD6iw50ea2RBQBoOstzDSXO7gFJJFNWlZ97uqaC0MYTu0_yJfthN_fe_nfM61CzICkO3gZDS3cr4P02i46wtt3a24tdsjv8hTaTIV-HEGTrEc2oYPIzM_L_90qiOEdNM9voqA7LFiUjieQXOvr7yOLWLnpCGP9yTvTZOyMZA8DRL52Cp_IZVPkU-KfgK2T-p4WLd-k3oILtzdjvwvznTVGKdLPJogGnbKV1Bnb5dxbm5ioxt6xwa_NKpGMIP-hXVALJV9swgaKB6wWUojFStKS3VsCK0-AT26koXWOjJZdqCjbrNPC-xBOBZ6UBay8pN0&cid=CAASPeRoIDwxJu5l3i5R1B93Tw7fYSL1focV6pJ04BG1VozBj86IZRRcX9SnUmYX9kOjz6LbW3bZUFD0WjXiwl0&rfl=2%2Chttps%253A%252F%252Faubtu.biz%252F%240
Frame ID: 463223D37B2F093937284D581DCC1752
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ED8D8E23AA6DC4E7454DF3860DD3B9F3
Requests: 3 HTTP requests in this frame

Frame: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0271AB61A995E88F40C261C70C99FB14
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/index.html?e=69&leftOffset=0&topOffset=0&c=kAQ4CpmsXR&t=1&renderingType=2
Frame ID: AFA83F171DDFFF40F59037EDEF4282D5
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/8278902/1603734231174/index.html
Frame ID: 6492E13603E51872B53685CC94917971
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Frame ID: 637B99ACEA67C0D6426225545EB7A4E0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 01C5037DE1CC710D71C082F537EBF809
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html
Frame ID: C7023D47D3E9D5B33048468E4B0CB4A1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B2F56BA6A1DEFBBE29C4A6348BCA8693
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B96823AAAE9A9CBD412D617474CF618A
Requests: 2 HTTP requests in this frame

Frame: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A28DD4AB370CF3B5F4C792E8321825EB
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html
Frame ID: AF96750768C077DB4BE11127D3AF79F2
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032105242203000/amp4ads-v0.mjs
Frame ID: 1E3A93157CD178C118C5A51928757B14
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Frame ID: 17B3FFC08E02979A2E4D6F44F254161B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 70B9ECA3C397077B4255BA7B4E3AB607
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: D37E0D8A8AB07AAB5714E3871A1242DE
Requests: 3 HTTP requests in this frame

Frame: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BA5C226399E18139B3A11FE888F0BBA8
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu-4wIQ1qTt-AEYnuCfpQEwAQ&v=APEucNXCymvJSu3ckkph3jXKLl_fRbsFEq-6JtdjvxZVVMBSK5HNiug5jrncMMurkYQORXWGfQiMEJnHrndhI-H_kkGQM-FYFNFNzIcoGyov8CxYqiH0E3M77uCMIG0nSNANyosu8BilCjd4C7upYP6us_jIFJe-JRdsXWLZcrnGB4J47j0XqHk
Frame ID: 466159DD5EBF0DFE8924A35DF1B6A18C
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Frame ID: F7BD64ECBB66F7A64E6A2B0E168D1F50
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1FF329D9689B6CEE292B3D72C1D0E58E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html
Frame ID: A0761AD5AF17291559C74063688FCD2B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1E90FA918F891B075C9F7663A03A5E40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7002491002409919&output=html&adk=1812271804&adf=3025194257&lmt=1622151933&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151933815&bpp=1&bdt=3858&idt=1&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce4d82b34bdc6579-2292ca8129c8007d%3AT%3D1622151930%3AS%3DALNI_MbBMkf-0u_NMLAfNFdgB3_HUPKDPA&prev_fmts=320x100%2C728x90&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&nras=1&correlator=6252834043920&frm=20&pv=1&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=14&uci=a!e&fsb=1&dtd=11
Frame ID: EF9186B0239E0513C44D607D92F91AAE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: A7F1D1FFB1B9F04D1E6200B16DB061FE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E03F4C56744E8AFF799E5854A6D9747
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C0802864DE72E1B24D1E7A696D66DAA5
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: B06FBA6200AB894B2CC3C5CAE303F19F
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Frame ID: DB9A9B0BDD617B0AD5890EBD6E7ED729
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html
Frame ID: B014C168B8DED39D60769EA24A757C17
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EE0EC1912ED924589DED31D7629A2FB9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 8FF9BF5B76DB6D8AE644A2BB105EF161
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Frame ID: 7E237EC7C05D38C6A4DF091A1BB4F2AB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html
Frame ID: 020017C2421FA841336663C075637936
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 53275D7049B477E76A271416BCD68A8B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 28CC11276C23F7D089E16A8D8567DC33
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Frame ID: BD072B8971827F81049F6576D87B19E8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html
Frame ID: BF2479829001C142D8AEAB22AAF35B4B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 88378246D309E8941D88ABA743B13718
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A046275D8459BB588679E0E919AFBC56
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Frame ID: B908EFCE7FBE1F9363802036BA0FC175
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html
Frame ID: 97145A6CF392343AD0FC206819994B56
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 50AA6B922A2F857F9230330AE7C4CCE9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

340
Requests

99 %
HTTPS

53 %
IPv6

34
Domains

53
Subdomains

53
IPs

7
Countries

7929 kB
Transfer

20384 kB
Size

8
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: http://fatcatart.com/
Title: fatcatart.com

Search URL Search Domain Scan URL

URL: https://imgur.com/94ZTbn6

Search URL Search Domain Scan URL

URL: https://imgur.com/7Hv76D4

Search URL Search Domain Scan URL

URL: https://imgur.com/NIn23Yv

Search URL Search Domain Scan URL

URL: https://imgur.com/Loac5jb

Search URL Search Domain Scan URL

URL: https://imgur.com/MEjDX6r

Search URL Search Domain Scan URL

URL: https://imgur.com/k34hyuj

Search URL Search Domain Scan URL

URL: https://imgur.com/zuvl93R

Search URL Search Domain Scan URL

URL: https://imgur.com/0Ddkng9

Search URL Search Domain Scan URL

URL: https://imgur.com/yAGaOCz

Search URL Search Domain Scan URL

URL: https://imgur.com/dh3BspO

Search URL Search Domain Scan URL

URL: https://imgur.com/6WsK16T

Search URL Search Domain Scan URL

URL: https://catsmylife.com/3987/
Title: Learning How To Climb The Stairs Together, A Baby And A Puppy Become Attached More

Search URL Search Domain Scan URL

URL: https://catsmylife.com/3991/
Title: Abandoned On The Street, Little Puppy Meets A Kind Police Officer Who Offers Him A Family

Search URL Search Domain Scan URL

URL: http://animals.24hminecraft.com/puppy-saved-from-the-tire-smiles-at-her-rescuers/
Title: Puppy Saved From The Tire Smiles At Her Rescuers

Search URL Search Domain Scan URL

URL: https://gamezity.com/94/
Title: Disabled Dog Crawls To Homeless Man, Asking Him For Food

Search URL Search Domain Scan URL

URL: http://animals.24hminecraft.com/after-being-discovered-the-misbehavior-the-sweet-boxer-seems-to-be-guilty/
Title: After Being Discovered The Misbehavior, The Sweet Boxer Seems To Be Guilty

Search URL Search Domain Scan URL

URL: https://catsmylife.com/3980/
Title: Gentle Dog Helps Taking Care Of Hundreds Of Foster Kittens, Giving Them Love And Affection

Search URL Search Domain Scan URL

URL: https://catsmylife.com/3975/
Title: Stray Cat Interrupts Prayer Service And Demands Attention From Monk

Search URL Search Domain Scan URL

URL: https://catsmylife.com/3983/
Title: Duck Adopted Five Abandoned Kittens When Spotted Them On His Bed

Search URL Search Domain Scan URL

URL: http://animals.24hminecraft.com/be-trained-to-sense-the-trouble-a-dog-hero-saved-the-diabetic-girl-over-5-miles-away/
Title: Be Trained To Sense The Trouble; A Dog Hero Saved The Diabetic Girl Over 5 Miles Away

Search URL Search Domain Scan URL

URL: https://olipfun.com/take-a-look-at-27-hilarious-pics-to-see-how-people-protect-themselves-from-coronavirus/
Title: Take A Look At 27 Hilarious Pics To See How People Protect Themselves From Coronavirus

Search URL Search Domain Scan URL

URL: https://olipfun.com/funny-pictures-of-pets-pretending-to-be-innocent-after-committing-petty-crimes/
Title: Funny Pictures Of Pets Pretending To Be Innocent After Committing “Petty” Crimes

Search URL Search Domain Scan URL

URL: https://olipfun.com/try-not-to-laugh-when-you-see-these-funny-fat-cat-memes/
Title: Try Not To Laugh When You See These Funny Fat Cat Memes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Faubtu.biz%2F2541%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=An%20Artist%20Inserts%20Her%20Ginger%20Cat%20In%20All%20Of%20The%20Famous%20Paintings%20-%20https://aubtu.biz/2541/

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Faubtu.biz%2F2541%2F

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button?url=https%3A%2F%2Faubtu.biz%2F2541%2F&media=https%3A%2F%2Faubtu.biz%2Fwp-content%2Fuploads%2F2017%2F12%2FAn-Artist-Inserts-Her-Ginger-Cat-In-All-Of-The-Famous-Paintings.jpg&description=An%20Artist%20Inserts%20Her%20Ginger%20Cat%20In%20All%20Of%20The%20Famous%20Paintings

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Faubtu.biz%2F2541%2F&title=An%20Artist%20Inserts%20Her%20Ginger%20Cat%20In%20All%20Of%20The%20Famous%20Paintings

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https%3A%2F%2Faubtu.biz%2F2541%2F&name=An%20Artist%20Inserts%20Her%20Ginger%20Cat%20In%20All%20Of%20The%20Famous%20Paintings

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https%3A%2F%2Faubtu.biz%2F2541%2F&title=An%20Artist%20Inserts%20Her%20Ginger%20Cat%20In%20All%20Of%20The%20Famous%20Paintings

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Faubtu.biz%2F2541%2F&text=An%20Artist%20Inserts%20Her%20Ginger%20Cat%20In%20All%20Of%20The%20Famous%20Paintings

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg

Request Chain 29

https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg

Request Chain 33

https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg HTTP 301
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjv9eBuE_UIr_MvsU25Rj4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjv9eBuE_UIr_MvsU25Rj4&google_cver=1&C=1

Request Chain 148

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLAS-IrGOfC0GH1UsKJaMAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjv9eBuE_UIr_MvsU25Rj4&google_cver=1

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAyWc8y2MlghCPzJrn7sRC8&google_cver=1

Request Chain 150

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1OTk2MjczMjUwMjIzMzkwNA%3D%3D

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKsv_0DJa-79ilNQcLr5Vgs&google_cver=1

Request Chain 156

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTljNzM2NmQtZTBmMS0yMmU5LWU5N2EtNDNlMTVlYmFhZGMz

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEI0OLAjo5M7YBABo2-qzIH8&google_cver=1

Request Chain 158

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjRkMjhiZDA1MDUyMjIzN2I5ZjFiMTRmZTBhYzEwYzExZDJmODdhNA==

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGAgeeND8etkJopSuF1slCw&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGAgeeND8etkJopSuF1slCw&google_cver=1&__user_check__=1&sync_id=dca40d80-bf34-11eb-bfe2-1ab0ad8d0406

Request Chain 162

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=dc9941cb-bf34-11eb-83c2-1d21b9eb0206 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGM5OTQxODAtYmYzNC0xMWViLTgzYzItMWQyMWI5ZWIwMjA2

Request Chain 178

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 221

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 262

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 271

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 289

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1qdndDSjA1RTJ1R1RUS0Q2dEhwV29IQURIaVFCNVdhR35B

Request Chain 290

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKe7ZqfUIpi5gT7swDz5-tg&google_cver=1

340 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
aubtu.biz/2541/ 59 KB
14 KB 950ms
928ms Document
text/html 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

399867dc3b446172a68f80282541843d4687f3808bd6daaaed088c596eca9e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: aubtu.biz
:scheme: https
:path: /2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://aubtu.biz/wp-json/>; rel="https://api.w.org/" <https://aubtu.biz/wp-json/wp/v2/posts/2541>; rel="alternate"; type="application/json" <https://aubtu.biz/?p=2541>; rel=shortlink
x-powered-by: DLEMP
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 0a516334c00000073ec0316000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=D6ZU9EHfOhFLP4Jhi2Tcv%2B%2F5q6M3fgznXHDEIIJy54bD5zB6L8iBbxI2a8OOcaC6N%2Fv1RmGqpQOLvvv9RU0WC6yzcjlu16XhXcGg%2BfGoFeGaL2fGpiUmrszItWT8wR9CWbdg"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65626e346ec1073e-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 style.min.css
aubtu.biz/wp-includes/css/dist/block-library/ 57 KB
9 KB 30ms
19ms Stylesheet
text/css 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aubtu.biz/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1274454
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5163387100004db29936c000000001
last-modified: Thu, 15 Apr 2021 18:43:18 GMT
server: cloudflare
etag: W/"60788946-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XVGjGED6MGid6oP%2Fon3LcoJdIt%2FKhUQ7%2Bq2w5cQmjH6aSI0cHv3zwhxEzO0qs69XdCC%2BeC3JNv53ewklJxmjaIcZu6CYP5Mcmu%2ByH8UkQXfOsncsvp%2BVOIumj5KCNnN7AZMB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 65626e3a49af4db2-FRA
expires: Sat, 12 Jun 2021 03:44:35 GMT

GET
H3-29 200 theme.min.css
aubtu.biz/wp-includes/css/dist/block-library/ 3 KB
1 KB 29ms
17ms Stylesheet
text/css 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aubtu.biz/wp-includes/css/dist/block-library/theme.min.css?ver=5.7.2
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d

Request headers

:path: /wp-includes/css/dist/block-library/theme.min.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1274454
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5163387200004db274276000000001
last-modified: Tue, 02 Feb 2021 05:17:13 GMT
server: cloudflare
etag: W/"6018e059-a9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=E3B3jc2n6MjRPIwrbUuC4lUI9s0lbbBFRw379r5mL7W%2FWE0%2BVVDl0J2%2FA9AqHlTX%2BRlTerzvXx80%2Bm03A2fddEvNblPWjWrZmSlv4ldC0MBPPjBJogZCK%2BPDmvnVJmOrw%2Fb9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 65626e3a49b34db2-FRA
expires: Sat, 12 Jun 2021 03:44:35 GMT

GET
H3-29 200 single-shortcode.css
aubtu.biz/wp-content/plugins/penci-framework/assets/css/ 27 KB
4 KB 45ms
34ms Stylesheet
text/css 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aubtu.biz/wp-content/plugins/penci-framework/assets/css/single-shortcode.css?ver=5.7.2
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 71d67862610b80dc5c9a9ceb03f4bf2e2e6305b17e490a32fec5139c40b00ba1

Request headers

:path: /wp-content/plugins/penci-framework/assets/css/single-shortcode.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1274454
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5163387100004db2e624b000000001
last-modified: Thu, 25 Mar 2021 10:37:53 GMT
server: cloudflare
etag: W/"605c6801-6d1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iZD6IlKrHHccLdu1vhKkz5CmrxU1Jk6jwjOVlWqesa4hpOF9V1sVoJdvgw%2F31vj1MlIhK4%2BS0FHEUYaW2VWxGtzDWs%2Bty8VRD5V678C8t5RdNMOo%2FNnf%2FI5skBNGuiPx9Ixb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 65626e3a49ad4db2-FRA
expires: Sat, 12 Jun 2021 03:44:35 GMT

GET
H3-29 200 style.css
aubtu.biz/wp-content/themes/pennews/ 1 MB
98 KB 39ms
28ms Stylesheet
text/css 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aubtu.biz/wp-content/themes/pennews/style.css?ver=5.7.2
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: b257ff6a705b02d48170bf95141ba1214fbccc5f74edfb42191d14893c19b509

Request headers

:path: /wp-content/themes/pennews/style.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1274454
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5163387300004db2e3b80000000001
last-modified: Thu, 25 Mar 2021 10:37:55 GMT
server: cloudflare
etag: W/"605c6803-10e30f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IkB9KYoJwIzry65j7ETEaOM30M3mSxzn8tv5Kewh4byqtFfUgx4qwDvZAfkX30MuhIOAC7EmqoO4KLot1Qp%2F9za5aBgBM93xz1pPu4e4M7W7vruQEmtZbboYELHlkRClQm1c"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 65626e3a49a74db2-FRA
expires: Sat, 12 Jun 2021 03:44:35 GMT

GET
H3-29 200 style.css
aubtu.biz/wp-content/themes/pennews-child/ 493 B
922 B 24ms
13ms Stylesheet
text/css 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aubtu.biz/wp-content/themes/pennews-child/style.css?ver=1.0.0
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 17380526a824a0cf0baab498facbd805f184972ef8e56bbd7f5b3ce87785ec8a

Request headers

:path: /wp-content/themes/pennews-child/style.css?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1292981
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5163387100004db2c3ab4000000001
last-modified: Thu, 25 Mar 2021 15:00:49 GMT
server: cloudflare
etag: W/"605ca5a1-1ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=F7FTRMCQsOu8zjmah6Efs5yJJAw0avCGrAICJhgaedVEVVMsgGdGmWbqwSs7GDodBzJSdho5tZsan0Hmgv1CKGaqP9CRLueyneDdSZ3pm3Ao86qoWwvnu3L5pi2aSAxxNSny"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 65626e3a49b04db2-FRA
expires: Fri, 11 Jun 2021 22:35:48 GMT

GET
H3-29 200 font-awesome.min.css
aubtu.biz/wp-content/themes/pennews/css/ 33 KB
8 KB 28ms
17ms Stylesheet
text/css 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aubtu.biz/wp-content/themes/pennews/css/font-awesome.min.css?ver=4.5.2
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 74a67b8c7ae08c6d59dc50172516683401d19b8495c83b3be490ea3dce522193

Request headers

:path: /wp-content/themes/pennews/css/font-awesome.min.css?ver=4.5.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1301533
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5163387100004db2c998f000000001
last-modified: Thu, 25 Mar 2021 10:37:55 GMT
server: cloudflare
etag: W/"605c6803-8472"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=r8rhtsWHRY9rr5ljDAQOyk2n9ywF%2FU7%2B8D4zDiloMNRF9G%2FLPd4zcgHimp9DdpYb0kk%2BiTk6IQe7Pn45KvJHcr99wiz71vb1v6jJfS28HuRehNRBIlNTrUzQTSn2znLWzk5s"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 65626e3a49b14db2-FRA
expires: Fri, 11 Jun 2021 20:13:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 31 KB
2 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMukta+Vaani%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7COswald%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CTeko%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dcyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2795a8903b81d5c68f94c21f5fb42790b6e1e165c1d72ba8400a4043a2a1632f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 May 2021 21:34:57 GMT
server: ESF
date: Thu, 27 May 2021 21:45:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 May 2021 21:45:29 GMT

GET
H3-29 200 style.css
aubtu.biz/wp-content/themes/pennews-child/ 493 B
891 B 47ms
36ms Stylesheet
text/css 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aubtu.biz/wp-content/themes/pennews-child/style.css?ver=6.5.7
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 17380526a824a0cf0baab498facbd805f184972ef8e56bbd7f5b3ce87785ec8a

Request headers

:path: /wp-content/themes/pennews-child/style.css?ver=6.5.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 954905
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5163387200004db2db905000000001
last-modified: Thu, 25 Mar 2021 15:00:49 GMT
server: cloudflare
etag: W/"605ca5a1-1ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5Dpq7L5I1lMWtndeNLpetTNKyC7tNsEANf4FxcYo5CtfIWewH9DJ6owpRSP9ZjYbVF5TO3VD4iFPylDccr0pnB7aMa0D5MmLIHkzHKK%2BCl5UQH%2BDQKRmEUV7vq%2FSni6iA0u6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 65626e3a49b24db2-FRA
expires: Tue, 15 Jun 2021 20:30:24 GMT

GET
H3-29 200 jquery.min.js Show response
aubtu.biz/wp-includes/js/jquery/ 87 KB
30 KB 33ms
23ms Script
application/javascript 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aubtu.biz/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1301533
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5163387000004db2e91d2000000001
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: cloudflare
etag: W/"5f7dedd5-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9Djlq9hV0ngh6zI5g6csOfNf%2FPv%2FHmtwTq7Pu%2FpPQBiyfx41s1aW5vmtpnEiVbHYUr6xEZL5%2BPdJ81GA5lkWJyB3oPql3JzXnwv9tOmZS%2FPRejPRFQDowzgo%2F7wQ27iC9ghg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 65626e3a49ac4db2-FRA
expires: Fri, 11 Jun 2021 20:13:16 GMT

GET
H3-29 200 jquery-migrate.min.js Show response
aubtu.biz/wp-includes/js/jquery/ 11 KB
4 KB 28ms
17ms Script
application/javascript 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aubtu.biz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1292981
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a5163387200004db2a90c0000000001
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: cloudflare
etag: W/"5fb4e3fe-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Wi4ZXunSR7gCwZvcJ1ELK78inC5AY6DFdWotQ%2F%2FQAEFl15oyw7ZC2lINHSXcOXmDoqyde9gELglaxP%2FJ7P%2B9vP4WhCFG%2B0iDWkw2ZF7%2FiVVTxb5e7Zm7SUYDNsvmUevl5zIl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 65626e3a49b44db2-FRA
expires: Fri, 11 Jun 2021 22:35:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 25ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-153122571-11

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0d4e45e6e6cf1cf3e46ac89bb78c5d6cc2acd55b0505c0431ab0d4eed65eeb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35850
x-xss-protection: 0
last-modified: Thu, 27 May 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 May 2021 21:45:30 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 117ms
39ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0a0db2bebecd6f3a00abe15e1d8db96c364f9dce55cf27aec9d9f758755118a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "885 / 670 of 1000 / last-modified: 1622114387"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21551
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:30 GMT

GET
H3-29 200 weloveanimals.png
aubtu.biz/wp-content/uploads/2021/03/ 5 KB
6 KB 15ms
10ms Image
image/png 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aubtu.biz/wp-content/uploads/2021/03/weloveanimals.png
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 65ee7d1ce98b3e7467c019eba6776f712b608186028187ea324cf891228e1616

Request headers

:path: /wp-content/uploads/2021/03/weloveanimals.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 382882
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4996
cf-request-id: 0a516338c300004db2ec967000000001
last-modified: Thu, 25 Mar 2021 10:38:07 GMT
server: cloudflare
etag: "605c680f-1384"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RSrcVzDEesQ04J6EKn88xhk3SAPlKMTUgO2m8FJ2ZURze4AHXCf6Zfi3gtzsH6lfx7%2Fu1FfJXSkvxN0j7HAtFUp4PVlteGr38R75AWFy5q5h1w7RAuG%2BIJnPQZBcNDoB9Qm9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 65626e3adadf4db2-FRA
expires: Tue, 22 Jun 2021 11:24:08 GMT

GET
H2 200 94ZTbn6.jpg
i.imgur.com/ 156 KB
157 KB 115ms
34ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/94ZTbn6.jpg

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

6701698f0a27ba0ecce30ea473ee4891b1f704af62b77122333c33070c205932

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
x-content-type-options: nosniff
age: 1120191
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 160003
x-served-by: cache-bwi5164-BWI, cache-hhn4031-HHN
last-modified: Sat, 09 Dec 2017 16:30:50 GMT
server: cat factory 1.0
x-timer: S1622151930.144023,VS0,VE1
etag: "fe5ab7b00874174287264a35a9d62334"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 7Hv76D4.jpg
i.imgur.com/ 68 KB
68 KB 114ms
33ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/7Hv76D4.jpg

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

189196e7f1a6f800e0ae56a8ab2aeddb9403eae4e650884204d71ab5863b0637

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
x-content-type-options: nosniff
age: 778779
x-cache: HIT, HIT
content-length: 69715
x-served-by: cache-bwi5167-BWI, cache-hhn4031-HHN
last-modified: Sat, 09 Dec 2017 16:30:52 GMT
server: cat factory 1.0
x-timer: S1622151930.144353,VS0,VE2
etag: "75d3dfbdd99a51b1c57f20b867960fb5"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 NIn23Yv.jpg
i.imgur.com/ 99 KB
99 KB 114ms
34ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/NIn23Yv.jpg

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f4a7417eacfbc4ae2bf6fc2338c9daf95f0d37ff354555283317d765be5397bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
x-content-type-options: nosniff
age: 2914929
x-cache: HIT, HIT
content-length: 101591
x-served-by: cache-bwi5164-BWI, cache-hhn4031-HHN
last-modified: Sat, 09 Dec 2017 16:31:01 GMT
server: cat factory 1.0
x-timer: S1622151930.144371,VS0,VE2
etag: "d189fc73f397afb4f247c9829ba1900a"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Loac5jb.jpg
i.imgur.com/ 137 KB
138 KB 114ms
33ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Loac5jb.jpg

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f8a1f42a40c1e2028d200abb326158a82193ebea3bc01bcdbfb8300e95e66630

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
x-content-type-options: nosniff
age: 1120191
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 140586
x-served-by: cache-bwi5133-BWI, cache-hhn4031-HHN
last-modified: Sat, 09 Dec 2017 16:30:59 GMT
server: cat factory 1.0
x-timer: S1622151930.144337,VS0,VE1
etag: "f14b8cca34981535ffe0df29e60f257c"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 MEjDX6r.jpg
i.imgur.com/ 133 KB
133 KB 114ms
34ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/MEjDX6r.jpg

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

60468cee664f21f8ee97547282aba1fd5fd7a5ed82601b87f6b63b92483c3244

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
x-content-type-options: nosniff
age: 596874
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 135911
x-served-by: cache-bwi5172-BWI, cache-hhn4031-HHN
last-modified: Sat, 09 Dec 2017 16:31:10 GMT
server: cat factory 1.0
x-timer: S1622151930.144335,VS0,VE1
etag: "45a1c9d883dbf953e06344b5d7aaabad"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 k34hyuj.jpg
i.imgur.com/ 263 KB
263 KB 114ms
34ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/k34hyuj.jpg

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8c70fcd4d89f203ca0e2a682bc7a2f0cff21d048fa62be3ec0a5b43ad5649357

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
x-content-type-options: nosniff
age: 596874
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 269220
x-served-by: cache-bwi5123-BWI, cache-hhn4031-HHN
last-modified: Sat, 09 Dec 2017 16:31:05 GMT
server: cat factory 1.0
x-timer: S1622151930.144391,VS0,VE2
etag: "9b2f0116d7d74dd95e984a209202205e"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 90 KB
32 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb731be92c4bfe2360141c42a987ee49e2191ed75e2efff0dcc42e1882d6da7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32965
x-xss-protection: 0
server: cafe
etag: 1977833837501118871
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 May 2021 21:45:30 GMT

GET
H2 200 zuvl93R.jpg
i.imgur.com/ 102 KB
102 KB 104ms
103ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/zuvl93R.jpg

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

47e659b1f4e21e26efc39650687f1d1a53034e91b49240a38e8f5d66bac247ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
x-content-type-options: nosniff
age: 1266154
x-cache: HIT, HIT
content-length: 104279
x-served-by: cache-bwi5165-BWI, cache-hhn4031-HHN
last-modified: Sat, 09 Dec 2017 16:30:54 GMT
server: cat factory 1.0
x-timer: S1622151930.172224,VS0,VE1
etag: "49152a1fdcf3cc1688fa716e5a32c742"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 18, 1

GET
H2 200 yAGaOCz.jpg
i.imgur.com/ 145 KB
145 KB 105ms
104ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/yAGaOCz.jpg

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8b01e38bdd110c6f7f61a41092c37a3c3d2aa632b8d9d5108705998250a8be73

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
x-content-type-options: nosniff
age: 2258402
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 148276
x-served-by: cache-bwi5152-BWI, cache-hhn4031-HHN
last-modified: Sat, 09 Dec 2017 16:31:15 GMT
server: cat factory 1.0
x-timer: S1622151930.172308,VS0,VE1
etag: "00c6f4e615d71d0edbdd55aeb9429e11"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48356
x-xss-protection: 0
server: cafe
etag: 3890051329819667200
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 May 2021 21:45:30 GMT

GET
H2 200 dh3BspO.jpg
i.imgur.com/ 65 KB
65 KB 105ms
104ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/dh3BspO.jpg

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

1023acb5d2a1a9f32ced070b62285c08f8a1e3b4019e415132ed378a99c56376

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
x-content-type-options: nosniff
age: 2489284
x-cache: HIT, HIT
content-length: 66216
x-served-by: cache-bwi5150-BWI, cache-hhn4031-HHN
last-modified: Sat, 09 Dec 2017 16:31:12 GMT
server: cat factory 1.0
x-timer: S1622151930.172375,VS0,VE1
etag: "3752c0ea4ed4c5fcc9501c4964d24ba7"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 6WsK16T.jpg
i.imgur.com/ 119 KB
120 KB 105ms
104ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/6WsK16T.jpg

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8f46a3c3b3a88ed8b0f5fc0ff4369fb2bfb9cbed4a6514432e5603e471b30077

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
x-content-type-options: nosniff
age: 1771615
x-cache: HIT, HIT
content-length: 122201
x-served-by: cache-bwi5141-BWI, cache-hhn4031-HHN
last-modified: Sat, 09 Dec 2017 16:31:19 GMT
server: cat factory 1.0
x-timer: S1622151930.172360,VS0,VE1
etag: "97cb9ad3469652299e1c7c726c799195"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Learning-How-To-Climb-The-Stairs-Together-A-Baby-And-A-Puppy-Become-Attached-More.jpg
catsmylife.com/wp-content/uploads/2021/05/ 26 KB
27 KB 55ms
26ms Image
image/jpeg 2606:4700:3030::ac43:cf9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://catsmylife.com/wp-content/uploads/2021/05/Learning-How-To-Climb-The-Stairs-Together-A-Baby-And-A-Puppy-Become-Attached-More.jpg
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cf9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: c31c63cd4056193e7e3c989f558af05b303553846bbbac70e4078913c9b15f7c

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 966811
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26752
cf-request-id: 0a516338dd00004eb034b5a000000001
last-modified: Sat, 15 May 2021 09:41:49 GMT
server: cloudflare
etag: "609f975d-6880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mbueJtFnx70pQFqAThTCc%2FZboa4Pn%2BmcaS0GnG1Scmc%2F8f8too6tY8RgyeIo1kKNGwUCsaMp3SYfIEOC9spPg32cacT45%2FFRdVEhcBa3KNEpChlMmTsRZ1NXQSQNg9UnssnKc25hhQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 65626e3afc114eb0-FRA
expires: Tue, 15 Jun 2021 17:11:59 GMT

GET
H2 200 Abandoned-On-The-Street-Little-Puppy-Meets-A-Kind-Police-Officer-Who-Offers-Him-A-Home.jpg
catsmylife.com/wp-content/uploads/2021/05/ 38 KB
38 KB 61ms
32ms Image
image/jpeg 2606:4700:3030::ac43:cf9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://catsmylife.com/wp-content/uploads/2021/05/Abandoned-On-The-Street-Little-Puppy-Meets-A-Kind-Police-Officer-Who-Offers-Him-A-Home.jpg
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:cf9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 23a29854f31eb2dbd28971361346d3978b843bbfdd0cef7fa300008ba701db07

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 966811
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38701
cf-request-id: 0a516338de00004eb044b32000000001
last-modified: Sat, 15 May 2021 09:42:45 GMT
server: cloudflare
etag: "609f9795-972d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CjlFnLOhYRLrSWY9%2B8YfTkOuylX%2BzN0%2BmAv2M8W7eAiQ1RzIsE6aLtN12tyAnrZjegt7e8Mr%2FoMtpHEKLi811x2kESojsTITm%2BPoDPPAAd0CSyoCumJCOuVbp5baFoXPy1S2PVsQRWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 65626e3afc144eb0-FRA
expires: Tue, 15 Jun 2021 17:11:59 GMT

GET

17613.jpg
animals.24hminecraft.com/wp-content/uploads/2021/05/
Redirect Chain

https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg

0
0

GET
H2 200 94.jpg
gamezity.com/wp-content/uploads/2021/04/ 74 KB
74 KB 430ms
138ms Image
image/jpeg 144.202.54.102
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamezity.com/wp-content/uploads/2021/04/94.jpg
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.202.54.102 Elk Grove Village, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.54.102.vultr.com
Software: Nginx / VPSSIM
Resource Hash: 1a90b34d4e3de868e011c4985e18878e5de768b5697bb10b32b291ceb941dde2

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
last-modified: Fri, 23 Apr 2021 01:34:36 GMT
server: Nginx
x-powered-by: VPSSIM
etag: "6082242c-12800"
content-type: image/jpeg
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 75776
expires: Sat, 26 Jun 2021 21:45:30 GMT

GET

17609.jpg
animals.24hminecraft.com/wp-content/uploads/2021/05/
Redirect Chain

https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg

0
0

GET
H3-29 200 Gentle-Dog-Helps-Taking-Care-Of-Hundreds-Of-Foster-Kittens-Giving-Them-Love-And-Affection.jpg
catsmylife.com/wp-content/uploads/2021/05/ 27 KB
28 KB 30ms
13ms Image
image/jpeg 2606:4700:3030::ac43:cf9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://catsmylife.com/wp-content/uploads/2021/05/Gentle-Dog-Helps-Taking-Care-Of-Hundreds-Of-Foster-Kittens-Giving-Them-Love-And-Affection.jpg
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cf9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: e20abb6f914cdac4c1c0f76fc8075da6f6c61acfe24e44abff0d165e89ad6f73

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 966811
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28079
cf-request-id: 0a516339100000e007a5134000000001
last-modified: Sat, 15 May 2021 09:36:33 GMT
server: cloudflare
etag: "609f9621-6daf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eNnGMUQPoqaU3b7Xy43Geu1GKIukRwjy%2FN7q9aZgpEWQsdhh2PaMt0G4tfhNyF%2Fe%2FubRBxlTdGtbADjRvaQpf3TnA8bx%2Bq0q%2BrMHgDvTdO8UzOhznDEISjs6jbQv5Bao1QShw0Yb%2B3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 65626e3b4853e007-FRA
expires: Tue, 15 Jun 2021 17:11:59 GMT

GET
H3-29 200 3975.jpg
catsmylife.com/wp-content/uploads/2021/05/ 49 KB
49 KB 37ms
21ms Image
image/jpeg 2606:4700:3030::ac43:cf9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://catsmylife.com/wp-content/uploads/2021/05/3975.jpg
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cf9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: bb6ea51b6549e388055293d2f4e1c00ddbc5abe710749e3b0fc15fa1d0e25bc1

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 966811
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49890
cf-request-id: 0a516339100000e007c0b35000000001
last-modified: Sat, 15 May 2021 09:14:28 GMT
server: cloudflare
etag: "609f90f4-c2e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G3a7ZE0y0S6DRg%2BdmaSV49CTjzZJhSzDxpYkIO1CcfJOuNlTz%2FNlpvms57FtPS8VD9735eKRTpV%2Br7eqYoyHchbIqEhxuq6ueJnIoGrZsJQ0mFpTUQjQ0uo%2BgWrmwGMhBarcqJrS64c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 65626e3b4852e007-FRA
expires: Tue, 15 Jun 2021 17:11:59 GMT

GET
H3-29 200 A-Duck-Harry-Adopted-Five-Abandoned-Kittens-Since-Spotted-Them-On-His-Bed-ft.jpg
catsmylife.com/wp-content/uploads/2021/05/ 22 KB
23 KB 37ms
20ms Image
image/jpeg 2606:4700:3030::ac43:cf9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://catsmylife.com/wp-content/uploads/2021/05/A-Duck-Harry-Adopted-Five-Abandoned-Kittens-Since-Spotted-Them-On-His-Bed-ft.jpg
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:cf9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 1b6686f06d08282c3d7d0f76d73b131649eb5df5d66031b8ac292c2c4904bca4

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 966811
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22452
cf-request-id: 0a516339100000e007c3a01000000001
last-modified: Sat, 15 May 2021 09:39:17 GMT
server: cloudflare
etag: "609f96c5-57b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q2BlJp2qITTUYxAWYRF%2FF5pj%2F816wT0Qp2XQepYJvrxLEHwgbjrH5Q48Vny9WLBcXPUJPTd3TafthOi4Yf9Jyd2TecnqUup4gTEiEFitBi84hDnSUGhbYyhWdayTfyDOi8ATj27695E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 65626e3b4851e007-FRA
expires: Tue, 15 Jun 2021 17:11:59 GMT

GET

17616.jpg
animals.24hminecraft.com/wp-content/uploads/2021/05/
Redirect Chain

https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg
https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg

0
0

GET
H2 200 3322.jpg
olipfun.com/wp-content/uploads/2021/05/ 57 KB
57 KB 360ms
114ms Image
image/jpeg 207.148.25.39
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://olipfun.com/wp-content/uploads/2021/05/3322.jpg
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.148.25.39 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.148.25.39.vultr.com
Software: Nginx / DLEMP
Resource Hash: 12a63339f449f6df0e3b830e636f5b3b60ba29abc9393e3286cf59cdb43f8cfc

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
last-modified: Wed, 12 May 2021 09:12:10 GMT
server: Nginx
x-powered-by: DLEMP
etag: "609b9bea-e35c"
content-type: image/jpeg
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 58204
expires: Sat, 26 Jun 2021 21:45:30 GMT

GET
H2 200 2919-758x398.jpg
olipfun.com/wp-content/uploads/2021/04/ 51 KB
52 KB 482ms
309ms Image
image/jpeg 207.148.25.39
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://olipfun.com/wp-content/uploads/2021/04/2919-758x398.jpg
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.148.25.39 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.148.25.39.vultr.com
Software: Nginx / DLEMP
Resource Hash: 540ba53df389d0f2bc093ca892888ca796eac68acc10f95a345b3da38d1cf3a5

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
last-modified: Mon, 19 Apr 2021 10:39:05 GMT
server: Nginx
x-powered-by: DLEMP
etag: "607d5dc9-cdbc"
content-type: image/jpeg
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 52668
expires: Sat, 26 Jun 2021 21:45:30 GMT

GET
H2 200 try-not-to-laugh-when-you-see-these-funny-fat-cat-memes-758x398.jpg
olipfun.com/wp-content/uploads/2021/03/ 44 KB
44 KB 529ms
397ms Image
image/jpeg 207.148.25.39
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://olipfun.com/wp-content/uploads/2021/03/try-not-to-laugh-when-you-see-these-funny-fat-cat-memes-758x398.jpg
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.148.25.39 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 207.148.25.39.vultr.com
Software: Nginx / DLEMP
Resource Hash: 155badaf72ee5c49d2c776cbd4a156211c0d692f17f9d84daf1db28388a0666c

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
last-modified: Mon, 19 Apr 2021 10:39:05 GMT
server: Nginx
x-powered-by: DLEMP
etag: "607d5dc9-af57"
content-type: image/jpeg
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 44887
expires: Sat, 26 Jun 2021 21:45:30 GMT

GET
H3-29 200 email-decode.min.js Show response
aubtu.biz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 8ms
7ms Script
application/javascript 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aubtu.biz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0a5163389e00004db289a33000000001
last-modified: Tue, 25 May 2021 12:01:34 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60ace71e-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Lq9gFrRG8ZhYeupP6qj9ynLLkUqMFg9Y1AD20EQ8BjMlTUHCnkFK54%2Bdd4nocZC1xi59olULFWMpwchPOs4QxBQ%2FMhyZOdAXLqhi5%2FsfnssoSZdkSXg1jwHmIZb946l6XkIH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 65626e3a9a564db2-FRA
expires: Sat, 29 May 2021 21:45:30 GMT

GET
H3-29 200 script.min.js Show response
aubtu.biz/wp-content/themes/pennews/js/ 468 KB
131 KB 36ms
31ms Script
application/javascript 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aubtu.biz/wp-content/themes/pennews/js/script.min.js?ver=6.5.7
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 577cf87bef6a4cf8a0d07d27447e5841959c9658e5681600593625e60430e629

Request headers

:path: /wp-content/themes/pennews/js/script.min.js?ver=6.5.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 982835
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a516338c200004db2c3abb000000001
last-modified: Thu, 25 Mar 2021 10:37:55 GMT
server: cloudflare
etag: W/"605c6803-75008"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JjtYk3tI8dJ0rBzAiQqzSQU49GDP5rvGQqmkqF%2B96lrJhrB9u5%2B7lFIHsEGys%2FrVTyaoeCis%2Fs7QautSJNrMCzVuRy%2BRb8JF8txhUgeFm6KHoXfFhl1plEDRe588eADhTXR1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 65626e3adadb4db2-FRA
expires: Tue, 15 Jun 2021 12:44:55 GMT

GET
H3-29 200 wp-embed.min.js Show response
aubtu.biz/wp-includes/js/ 1 KB
1 KB 16ms
11ms Script
application/javascript 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aubtu.biz/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1274454
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a516338c200004db2f230c000000001
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
etag: W/"5ff5d754-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=S3CpMULul68MMI3AiYD5YFQ6r8mp5kON5dxwBXUghzR94cnx0qahdm4%2Fa0BIri5QmWdrbC0s81Hk0FLbKc98CcigrrAaPHPUqGVUbVQfrkQ2Iqck444yt3JoRpyGogP7eSaW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 65626e3adadd4db2-FRA
expires: Sat, 12 Jun 2021 03:44:36 GMT

GET
H3-29 200 wp-emoji-release.min.js Show response
aubtu.biz/wp-includes/js/ 14 KB
5 KB 14ms
12ms Script
application/javascript 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aubtu.biz/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / DLEMP
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: aubtu.biz
referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1274454
x-powered-by: DLEMP
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a516338c300004db2879a4000000001
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
etag: W/"5ff5d754-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rDborCPf4h%2BJqeRbqF7in%2FQn2PJHlRLuoEhB6FC4Rf%2BB%2FVIKfpnJnV68CfekPV5sf1xE8IUmRelcMzfZ6bsjeQieKvM6zggV%2BxLuhR3XzPn%2BM7ByAiYbeIFbM%2FDyGP6L3joe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 65626e3adae14db2-FRA
expires: Sat, 12 Jun 2021 03:44:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CMukta+Vaani%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7COswald%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%7CTeko%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dcyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aubtu.biz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 10:13:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 559922
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Sat, 21 May 2022 10:13:28 GMT

GET
H3-29 200 fontawesome-webfont.woff2
aubtu.biz/wp-content/themes/pennews/fonts/ 75 KB
76 KB 11ms
11ms Font
font/woff2 2606:4700:3031::ac43:8358
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aubtu.biz/wp-content/themes/pennews/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/wp-content/themes/pennews/css/font-awesome.min.css?ver=4.5.2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8358 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/pennews/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://aubtu.biz
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: aubtu.biz
referer: https://aubtu.biz/wp-content/themes/pennews/css/font-awesome.min.css?ver=4.5.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://aubtu.biz
Referer: https://aubtu.biz/wp-content/themes/pennews/css/font-awesome.min.css?ver=4.5.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4924
x-powered-by: DLEMP
vary: Accept-Encoding
content-length: 77160
cf-request-id: 0a516338cb00004db2e3b88000000001
last-modified: Thu, 25 Mar 2021 10:37:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "605c6803-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=P0Ath%2Fll9cJqRDtRXT3mEekO9PeIRDZQxGdjRRgysbr%2BTTYHkRI0feMCucWzVlS0ZllTdLAbw02JBvdhD5ua6Kg4F2%2Bxb7QzIyx8THxGZ964e3a%2F4q5pXGNzxAqcXIKKEveb"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 65626e3adaf74db2-FRA

GET
H2 200 3JnkSD_-ynaxmxnEfVHPIGW5U_BE8O4.woff2
fonts.gstatic.com/s/muktavaani/v8/ 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muktavaani/v8/3JnkSD_-ynaxmxnEfVHPIGW5U_BE8O4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80ccae0c7abf01078d1634a24abb13e596838529b9731bd081d3a404d74c05fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aubtu.biz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 08:35:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:08:06 GMT
server: sffe
age: 220195
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21520
x-xss-protection: 0
expires: Wed, 25 May 2022 08:35:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aubtu.biz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 261010
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 24 May 2022 21:15:20 GMT

GET
H2 200 tagLoader.js Show response
s.vi-serve.com/ 1 KB
887 B 151ms
47ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vi-serve.com/tagLoader.js
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 4872888105238016fa734b451219676ae7389a2168b96465846d52bd41e40a5c

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-trans-id: txec9d4efffe7e40aa827a3-005f6486a6
content-length: 508
x-hw: 1622151930.dop043.lo4.t,1622151930.cds276.lo4.hn,1622151930.cds033.lo4.c
last-modified: Wed, 06 Mar 2019 14:01:05 GMT
etag: 5c5f4f40e1bc59a7ca6c8c40be11ebb9
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
x-timestamp: 1551880864.23222
cache-control: max-age=300, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ 232 KB
86 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7002491002409919&plah=aubtu.biz&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87658
x-xss-protection: 0
server: cafe
etag: 5316214545020586774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 May 2021 21:45:30 GMT

GET
H2 200 0Ddkng9.jpg
i.imgur.com/ 56 KB
56 KB 103ms
100ms Image
image/jpeg 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/0Ddkng9.jpg

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ff6d9846785ea4b6d32d4ce1b56f1cf21c9983cd574055f1f991bc241fc2c2cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
x-content-type-options: nosniff
age: 1753510
x-cache: HIT, HIT
content-length: 56949
x-served-by: cache-bwi5147-BWI, cache-hhn4031-HHN
last-modified: Sat, 09 Dec 2017 16:31:08 GMT
server: cat factory 1.0
x-timer: S1622151930.183161,VS0,VE0
etag: "08668d8e6b46d845f98e64f69af0090d"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H3-29 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 31 KB
31 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aubtu.biz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 02:03:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:31:39 GMT
server: sffe
age: 70947
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31676
x-xss-protection: 0
expires: Fri, 27 May 2022 02:03:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/ Frame C035 10 KB
4 KB 5ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210524/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 27 May 2021 20:29:24 GMT
expires: Thu, 10 Jun 2021 20:29:24 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 4566
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153122571-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4718
date: Thu, 27 May 2021 20:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 27 May 2021 22:26:52 GMT

GET
H3-29 200 LYjCdG7kmE0gdRhYsCRgqA.woff2
fonts.gstatic.com/s/teko/v10/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/teko/v10/LYjCdG7kmE0gdRhYsCRgqA.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3a8b7336bec502f846c8101cd4b1a751bdbf3d3fff3949949462517f27e1cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aubtu.biz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 05:52:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:54:44 GMT
server: sffe
age: 489160
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12888
x-xss-protection: 0
expires: Sun, 22 May 2022 05:52:50 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 3 KB
1 KB 11ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2506060
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1046
cf-request-id: 0a516339b500004e9820294000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zXq4pb%2FZKOoSCTdsJHIYTGuN%2Ff2sH65gp92SOBFCevpU0Kwyac4xV2copKNwiDX6XueerWEYM2Jqnb7L5Z1Xr5ablnMTPiAkaYXMmmUPiDM3l7z%2BOIvB5cYhWiT3AXZeoz3ivbhOV0ka20xePg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65626e3c5d174e98-FRA
expires: Tue, 17 May 2022 21:45:30 GMT

GET
H3-29 200 pubads_impl_2021052501.js Show response
securepubads.g.doubleclick.net/gpt/ 310 KB
109 KB 86ms
43ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

a1b8ef6d40a6f447aa71becd00f6fa9a4e1be4405fad120ab1aa8ae6ef2146bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 08:40:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111175
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:30 GMT

GET
H2 200 YOT7VmgzzFU Show response
www.youtube.com/embed/ Frame DAC0 52 KB
22 KB 57ms
56ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce5980f48cf7c9a1b7a40fa2c5748dc036d43121c1bbdc33837217a2a0a6999c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/YOT7VmgzzFU?feature=oembed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 May 2021 21:45:30 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=PZSp3yM8ASo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=C3Xczxc7ufU; Domain=.youtube.com; Expires=Tue, 23-Nov-2021 21:45:30 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+919; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 X9Olvj8jDss Show response
www.youtube.com/embed/ Frame C6B7 52 KB
22 KB 61ms
61ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

139c8dc658913a591b755ccc6a99bda3ce2c1da7ee36ac945b9a382c3ed0eca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/X9Olvj8jDss?feature=oembed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 May 2021 21:45:30 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Z78rU3rs37s; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=DGHMMm4vn-Y; Domain=.youtube.com; Expires=Tue, 23-Nov-2021 21:45:30 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+735; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1343021819&t=pageview&_s=1&dl=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&ul=en-us&de=UTF-8&dt=An%20Artist%20Inserts%20Her%20Ginger%20Cat%20In%20All%20Of%20The%20Famous%20Paintings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=374385277&gjid=241326480&cid=1497643118.1622151930&tid=UA-153122571-11&_gid=1959807853.1622151930&_r=1&gtm=2ou5q1&z=389590049

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aubtu.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
258 B 70ms
70ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=aubtu.biz&callback=_gfp_s_&client=ca-pub-7002491002409919

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7002491002409919&plah=aubtu.biz&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

083ee6d2f1036f9facc5582267142fc4fa950ebe1657adeb776210a2d3f4d1b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=aubtu.biz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aubtu.biz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD4F 603 B
68 B 406ms
405ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7002491002409919&output=html&h=280&slotname=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&adk=4015790502&adf=3021909456&pi=t.ma~as.aubtu.biz_adx%2Faubtu_&w=336&lmt=1622151930&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930225&bpp=4&bdt=268&idt=225&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=6252834043920&frm=20&pv=2&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HKpSZTCdDt&p=https%3A//aubtu.biz&dtd=248

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7002491002409919&output=html&h=280&slotname=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&adk=4015790502&adf=3021909456&pi=t.ma~as.aubtu.biz_adx%2Faubtu_&w=336&lmt=1622151930&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930225&bpp=4&bdt=268&idt=225&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=6252834043920&frm=20&pv=2&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1040&ady=360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=HKpSZTCdDt&p=https%3A//aubtu.biz&dtd=248
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 May 2021 21:45:30 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-May-2021 22:00:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 21:45:30 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:30 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D4D 399 B
222 B 130ms
129ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4402329642115120&output=html&h=100&slotname=7390156190&adk=3173750309&adf=3215562993&pi=t.ma~as.7390156190&w=320&lmt=1622151930&psa=0&format=320x100&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930266&bpp=2&bdt=310&idt=224&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&correlator=6252834043920&frm=20&pv=2&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yrKDSX86We&p=https%3A//aubtu.biz&dtd=227

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0d250d6054bd22892dd75adb8f3b9f0b3f40445939e3ad39ceb99aa38c1991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4402329642115120&output=html&h=100&slotname=7390156190&adk=3173750309&adf=3215562993&pi=t.ma~as.7390156190&w=320&lmt=1622151930&psa=0&format=320x100&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930266&bpp=2&bdt=310&idt=224&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&correlator=6252834043920&frm=20&pv=2&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yrKDSX86We&p=https%3A//aubtu.biz&dtd=227
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 May 2021 21:45:30 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-May-2021 22:00:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 21:45:30 GMT
cache-control: private

GET
H2 200 source.js Show response
s.vi-serve.com/ 255 KB
58 KB 48ms
47ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vi-serve.com/source.js
Requested by: Host: s.vi-serve.com
URL: https://s.vi-serve.com/tagLoader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: UploadServer /
Resource Hash: fc80dd2f9b853f15d3692d4cd94b16949a9359d009911f3d77f661648593c701

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=Gsa6/Q==, md5=GK4XCk4udmCnF8ZLmkHfWQ==
date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Ux7L-MvJn3JnF2MNs2KWLNwgf3BbRb3WB8Aq6bfMDp9cXZoNqkxs0dm8HY5Nu_GGb2fn_4gfqPPTmPQ8ZSW6WTz9yuRXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58800
x-hw: 1622151930.dop043.lo4.t,1622151930.cds276.lo4.hn,1622151930.cds030.lo4.c
last-modified: Mon, 17 May 2021 13:21:43 GMT
server: UploadServer
etag: "18ae170a4e2e7660a717c64b9a41df59"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
x-goog-generation: 1621257703360237
access-control-allow-origin: *
cache-control: private, max-age=0, max-age=300, must-revalidate
access-control-allow-credentials: false
x-goog-stored-content-length: 261620
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44FB 56 KB
22 KB 681ms
681ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4402329642115120&output=html&h=90&slotname=2329401204&adk=2953745035&adf=1801062927&pi=t.ma~as.2329401204&w=728&lmt=1622151930&psa=0&format=728x90&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930269&bpp=1&bdt=313&idt=231&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&correlator=6252834043920&frm=20&pv=1&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=g9V9DhFl39&p=https%3A//aubtu.biz&dtd=234

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

409237b1874174dc89c33f672a39eb1e2d486f7d846f5d4d9ac77feb80282b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4402329642115120&output=html&h=90&slotname=2329401204&adk=2953745035&adf=1801062927&pi=t.ma~as.2329401204&w=728&lmt=1622151930&psa=0&format=728x90&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930269&bpp=1&bdt=313&idt=231&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&correlator=6252834043920&frm=20&pv=1&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=g9V9DhFl39&p=https%3A//aubtu.biz&dtd=234
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 27 May 2021 21:45:31 GMT
server: cafe
content-length: 22110
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 27-May-2021 22:00:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 21:45:31 GMT
cache-control: private

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
22 KB 477ms
477ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2340078085233420&correlator=962366206441108&output=ldjh&impl=fif&eid=31061311%2C31061327%2C31060413%2C21065724&vrg=2021052501&ptt=17&sc=1&sfv=1-0-38&ecs=20210527&iu_parts=93656639%2Caubtu.biz%2Caubtu.biz_336x280_detail1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1622151930&dt=1622151930540&dlt=1622151929956&idt=554&frm=20&biw=1600&bih=1200&oid=3&adxs=265&adys=506&adks=3502631132&ucis=1&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x280&msz=750x280&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

31b5b8188e3bbd2dd128285dd6f0a9713da79baf61c8293d0a9cf2c8dafb4359

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22955
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aubtu.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 48ms
14ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 920ms
920ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2340078085233420&correlator=962366206441108&output=ldjh&impl=fif&eid=31061311%2C31061327%2C31060413%2C21065724&vrg=2021052501&ptt=17&sc=1&sfv=1-0-38&ecs=20210527&iu_parts=93656639%2Caubtu.biz%2Caubtu.biz_336x280_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1622151930&dt=1622151930547&dlt=1622151929956&idt=554&frm=20&biw=1600&bih=1200&oid=3&adxs=265&adys=1304&adks=739216280&ucis=2&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x280&msz=750x280&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c36e552360dd27644374f1aa62a2bbb1d08d3982f08f0e0c5ab256fbcedfc5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7751
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aubtu.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 84 KB
27 KB 1620ms
1619ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2340078085233420&correlator=962366206441108&output=ldjh&impl=fif&eid=31061311%2C31061327%2C31060413%2C21065724&vrg=2021052501&ptt=17&sc=1&sfv=1-0-38&ecs=20210527&iu_parts=93656639%2Caubtu.biz%2Caubtu.biz_336x280_3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1622151930&dt=1622151930551&dlt=1622151929956&idt=554&frm=20&biw=1600&bih=1200&oid=3&adxs=265&adys=1762&adks=654505750&ucis=3&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x280&msz=750x280&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c501e639f042876982dcda9b053b1cb2d8980f12ae90f0376f147a749bb2973c

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM3IqO3q6vACFcrrdwodoDYOAg&gqi=&layout=/sadbundle/%24csp%253Der3%24/11417214532185088857/336-280/336-280.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM3IqO3q6vACFcrrdwodoDYOAg&gqi=&layout=/sadbundle/%24csp%253Der3%24/11417214532185088857/336-280/336-280.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27133
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 27 May 2021 21:45:32 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aubtu.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 1222ms
1221ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2340078085233420&correlator=962366206441108&output=ldjh&impl=fif&eid=31061311%2C31061327%2C31060413%2C21065724&vrg=2021052501&ptt=17&sc=1&sfv=1-0-38&ecs=20210527&iu_parts=93656639%2Caubtu.biz%2Caubtu.biz_336x280_4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1622151930&dt=1622151930554&dlt=1622151929956&idt=554&frm=20&biw=1600&bih=1200&oid=3&adxs=265&adys=2152&adks=3428542863&ucis=4&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x280&msz=750x280&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=false&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

47e66402d3528e52a4f463140a11dc5b91550f0db13fca8e579c653839082f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8151
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aubtu.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 82 KB
26 KB 2137ms
2136ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2340078085233420&correlator=962366206441108&output=ldjh&impl=fif&eid=31061311%2C31061327%2C31060413%2C21065724&vrg=2021052501&ptt=17&sc=1&sfv=1-0-38&ecs=20210527&iu_parts=93656639%2Caubtu.biz%2Caubtu.biz_336x280_5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1622151930&dt=1622151930557&dlt=1622151929956&idt=554&frm=20&biw=1600&bih=1200&oid=3&adxs=265&adys=5215&adks=1548946882&ucis=5&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x280&msz=750x280&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=false&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2f83c1acd35841625e35918c4410bc6bb8d7f410f11955cad2b327a3407f673f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK69wO3q6vACFRC3dwodLtsHPw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11417214532185088857/336-280/336-280.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CK69wO3q6vACFRC3dwodLtsHPw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11417214532185088857/336-280/336-280.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26885
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 27 May 2021 21:45:32 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aubtu.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
11 KB 2367ms
2366ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2340078085233420&correlator=962366206441108&output=ldjh&impl=fif&eid=31061311%2C31061327%2C31060413%2C21065724&vrg=2021052501&ptt=17&sc=1&sfv=1-0-38&ecs=20210527&iu_parts=93656639%2Caubtu.biz%2Caubtu.biz_res2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1622151930&dt=1622151930561&dlt=1622151929956&idt=554&frm=20&biw=1600&bih=1200&oid=3&adxs=265&adys=13326&adks=3179716085&ucis=6&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x90&msz=750x90&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=false&fws=4&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4c6db79a82864325a3f0f836f8b67736c287b51e02163ac93af23a48c50e3f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11238
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aubtu.biz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
22 KB 2846ms
2845ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2340078085233420&correlator=962366206441108&output=ldjh&impl=fif&eid=31061311%2C31061327%2C31060413%2C21065724&vrg=2021052501&ptt=17&sc=1&sfv=1-0-38&ecs=20210527&iu_parts=93656639%2Caubtu.biz%2Caubtu.biz_300x600_sticky&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&cookie_enabled=1&bc=31&abxe=1&lmt=1622151930&dt=1622151930564&dlt=1622151929956&idt=554&frm=20&biw=1600&bih=1200&oid=3&adxs=1040&adys=666&adks=3622917733&ucis=7&ifi=12&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f5d80f77956546fd342f44c2568d74804703fbbddc975c1a8401c6b055f31666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22290
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aubtu.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/e467278e/ Frame DAC0 356 KB
45 KB 20ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e467278e/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b5fab3b788b3161871e2509cbaaa55f9b73fae0aae0459211269320f11ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 16:47:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 01:32:58 GMT
server: sffe
age: 190701
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46118
x-xss-protection: 0
expires: Wed, 25 May 2022 16:47:09 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/e467278e/www-embed-player.vflset/ Frame DAC0 192 KB
63 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e467278e/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7af5b0f3908ef5196c81bdba087950891681f2158cead3f3de9f072f580e7556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 12:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 01:32:58 GMT
server: sffe
age: 34654
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64803
x-xss-protection: 0
expires: Fri, 27 May 2022 12:07:56 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/ Frame DAC0 2 MB
466 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b072b4759b5545ede303930f6c13f22a76d726fc862fb2ac39896b4e61c108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 16:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 01:32:58 GMT
server: sffe
age: 190725
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476810
x-xss-protection: 0
expires: Wed, 25 May 2022 16:46:45 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e467278e/fetch-polyfill.vflset/ Frame DAC0 8 KB
3 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e467278e/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:29:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 01:32:58 GMT
server: sffe
age: 4556
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 27 May 2022 20:29:34 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DAC0 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 06:54:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 485486
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 22 May 2022 06:54:04 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/e467278e/ Frame C6B7 356 KB
45 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e467278e/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b5fab3b788b3161871e2509cbaaa55f9b73fae0aae0459211269320f11ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 16:47:09 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 01:32:58 GMT
server: sffe
age: 190701
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46118
x-xss-protection: 0
expires: Wed, 25 May 2022 16:47:09 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/e467278e/www-embed-player.vflset/ Frame C6B7 192 KB
63 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e467278e/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7af5b0f3908ef5196c81bdba087950891681f2158cead3f3de9f072f580e7556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 12:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 01:32:58 GMT
server: sffe
age: 34654
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64803
x-xss-protection: 0
expires: Fri, 27 May 2022 12:07:56 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/ Frame C6B7 2 MB
466 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b072b4759b5545ede303930f6c13f22a76d726fc862fb2ac39896b4e61c108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 16:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 01:32:58 GMT
server: sffe
age: 190725
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476810
x-xss-protection: 0
expires: Wed, 25 May 2022 16:46:45 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e467278e/fetch-polyfill.vflset/ Frame C6B7 8 KB
3 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e467278e/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:29:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 01:32:58 GMT
server: sffe
age: 4556
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 27 May 2022 20:29:34 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C6B7 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 06:54:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 485486
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 22 May 2022 06:54:04 GMT

GET
H2 200 850113329001485.js Show response
s.vi-serve.com/publishers/ 998 B
767 B 352ms
50ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vi-serve.com/publishers/850113329001485.js
Requested by: Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: UploadServer /
Resource Hash: e44755283382e266e00e6d22ce683ffe0f4722f322cf137db2643708706d034e

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=f5I5sg==, md5=D/MFetuVEuJ2Cgk5QAMgYQ==
date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Uz9KO4Sev2_juuHUvFcYlv7gYZtUVN6tfhAvJZFEr1fpu_bTssBddX0_CGmpPBomyD9wB6K4hMGfbC8wcmx_iU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 485
x-hw: 1622151930.dop043.lo4.t,1622151930.cds276.lo4.hn,1622151930.cds204.lo4.c
last-modified: Thu, 27 May 2021 10:35:18 GMT
server: UploadServer
etag: "0ff3057adb9512e2760a093940032061"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
x-goog-generation: 1622111718743234
access-control-allow-origin: *
cache-control: private, max-age=0, max-age=300, must-revalidate
access-control-allow-credentials: false
x-goog-stored-content-length: 998
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame DAC0 113 B
161 B 44ms
44ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7637f68bf369ee02f856926de0c80d735bdd2df1271ee56cfa3cc2d3f0d4bba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame DAC0 29 B
91 B 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:41:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 266
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 27 May 2021 21:56:04 GMT

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame C6B7 113 B
161 B 55ms
54ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c1cee699790ee87de9f36a82cbfe76c58acb77bd63691d62fc3c04c605e6c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C6B7 29 B
52 B 15ms
13ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:41:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 266
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 27 May 2021 21:56:04 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/ Frame DAC0 98 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be138567f72e46ea2b9622d43b8b1a33df3996a50eb1397eae716a463535da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 16:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 01:32:58 GMT
server: sffe
age: 190724
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31003
x-xss-protection: 0
expires: Wed, 25 May 2022 16:46:47 GMT

GET
H2 200 9RqR_46y14lOLTgsoa1biLhp441rUfLtAxLiebZ8deA.js Show response
www.google.com/js/th/ Frame DAC0 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/9RqR_46y14lOLTgsoa1biLhp441rUfLtAxLiebZ8deA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f51a91ff8eb2d7894e2d382ca1ad5b88b869e38d6b51f2ed0312e279b67c75e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 07:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13516
x-xss-protection: 0
last-modified: Mon, 17 May 2021 11:30:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 May 2022 07:14:42 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/ Frame DAC0 25 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32bca00e47d0f75c52da52741e92427fa59e4783b1190e52f959a29cf4a21719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 16:47:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 01:32:58 GMT
server: sffe
age: 190700
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7449
x-xss-protection: 0
expires: Wed, 25 May 2022 16:47:11 GMT

GET
DATA 200
OK truncated
/ Frame DAC0 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwngddJf4dFdpbfGiPZ7j6uh7J86H2B1MJAPDuixn=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame DAC0 4 KB
4 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwngddJf4dFdpbfGiPZ7j6uh7J86H2B1MJAPDuixn=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f54058a293064a56829b8e597e4a728a2e034e14afcdf4082bf3670194b7c976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:11:52 GMT
x-content-type-options: nosniff
age: 12819
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3587
x-xss-protection: 0
server: fife
etag: "ve"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 13 May 2021 19:42:38 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/YOT7VmgzzFU/ Frame DAC0 47 KB
47 KB 7ms
7ms Image
image/webp 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/YOT7VmgzzFU/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69a107f89472559b9a1802546df23bfb3125619782fd984a2a8172dd1fb18f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:54:49 GMT
x-content-type-options: nosniff
server: sffe
age: 6642
etag: "1423823603"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47702
x-xss-protection: 0
expires: Thu, 27 May 2021 21:54:49 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/ Frame C6B7 98 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be138567f72e46ea2b9622d43b8b1a33df3996a50eb1397eae716a463535da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 16:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 01:32:58 GMT
server: sffe
age: 190724
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31003
x-xss-protection: 0
expires: Wed, 25 May 2022 16:46:47 GMT

GET
H3-29 200 9RqR_46y14lOLTgsoa1biLhp441rUfLtAxLiebZ8deA.js Show response
www.google.com/js/th/ Frame C6B7 35 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/9RqR_46y14lOLTgsoa1biLhp441rUfLtAxLiebZ8deA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f51a91ff8eb2d7894e2d382ca1ad5b88b869e38d6b51f2ed0312e279b67c75e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 05:11:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:30:00 GMT
server: sffe
age: 146025
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13516
x-xss-protection: 0
expires: Thu, 26 May 2022 05:11:46 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/ Frame C6B7 25 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32bca00e47d0f75c52da52741e92427fa59e4783b1190e52f959a29cf4a21719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 16:47:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 25 May 2021 01:32:58 GMT
server: sffe
age: 190700
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7449
x-xss-protection: 0
expires: Wed, 25 May 2022 16:47:11 GMT

GET
H3-29 200 container.html Show response
bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DFEB 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 27 May 2021 21:45:30 GMT
expires: Fri, 27 May 2022 21:45:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E3A4 6 KB
3 KB 12ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 27 May 2021 21:45:30 GMT
expires: Fri, 27 May 2022 21:45:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C6B7 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 AAUvwngddJf4dFdpbfGiPZ7j6uh7J86H2B1MJAPDuixn=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C6B7 4 KB
4 KB 17ms
15ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwngddJf4dFdpbfGiPZ7j6uh7J86H2B1MJAPDuixn=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f54058a293064a56829b8e597e4a728a2e034e14afcdf4082bf3670194b7c976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:11:52 GMT
x-content-type-options: nosniff
age: 12819
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3587
x-xss-protection: 0
server: fife
etag: "ve"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 13 May 2021 19:42:38 GMT

GET
H3-29 200 maxresdefault.jpg
i.ytimg.com/vi/X9Olvj8jDss/ Frame C6B7 96 KB
96 KB 16ms
14ms Image
image/jpeg 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/X9Olvj8jDss/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83157061139655ccc080500c2f8404f56ba592c5b1b74d27c4fffbfc680aa740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:18:00 GMT
x-content-type-options: nosniff
server: sffe
age: 5251
etag: "1578338608"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98553
x-xss-protection: 0
expires: Thu, 27 May 2021 22:18:00 GMT

GET
H3-29 200 container.html Show response
bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A66D 6 KB
3 KB 9ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 27 May 2021 21:45:30 GMT
expires: Fri, 27 May 2022 21:45:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 850113329001485_aubtu.biz.js Show response
s.vi-serve.com/publishers/ 556 B
632 B 351ms
50ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vi-serve.com/publishers/850113329001485_aubtu.biz.js
Requested by: Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: UploadServer /
Resource Hash: a0dcd898567fb08ee65ac7a92f8624127bcecb9db600dd4e15207a6fba4796b4

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=pUJdsw==, md5=iMY38m++3pWhDexO3P49vQ==
date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UwKIaTy6jsxelVUJUdz4Js1BAANE8eLaQ7i3GDEK_ovezn2zGQ_ntDOJRDiy68-WwDmnHm0Z0jR5j_6ziPVsBk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-hw: 1622151932.dop043.lo4.t,1622151932.cds276.lo4.hn,1622151932.cds091.lo4.c
last-modified: Thu, 20 May 2021 10:33:52 GMT
server: UploadServer
etag: "88c637f26fbede95a10dec4edcfe3dbd"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
x-goog-generation: 1621506832147153
access-control-allow-origin: *
cache-control: private, max-age=0, max-age=300, must-revalidate
access-control-allow-credentials: false
x-goog-stored-content-length: 556
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *

GET
H3-29 200 9115911657349933863
tpc.googlesyndication.com/simgad/ Frame 44FB 17 KB
18 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9115911657349933863?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmm63tpM749bNMPFmneBw3RVxSI0Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4402329642115120&output=html&h=90&slotname=2329401204&adk=2953745035&adf=1801062927&pi=t.ma~as.2329401204&w=728&lmt=1622151930&psa=0&format=728x90&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930269&bpp=1&bdt=313&idt=231&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&correlator=6252834043920&frm=20&pv=1&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=g9V9DhFl39&p=https%3A//aubtu.biz&dtd=234

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b08e5d2c9b489b9a7831d41e2a2c99d87b57d4dbebf0a824279a2123d506125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 05:50:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 May 2021 17:30:12 GMT
server: sffe
age: 489275
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17915
x-xss-protection: 0
expires: Sun, 22 May 2022 05:50:56 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 44FB 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:43:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 44FB 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:25:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44FB 121 KB
37 KB 69ms
55ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:31 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 44FB 13 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:44:54 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 44FB 25 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a656137c96d7c5550298220b3583603d6342a582bb53251bdcc52dace3716d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 11:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10532
x-xss-protection: 0
server: cafe
etag: 13485069350837860933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 11:10:38 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 44FB 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmNec-hKwYPPKH9iHrATo47LADvKontViiq-izJYNg5n0_QgQASC0jpFKYJUCoAHfhLXYAcgBAqkCHKq4J3OGfz6oAwHIA8kEqgTXAU_QBXBkJFt_iuZnuyxXYwaAho2OsFyWHKkhBWwu9OMlm9g9gLfCVF_GMYumOoN7fgICi4Kh1ovuThcSx_TjD37OHUwjnd4b5VU4bewkc3RCVSI4cmPmVAIu8EO111jCfidBd6LabXIqlAFQJpMULyuUCWzBm1AP5Yr7awo_mDqKgbqGIg6AbyMPv4ebolNogBBZZrRdnTOi5F1pQNiBZgh8XT8gAAtrXzCLCzFrFypEEzFeIL9RdOCzwHoRnq2kq5QyszCx6WJ1_eIKG313Wf-JzefzzFx6wASznu-iyQOgBgKAB4n7yqcCqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMXoBdIICQiA4YAQEAEYH4AKAcgLAdgTA9AVAYAXAbIXGgoYCAASFHB1Yi00NDAyMzI5NjQyMTE1MTIw&sigh=imRrltaPUEY

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4402329642115120&output=html&h=90&slotname=2329401204&adk=2953745035&adf=1801062927&pi=t.ma~as.2329401204&w=728&lmt=1622151930&psa=0&format=728x90&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930269&bpp=1&bdt=313&idt=231&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&correlator=6252834043920&frm=20&pv=1&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=g9V9DhFl39&p=https%3A//aubtu.biz&dtd=234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 27 May 2021 21:45:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame DAC0 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:31 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D819 624 B
299 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIisGRD6grHRAhie4dqpATAB&v=APEucNUEUvyQUkwpu_LC-OVeBQ7gWfir3XmWLg84YcByJrwXg2cFwbNlnWX1PBRWV3Aqe8u5cGiy06LLqPmZHd-bf8U30xq3RcxPDey4QRZzSeMhy7oDIjxaP_k9r0pp_K4l6x23yRqMImQIb6J4H_P3cFbsc3O3tN-2eNiUgf9HvaKLw7Bts6c

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CIisGRD6grHRAhie4dqpATAB&v=APEucNUEUvyQUkwpu_LC-OVeBQ7gWfir3XmWLg84YcByJrwXg2cFwbNlnWX1PBRWV3Aqe8u5cGiy06LLqPmZHd-bf8U30xq3RcxPDey4QRZzSeMhy7oDIjxaP_k9r0pp_K4l6x23yRqMImQIb6J4H_P3cFbsc3O3tN-2eNiUgf9HvaKLw7Bts6c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaSRNlmcGzPBhW30XB8KWKqjkL_FSGN_2o5CaPtQ9uMMg2YGKbLddd6PyY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 May 2021 21:45:31 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 21:45:31 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame AEC8 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 20:48:02 GMT

GET
H2 200 4111429408028940226
s0.2mdn.net/simgad/ Frame AEC8 67 KB
67 KB 31ms
7ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4111429408028940226

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd47e4044c504282b3d2ea7893de1aae9e19dd914a42afeac4b46f94f5819eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 10:34:49 GMT
x-content-type-options: nosniff
age: 299442
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68096
x-xss-protection: 0
last-modified: Mon, 17 May 2021 09:10:32 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 May 2022 10:34:49 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame AEC8 6 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 20:56:17 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AEC8 0
575 B 162ms
83ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssC5ZQ36-V-Kt8pIi7PP3LJ4LHxMZ93-r_ruGvBR9h8XIOThEL5YITR7U3QXSr0Uhf0_ZEU-cMa0o6_n9HVJTp5emJo8RV6WzpZK7r3OImfr31BA3uV7Syp321oGbRO7crhY8POkG5BoXBMJRA8Z-NGl6ut57OgLaBNzMCpfuOs8w5Z4mJlUDUvMpKQIlXkho8_2SvFSPTgiG5BXcR_1XxWF5vyI5C8C3Yyq2OMEgjCWk-tHvduxd2qwEfxjhe5bu6VDoBVR7UCtJn4fRmhiwArZQ-1WXa-PS1qJ2SoMW8asUKdkYNcBrlN3x6egwAAFhdRXiM_ySPC7iVZsRxI3KS8PAk7uE38DrQTJECA8jv2LO2B5Bz-NJNjIPb23WzDov3Uqklq8k-TTbKRdWRZhZ4w6mgzf-zOgDHW4l3sJEwNkXpUB8Ik-KnKSSkHfuEwj858t4OGQHGHYalRicrRU8Nt96K17BcLDdSy13BjdWpLns1QGhBHPo05-_E5SSXbBcpLU30q3ekqVrQKn9VIJvVeg5cuCjNG3b4guFnWxGWgWyA4WVCz8ITt7x2EyDAYzmyi3Gdo1QOfhSrSjuJPGvdySSub1HwiCfZS0iOIhnZp8yMF6Nvnw9YOHm_5VKSzj3rDesjVEcf8oOcWALOgdqTATflFJSq7HlJNeALz12KwDCp_BDDuv1Zr39xc9B8qUtpxgsXL07jT52yU66U1x0o7jsCxCio-8v0_wTJn24SfvGRRhc07i8XBaPF67zNQ3bzJWvLjyErB59kZF7yjBHnPQ7ftUNNbFVbG1YiCtbqdrCVYP17EMewRFWOvFoyDzglMOD8j4xQODqzIrOqRGS9LiAHiZUtKIzed6yihxf41XE4PbodrXUUZ2De4-8bWmIk6K0ExMKmfW5jlmkVivywPpjI9H-HBdlQQ4skVHGS02_4FxaCVrX7_f945Fk1tUxwZ8UTYNUX4JJFDKOQGlNHHv8LeVT06z4ZHkpLIrZcSL0mMsykwKSYr9GnNwU5MULqd4hRp8636SF7_YV858rQ0ESYiDkGwvbqXOge5gNnbbyuSNCZnnH_OcZbTHEfnl7RlNlYPtTlARSLaDZdQ_FAPzJcqOqwbtMA23F-2d_bfJP4mS2YB97sBlMLc&sai=AMfl-YRwn-a5nsHlSBcctmqTAljYaUrEbvm5vteoiEc7DtG75QTzz8fsV5NLT7f27-AdcPFCqoC5ruOoIa2bTUlCh9WlU4ex1_7i3WQ_ubPgn8QESvo6EXW_k_y9m8lmxUbpIN8vwQjjt12pBJJHVm7NSIQG_BDo5Fvg3NnbdTxAI1nR6cqeNfAw7IWlz-AcCeJYIn6vf0A-bYojSm1SF0Sdh5vwbD6QWHOdD7Es3J8R8kgtLEh4iY4pj07vGlVqKwGqNIeuKU9QXk6925E5FxbOt1HIF6KCo0QRFx8L2mmIYyM3N0FoJhFR1CcByJ-SLLObl0We2pGTQ84H7j9GqYNFESamAJHeG_Es613DokDbjAkvqtKFQ5ly5DaQ_qsoRFJzgw&sig=Cg0ArKJSzI6a5cu6DmZOEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20210524.32585&adurl=

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 27 May 2021 21:45:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AEC8 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84056
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 22:24:35 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame AEC8 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:25:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEC8 121 KB
37 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:31 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame AEC8 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:44:54 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame AEC8 0
0 18ms
17ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3bUH0ksSe9FSz__ef1-B0RXXmPxmcNzvfRnnYtJr7KIjNJIlApBoBfgBG4qQNhm5j1DP9
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AEC8 42 B
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dn2Zmx3XEfgGVGdfwe4zc7wLdG1a5kfMImtpqi9TTO9WCC0gCMFx2LdkgIP9Snd_HCk7Y1idFrapUn9uviOy45gARETBTkS_ERGKQ7hLVPJG30nMI

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B901 640 B
318 B 19ms
16ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLVtgEQ3bycyAIYqNispAEwAQ&v=APEucNVqA5ijPQwqKBRjFJHgilpz4_tI5F_3cmT6LDhXOlwYz-CVFLCaWbOsaWTxQZ0iCvBOrnR3oWfTPach9vI1xy04MPwJICzzIIWYR9tpdsO-AhWiXEEZwL08boJhXUXNMxLAGxtiq8p6PhbB_l_3IuLIy57ny7PdPLntdfvBypgJ3_1WzRM

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMLVtgEQ3bycyAIYqNispAEwAQ&v=APEucNVqA5ijPQwqKBRjFJHgilpz4_tI5F_3cmT6LDhXOlwYz-CVFLCaWbOsaWTxQZ0iCvBOrnR3oWfTPach9vI1xy04MPwJICzzIIWYR9tpdsO-AhWiXEEZwL08boJhXUXNMxLAGxtiq8p6PhbB_l_3IuLIy57ny7PdPLntdfvBypgJ3_1WzRM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaSRNlmcGzPBhW30XB8KWKqjkL_FSGN_2o5CaPtQ9uMMg2YGKbLddd6PyY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 May 2021 21:45:31 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 21:45:31 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BBDE 59 KB
24 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChPqHoT1lC239NcHQuh75VS0-T6Ilg_KGh47olasBCSg4vdH-p0tQs7Y4S9Q11E56EBNWZYCKz9MqXxtMWTnwskK-BPI7Yt4U4CRlO4tYqfqKJ-leSescRDpiRoTkRlb4i_J2WmIYNa5H4XIUX0b0C-n_7vA&dbm_d=AKAmf-DB9f8SL0EZQ-8wurcrBoc8OdzdTrOov_pHnPKUMTut2G-4_dpZFsnlztz5rkGj7m7b_5z3g3yDLEUpdFYcR-mlBeBD4rfp6G-qHhVlSKARW8qJh7xMKTB7b8AFhhZaC8rQxErMMZ4O-xKkgWgOnPHNxAIu0jwdJdDGlX_Tk0kh3UmjVsPhyy3haINoIHowhakV-vUkzBjs0oUaynDMFCzbCimls6GRdoCOzrDuwfP_i4SVPoZtk4tsEO0fg4QWbG3yOyNmBuM40lrGhwpdv54qvwJuGBbZw4R_Qt93PlY5RZXi8i06jQDswEAdmL33A9LWjqiKOukGRzZbLc5xc99zGxDAw4JgtQBhKY1bSO1MU011J-CQ80t-bP1fckRZ5uiuHp3m99nfHkjD03D58d_hC6cLlhQ6XR-atgvdqCuVMame_z3BXcW1qOP-fwSqtsS7OJuz2d9HHC7tBSYXMDUB4_QxwWLeNQ5k5QPn8zLZ4jrxrCCu1RU7cX0z1E2P8prGms-wFAAXK9bojA-HkbWuCwsADnX7zc-dPH2bTB3eJdbnvM6dor9rS246tkECNVUxckDEmh209cBfB63Fu5zg6_7FIEwlLDvf0sZxj6dpKFaAPAtic4NRBqZk6uRClPXLWxby0SMDh7Ol7TKEU_OIIGLgCo3jTAlDrlv-O-Ah8rEjyVhcUKpF8uVDQeyOT8uFxVEY0e7kCZp4Bfs0qlW59-0bQQDnTHu4qhbkDJAuuoktBDeaDv-SIGtBuOXuUXrdaEl0Zqf0P_9vuYeJKTsRuHREpPk1nfVbRCn29H7hOOPz6mkgcwCqxRW9G9-Fjbf0NYewjF7T3T8xiE1OkQqpPEgWoNd7rreeLGGZpDKrrc1bMcM_t4hgxYTf5fat2p5XmPDYvCHDTpYHkDqNomZz7EHJeLjgZ9E2epCo5ddoDfkbbG52nmtmus4LHbXa9Sy0eXC13DVELaK381kUhzhYK9RUegEzhMLarOsOOglcT2piUqStdPnYtthqMv90ly0gBXNNeiNErN1UmY5w-yZJuRxQT_3h63VxcG32hXlIUZQOYncCrXR_WjAmxVApv7aWZMkaABZIFVvOrRyE6uOv2xyuqt0yNZg2-M6RLiSpTHMe0e02r5IyBcKdkJSLJugm-vaY3d3_QM34sHIEQYGGpesM_jSQE2e72jsMpe3gbtIzMkKJ5lyvsSGuR8SDlzf6tMNksx_1nMX6z2x3dd_qqE86kH7xXsBPC9CLmj_XaPTgbowp_AcHgRfx4c7sp71gpYdBzNvH7nU8Jg51cUV3QFgFOOcNorZMjWS35KPdJrUqmrPLFT2n_OKNqyyKAqWhllx-_vvcTrDTHjixjGF5nUTUUlFGi_nY9mXyF43YrlC-mP_g8rrMAt7tFjXQFIR4vl6nHqoF8-jqGnbGJhzt_Q5FFGCkG75VIMtMcNZ_nxRn8WEYT3Tbw9rgSxtvKfo1x2sXNbIu8ufHhQS6-V3aJcdWE5nrfYElmSXCQDqGm2f4X_70klZDgr1aWPIk_IjyKvyW9LKiSpFVqKriHj9V6s3ZfpI3_mTdf5gkNKbCXrZ9wc7CT16h22KZ56YRlkfXKXNrM0uuxel6d8FJVklwT-vGz2B79pVFFQO4AjPMku0nJahcjr3uLryu8-bw7RHz2aPDLHH3PRZ980UurgDnoCgh11f-W62A9qsbelFXSC2eCfuQuia9zHSr0aAmDZquZOlgkx0WXFT8d0mRiRwO3MXMnD0_fPRYgZ-Raw1wyJPXROMr_ZZ5B2JfC7aJ7t6ZksICHjz9y038o_viL7TG5TzGmPznhO0QCfohL7rUTu9TOwo4H-ydAX7MrCmrjwPERGEkIU6KTBVos4pVKT2s8HUCv6MAK_RiWgUVUUDegbSoocK6CwcmEcNhMekW8JnwoJljCwHDx7zfYwgdRlTZfN6f0XZE4pEvDut_vF1DMZ9oLQnZcGMLsl8BxEDHNIs__ZHWYGmx5D6Bg6TpAqBmTDy0I-Dhv5ekH-EY_IwF_HNe7LmnnqB-RMy0_XUGVJY_0_-UdHSlY0glcQnIIsaFjsiF1yXMZHZo0MQPzsyRPI1k93tgpvjLMJUeTaTDOrNctQ242GyOS57zxY5MKDjYCmBGfDWOWxLUABbHtsumZuco83mfemMn_VTNnjPJyDA91OdD1LxTTlGzYFadNB6ZRshmzdZ-BaIMdX6VjazL0U5VlFIYOq_WEecawad-8jEjQ_NnUY0LaUzDO5hJdhG8cdCm1yGrdprndUdHirMYfeVDZ0F46u_2Lfi3aVlYws3_DTEkPy6i_uXKNyiQoXpCa-iM2klPmI4e1gGUO7MTnI37vzV6jn7AmCNSqVjsRpVRJICMa3YFUdTFtcNlSPMf1BbgVgWWx4p-IlC3wjkFG95yHwVf_UOLAsFa6rVXQhpHbbT5JVYb5fAo_zCF8LUh62OowYh94fDnVNZvb9P8vnjhEdzOS0fyLukbPggtOiKhN7bjqxj5iiMEVkTGv4sQ-sUhw8xthOUgZV1Jt4wtz5r9uYz8sB6jD3bRrmIIqNxXXFcTkgMmQj_08f7Xs6HwBdXO3EULv6wgI8roDzPaz-4Rn-qRTv9vi7Z4krjqZiFhJ_KrGdjdRB71B6nlOuzSguS21l0RMxy63rtYyCc3XcXCmzf9VT99sx0sPgQof93Y6cyI0_g7ZeKy4I8Jmq6T4FOSY2WdHdRTxawzizw_awKXUFaANyMXEGnzDX8U9I56KbT1Uun2Bz_zunFZzTDNd1sH43SmX-is_kwuaZjJpAHnhNrCrBVswEEaddqeUHvI7aucCm-uFLzswn6l_D0xzGB5HbPR5X61XBao4Gsdv0I-NBGuhGp0Hfw7qgcY4GNbBM5cP39BXviqgGFYjnphqzpRGxsJF1R5CUfVNEGbs-K6uypBWx2sA8TPa85jojqm8sLYWVGtR3Ghqk3zQAwQpWAq8SAWzyiYg8SCIAVtiDPDcOAZ0Rih_GqcjpL4Vo-4-7xvl4ApAnwYLX3na6zj53sOB_IeJBILOLSPGh9WDKoA9GW__LVtlT8ZsLRSmQD3eifXGFk-vQHsOz8vHCE40DYJWwcIo65erIWVoeFR32BUp_WV9k-nSWU6OFng-YhiqM3f5nLoXzOeGHzqaX3NU0eYAtQKXQ3GvorjTlR4A2QstqzHfp75Uvrxa03ettJKdYe3&cid=CAASPeRoHnCf11SSSehGWVybgUP6OSZNbE_-4n11vp59mqWOVRGoLL_mMO8W4SH6l0uDwWdANZ2TCe12I_59byQ&rfl=2%2Chttps%253A%252F%252Faubtu.biz%252F%240

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

766c3f5cbcd4d99fba2867ad30c7345ba75be294d5f7ff15c674b500e5cbe2c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24269
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame BBDE 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:25:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBDE 121 KB
37 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:31 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame BBDE 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:44:54 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BBDE 42 B
63 B 44ms
43ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BI5GJ7WIy8vgfY8DSVpUFbem0mRpjKkeHO3L1sci7VBIt0u8F0l-iNIX0u1guylqF7dpSuEyCvhcaI2l2nsWUWS6E3b6FJVrRq0tnNlg0EXq2eWaM

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame DAC0 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?3pmsBw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:32 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C6B7 4 KB
2 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:32 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame C6B7 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?t71zLg
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:32 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D763 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4402329642115120&output=html&h=90&slotname=2329401204&adk=2953745035&adf=1801062927&pi=t.ma~as.2329401204&w=728&lmt=1622151930&psa=0&format=728x90&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930269&bpp=1&bdt=313&idt=231&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&correlator=6252834043920&frm=20&pv=1&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=g9V9DhFl39&p=https%3A//aubtu.biz&dtd=234
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaSRNlmcGzPBhW30XB8KWKqjkL_FSGN_2o5CaPtQ9uMMg2YGKbLddd6PyY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4402329642115120&output=html&h=90&slotname=2329401204&adk=2953745035&adf=1801062927&pi=t.ma~as.2329401204&w=728&lmt=1622151930&psa=0&format=728x90&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930269&bpp=1&bdt=313&idt=231&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&correlator=6252834043920&frm=20&pv=1&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=g9V9DhFl39&p=https%3A//aubtu.biz&dtd=234

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 May 2021 20:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2902
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8304 499 B
334 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQvfqfARi8l9qUATAB&v=APEucNWzI-OJUj9NTkjYciW2hGJQ9dfYKb2W59t-GyjVvJ0rxQZgL_xHNpXEX7kio1Bbh9j48v4KUiwJX0UFkanuAH2X2aQoZHNZ5gJXP-WHsL5pum_89Iq8i9OnI9riMOfgNrF2RjvdgC7kG9ZE3BXNvF6t-9mtSo1PsL8nUibtgA6TqYz6dKA

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMXlgQEQvfqfARi8l9qUATAB&v=APEucNWzI-OJUj9NTkjYciW2hGJQ9dfYKb2W59t-GyjVvJ0rxQZgL_xHNpXEX7kio1Bbh9j48v4KUiwJX0UFkanuAH2X2aQoZHNZ5gJXP-WHsL5pum_89Iq8i9OnI9riMOfgNrF2RjvdgC7kG9ZE3BXNvF6t-9mtSo1PsL8nUibtgA6TqYz6dKA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaSRNlmcGzPBhW30XB8KWKqjkL_FSGN_2o5CaPtQ9uMMg2YGKbLddd6PyY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 May 2021 21:45:32 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4632 58 KB
24 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADUgj9jmmmjjNbMksMReWy4-gUzVpWUdX-y7W-ndUMUwuD0m2ZDteBDWkUCJXvn4PuG_kdqQRLpAifLAaViSyvSwA742caoENva899fFpMw84qMcETi6giv7t3uPuICVtDo2otFVN-BUvynVw3rFTmgtp7fA&dbm_d=AKAmf-DrKPm_TsX9DxFlPYPkBiang-q6MR88bGw0NvWQo25Sj2njmqywchXLMSaFik3Xis8Mcp5Rx_Cz1a_q7lyfCPPOoX1_zxsBg0M_wElUhtdwzy-938Ae-5SyddM19QVOaD3qei9fgcoYJIduu6aTrWIJqzAow8HlDWXbECiJ2Q1AqdDcmNRslHqvID6pgTRr7NpcfyiAyCXBfii9dWcPFAXcMIjr_qERCv1ZWeC7BUm4cLwnMYZ0BszBzuaOeEtw3vSiT2ILAsXQ4hhp0rJ4jCNAqPiwarJgHTK3UB0tyChba_my7gdxY2ENWFPiRH_h6yNTFJaGAK53IpXTKH0dGilvAZI1hdycFA_e_Yj2G_Nbe2npjcLNbS3xmrOH56Q3fsskoDjNmBplsvAp84pGc__QPCqWSr4CRtDWI4jppT0bTUeBPkxNQUnx5c4YtaSsNQm96ga9iI2u_IMpbFv9vN-VZMfaxFoHSxI1RE-exqf1ZB_AAJr-_dl9b7g2IkEUkIWP280rC-6rZC0l4yTW4-5ej2pv6LCTjCu39sepP0SspWfTBVsHE57NCpkZZ55fVceMdyiTcKBVnCw-8wb4PAX2DUqm14qEX_vVP_9wY23iAayG_ujUvatA-U9Ck9wqQ0uTmW1TGpTRiRyv25Bi0odPpvzUoFkGNgnowJPBVbWwrPHGJ-MuywpWiNOaDa-5sHlgRQGBWTVmJXBDzyLSG-fqpS4HyEzGG_TSyvSWzOv2h4wH6ZfGOJJf3mnO7vFNphGrq5bn3R0nNc4kSzxh0_HZ_l3WyXWma0kPCgk18sBoL7K6DmitvgHaq_Jpv_OqlOeU_02xiPxdf9MknEjskHxDjbd843vypPg8w3XfR4E-Pi-xSmJosmdNUibkVNpqctxq1Ze02sXyRx7ThPbkuKvbbCu5PIZ2atHnqz6xLqIOBpj0xST9k0SWYLnMmeLyuauf-R9BHMTmeB4osVlR4wmV00Z48TVvDlBmaP6XgU_GReVAZqVbjMEPFLytNnpeCNxl2-YnqtD6VCctSjRJMlhrudeFGc2F8bUj0K3s3tYSyUyQUbQgb-Dr9QJIGPcfC2QIIWwS_MX4OQYftSzI4vx09K-QGT9O8_0IEImk6XgKn5BDF7BnaXYsz3uyzbtsBPyI0eAYlzkMFqXT9MkEcUotQ6SBsgVpFz3q3Ecoepf187SUAHKO9TPakTuFexUCfWbVldolqqP2gNWvRh57KLJ3MiwARFB1Vi6E0fkEXzpFM3bHdD4elXFu60hiZcr4XcI-IEU3U5BU5KiFGBcuQJzdOKbL3XOHanB0YoPJUV_kvmDkDi0MJV3iBHOB3ZF2qYjonYurT-rRrQtLtTamw3J5OHi_Np8FFdym2O2B0JEkVf-zcaKFh70I6sCHwO3qMyADRqXB-Sry01io6ZMwFQVhSsqQ-EAAe9M6Frindnh2uqr60JocquXGn8g45fVh5EWWeaLxYa1mu5EU1wG8EtT5sintrYb757qUUoGpyF6nWjcUqBcGqUJHe0urX1XnPknBdLGPZxcJ-lvckGVSzW15WGo6lGjqFspI-Em48G_nnjt0mP_26QlzRa18NpArwPj7lZahqI5e4TUl-XWaWywngJMO_mUU-i5YOshA_il0q7p544DXe32rFSMWvUvfI8J2RKyWCyjLY2umunoaHPxolhKMquJ1cpQZDuIm4wd_MXYxaEBEvIwG7GBcy06qM3zY-zDSSxLEVv6bxttbQwDKcsR6AA_qkoGkZT7yx_drxrslYqiZD5LQbPFQxk11K1uNsTYHl3f4QnMY59o2zlATfRFAey32Gv4M7mjj6g2vOHxYNugcTLwSdtTuTnGkbtqxPc02HMZ8TAE7eOa_fU8E57nD-mbNrE3hDB-pWy7YtL0j7VHABXyYty9kwP3Xwu0VvZijx70TMLEmdVzQZv54Jzt-0zim9qvU7ki6cadxaPSOOQcfSSfeYfldk6WZM3HmTGgaebU-mOreREW6wjnSXKHHOHRVFHbtABQCf-wA7dynm0xd276hRS3nIZGWFGN_EkALcW1DJqjZfk6_t9LiCW8DrmdWQVl9VTlr8wy3K99AKM0bWnKCgs-Bh9t0FOuv1AnNJjPX9P0qi0oPfVDpiVbQZrh3VP3eaEDpqw5F1jI7FTUagE9R6l3yySqvfVnSdx5toa5djULK2eIIypMHiMT6_MXSuSu-qA5DKLlfF7J_5Fd5BDmUt5pcRPDXVxDybFLb1vKC69Go5oASwy_TPmpOqk6kcYjMIYytTPtnl9aA4pplpLtxquSDh3W4eNjZgacHD4rv5WtqM58PEXknzIEf4pA74HwpoV0b0yTf4r3AG5Pds6SVjzHz1tWOh8QiVpBwymxQOlNRRB1dlKZGnSnfeAfcccGXCYZ22niPLUckM9A8THzPpW8rYY09aDW0IhhTRy40cyHy4AZzqaa7FZmZrsyVdfcpHFOECSnyFBmxe4WHWn5yGEMgqvE5HGeAKbxZl1d3I9ZYPBr-dq0bUMAh_CBa_UIkBBMIfCUs19h29UOVaJnDStACwmJLshNa0GPLy1A7kIhEvzQAP46AjsNzBXnPflYRo5cWyUyhSSVP_xLponkh5xOB8A4wL01Ht-NWSdpKqlZX21kxfVTeGYWaJloJ80YCpCzbLSPkL6yGizI0oakY4WB00-VgnQdUhqljGiS11yo0piSI3cA4REAmEwk3lJiPsb8cd8m_Y6P0oIq1EZhU7HS7Rf_78T-G2RUzdJg1yPkXM2-4J_GRupmNCzIFAlhPw1xGbciH7Ilb82MgNrPzy-PdnLmOUK0rL1f_IBTswA8kD02DECrmwl6UG_VxwHbkgaurx8dAYYgQMV4wMAWpZOhzR6NSKL3C-f1P34F3gBfcO9CZcrldYo5FGrW7ubP5s3DY1RBk4ipmgA-o5ErBUUICGQnHHregWVcxZEGOdY5Bl-9N5lv-YYF4ITili7rr4jTTkQ5PkUt2tMdD6iw50ea2RBQBoOstzDSXO7gFJJFNWlZ97uqaC0MYTu0_yJfthN_fe_nfM61CzICkO3gZDS3cr4P02i46wtt3a24tdsjv8hTaTIV-HEGTrEc2oYPIzM_L_90qiOEdNM9voqA7LFiUjieQXOvr7yOLWLnpCGP9yTvTZOyMZA8DRL52Cp_IZVPkU-KfgK2T-p4WLd-k3oILtzdjvwvznTVGKdLPJogGnbKV1Bnb5dxbm5ioxt6xwa_NKpGMIP-hXVALJV9swgaKB6wWUojFStKS3VsCK0-AT26koXWOjJZdqCjbrNPC-xBOBZ6UBay8pN0&cid=CAASPeRoIDwxJu5l3i5R1B93Tw7fYSL1focV6pJ04BG1VozBj86IZRRcX9SnUmYX9kOjz6LbW3bZUFD0WjXiwl0&rfl=2%2Chttps%253A%252F%252Faubtu.biz%252F%240

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ae5900a96fbc8d58ab39545174c767f4d897ac58fc1397f4ca780756bddc303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 4632 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:25:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4632 121 KB
37 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 4632 13 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:44:54 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4632 42 B
63 B 45ms
44ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AO8dliV-piBJHow3See3w3bVFrGwubHiKoY_uhD5QUGR6patYy5iFhReV7Y4xCNLeppWBEm21xwOAM7nxyNEJ_qR309gA9wKzAloC_VGDjG9JNwxE

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 44FB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9349f4c54faf880afc1330faaa54e545021524395d144bd0fd2f31cf9584505

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame BBDE 176 KB
61 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 15:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21567
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62241
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 May 2021 15:46:05 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame BBDE 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChPqHoT1lC239NcHQuh75VS0-T6Ilg_KGh47olasBCSg4vdH-p0tQs7Y4S9Q11E56EBNWZYCKz9MqXxtMWTnwskK-BPI7Yt4U4CRlO4tYqfqKJ-leSescRDpiRoTkRlb4i_J2WmIYNa5H4XIUX0b0C-n_7vA&dbm_d=AKAmf-DB9f8SL0EZQ-8wurcrBoc8OdzdTrOov_pHnPKUMTut2G-4_dpZFsnlztz5rkGj7m7b_5z3g3yDLEUpdFYcR-mlBeBD4rfp6G-qHhVlSKARW8qJh7xMKTB7b8AFhhZaC8rQxErMMZ4O-xKkgWgOnPHNxAIu0jwdJdDGlX_Tk0kh3UmjVsPhyy3haINoIHowhakV-vUkzBjs0oUaynDMFCzbCimls6GRdoCOzrDuwfP_i4SVPoZtk4tsEO0fg4QWbG3yOyNmBuM40lrGhwpdv54qvwJuGBbZw4R_Qt93PlY5RZXi8i06jQDswEAdmL33A9LWjqiKOukGRzZbLc5xc99zGxDAw4JgtQBhKY1bSO1MU011J-CQ80t-bP1fckRZ5uiuHp3m99nfHkjD03D58d_hC6cLlhQ6XR-atgvdqCuVMame_z3BXcW1qOP-fwSqtsS7OJuz2d9HHC7tBSYXMDUB4_QxwWLeNQ5k5QPn8zLZ4jrxrCCu1RU7cX0z1E2P8prGms-wFAAXK9bojA-HkbWuCwsADnX7zc-dPH2bTB3eJdbnvM6dor9rS246tkECNVUxckDEmh209cBfB63Fu5zg6_7FIEwlLDvf0sZxj6dpKFaAPAtic4NRBqZk6uRClPXLWxby0SMDh7Ol7TKEU_OIIGLgCo3jTAlDrlv-O-Ah8rEjyVhcUKpF8uVDQeyOT8uFxVEY0e7kCZp4Bfs0qlW59-0bQQDnTHu4qhbkDJAuuoktBDeaDv-SIGtBuOXuUXrdaEl0Zqf0P_9vuYeJKTsRuHREpPk1nfVbRCn29H7hOOPz6mkgcwCqxRW9G9-Fjbf0NYewjF7T3T8xiE1OkQqpPEgWoNd7rreeLGGZpDKrrc1bMcM_t4hgxYTf5fat2p5XmPDYvCHDTpYHkDqNomZz7EHJeLjgZ9E2epCo5ddoDfkbbG52nmtmus4LHbXa9Sy0eXC13DVELaK381kUhzhYK9RUegEzhMLarOsOOglcT2piUqStdPnYtthqMv90ly0gBXNNeiNErN1UmY5w-yZJuRxQT_3h63VxcG32hXlIUZQOYncCrXR_WjAmxVApv7aWZMkaABZIFVvOrRyE6uOv2xyuqt0yNZg2-M6RLiSpTHMe0e02r5IyBcKdkJSLJugm-vaY3d3_QM34sHIEQYGGpesM_jSQE2e72jsMpe3gbtIzMkKJ5lyvsSGuR8SDlzf6tMNksx_1nMX6z2x3dd_qqE86kH7xXsBPC9CLmj_XaPTgbowp_AcHgRfx4c7sp71gpYdBzNvH7nU8Jg51cUV3QFgFOOcNorZMjWS35KPdJrUqmrPLFT2n_OKNqyyKAqWhllx-_vvcTrDTHjixjGF5nUTUUlFGi_nY9mXyF43YrlC-mP_g8rrMAt7tFjXQFIR4vl6nHqoF8-jqGnbGJhzt_Q5FFGCkG75VIMtMcNZ_nxRn8WEYT3Tbw9rgSxtvKfo1x2sXNbIu8ufHhQS6-V3aJcdWE5nrfYElmSXCQDqGm2f4X_70klZDgr1aWPIk_IjyKvyW9LKiSpFVqKriHj9V6s3ZfpI3_mTdf5gkNKbCXrZ9wc7CT16h22KZ56YRlkfXKXNrM0uuxel6d8FJVklwT-vGz2B79pVFFQO4AjPMku0nJahcjr3uLryu8-bw7RHz2aPDLHH3PRZ980UurgDnoCgh11f-W62A9qsbelFXSC2eCfuQuia9zHSr0aAmDZquZOlgkx0WXFT8d0mRiRwO3MXMnD0_fPRYgZ-Raw1wyJPXROMr_ZZ5B2JfC7aJ7t6ZksICHjz9y038o_viL7TG5TzGmPznhO0QCfohL7rUTu9TOwo4H-ydAX7MrCmrjwPERGEkIU6KTBVos4pVKT2s8HUCv6MAK_RiWgUVUUDegbSoocK6CwcmEcNhMekW8JnwoJljCwHDx7zfYwgdRlTZfN6f0XZE4pEvDut_vF1DMZ9oLQnZcGMLsl8BxEDHNIs__ZHWYGmx5D6Bg6TpAqBmTDy0I-Dhv5ekH-EY_IwF_HNe7LmnnqB-RMy0_XUGVJY_0_-UdHSlY0glcQnIIsaFjsiF1yXMZHZo0MQPzsyRPI1k93tgpvjLMJUeTaTDOrNctQ242GyOS57zxY5MKDjYCmBGfDWOWxLUABbHtsumZuco83mfemMn_VTNnjPJyDA91OdD1LxTTlGzYFadNB6ZRshmzdZ-BaIMdX6VjazL0U5VlFIYOq_WEecawad-8jEjQ_NnUY0LaUzDO5hJdhG8cdCm1yGrdprndUdHirMYfeVDZ0F46u_2Lfi3aVlYws3_DTEkPy6i_uXKNyiQoXpCa-iM2klPmI4e1gGUO7MTnI37vzV6jn7AmCNSqVjsRpVRJICMa3YFUdTFtcNlSPMf1BbgVgWWx4p-IlC3wjkFG95yHwVf_UOLAsFa6rVXQhpHbbT5JVYb5fAo_zCF8LUh62OowYh94fDnVNZvb9P8vnjhEdzOS0fyLukbPggtOiKhN7bjqxj5iiMEVkTGv4sQ-sUhw8xthOUgZV1Jt4wtz5r9uYz8sB6jD3bRrmIIqNxXXFcTkgMmQj_08f7Xs6HwBdXO3EULv6wgI8roDzPaz-4Rn-qRTv9vi7Z4krjqZiFhJ_KrGdjdRB71B6nlOuzSguS21l0RMxy63rtYyCc3XcXCmzf9VT99sx0sPgQof93Y6cyI0_g7ZeKy4I8Jmq6T4FOSY2WdHdRTxawzizw_awKXUFaANyMXEGnzDX8U9I56KbT1Uun2Bz_zunFZzTDNd1sH43SmX-is_kwuaZjJpAHnhNrCrBVswEEaddqeUHvI7aucCm-uFLzswn6l_D0xzGB5HbPR5X61XBao4Gsdv0I-NBGuhGp0Hfw7qgcY4GNbBM5cP39BXviqgGFYjnphqzpRGxsJF1R5CUfVNEGbs-K6uypBWx2sA8TPa85jojqm8sLYWVGtR3Ghqk3zQAwQpWAq8SAWzyiYg8SCIAVtiDPDcOAZ0Rih_GqcjpL4Vo-4-7xvl4ApAnwYLX3na6zj53sOB_IeJBILOLSPGh9WDKoA9GW__LVtlT8ZsLRSmQD3eifXGFk-vQHsOz8vHCE40DYJWwcIo65erIWVoeFR32BUp_WV9k-nSWU6OFng-YhiqM3f5nLoXzOeGHzqaX3NU0eYAtQKXQ3GvorjTlR4A2QstqzHfp75Uvrxa03ettJKdYe3&cid=CAASPeRoHnCf11SSSehGWVybgUP6OSZNbE_-4n11vp59mqWOVRGoLL_mMO8W4SH6l0uDwWdANZ2TCe12I_59byQ&rfl=2%2Chttps%253A%252F%252Faubtu.biz%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:42:45 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame BBDE 22 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8609
x-xss-protection: 0
server: cafe
etag: 7365582700020686358
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:33:57 GMT

GET
DATA 200
OK truncated
/ Frame AEC8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30b1f89fe424a9bdc9c520692eaff3c9793f60ed4003218d74f3dc7bd5c9b6fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame ED8D 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 26 May 2021 22:24:35 GMT
expires: Thu, 26 May 2022 22:24:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 84057
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame AEC8 0
23 B 119ms
77ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D819
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjv9eBuE_UIr_MvsU25Rj4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjv9eBuE_UIr_MvsU25Rj4&google_cver=1&C=1

43 B
1014 B

53ms
53ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjv9eBuE_UIr_MvsU25Rj4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIisGRD6grHRAhie4dqpATAB&v=APEucNUEUvyQUkwpu_LC-OVeBQ7gWfir3XmWLg84YcByJrwXg2cFwbNlnWX1PBRWV3Aqe8u5cGiy06LLqPmZHd-bf8U30xq3RcxPDey4QRZzSeMhy7oDIjxaP_k9r0pp_K4l6x23yRqMImQIb6J4H_P3cFbsc3O3tN-2eNiUgf9HvaKLw7Bts6c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 21:45:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 27 May 2021 21:45:32 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 May 2021 21:45:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjv9eBuE_UIr_MvsU25Rj4&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 27 May 2021 21:45:32 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D819
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLAS-IrGOfC0GH1UsKJaMAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjv9eBuE_UIr_MvsU25Rj4&google_cver=1

43 B
894 B

53ms
53ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjv9eBuE_UIr_MvsU25Rj4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIisGRD6grHRAhie4dqpATAB&v=APEucNUEUvyQUkwpu_LC-OVeBQ7gWfir3XmWLg84YcByJrwXg2cFwbNlnWX1PBRWV3Aqe8u5cGiy06LLqPmZHd-bf8U30xq3RcxPDey4QRZzSeMhy7oDIjxaP_k9r0pp_K4l6x23yRqMImQIb6J4H_P3cFbsc3O3tN-2eNiUgf9HvaKLw7Bts6c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 21:45:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 27 May 2021 21:45:32 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjv9eBuE_UIr_MvsU25Rj4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D819
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAyWc8y2MlghCPzJrn7sRC8&google_cver=1

43 B
1 KB

75ms
59ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAyWc8y2MlghCPzJrn7sRC8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIisGRD6grHRAhie4dqpATAB&v=APEucNUEUvyQUkwpu_LC-OVeBQ7gWfir3XmWLg84YcByJrwXg2cFwbNlnWX1PBRWV3Aqe8u5cGiy06LLqPmZHd-bf8U30xq3RcxPDey4QRZzSeMhy7oDIjxaP_k9r0pp_K4l6x23yRqMImQIb6J4H_P3cFbsc3O3tN-2eNiUgf9HvaKLw7Bts6c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 21:45:32 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.44:80
AN-X-Request-Uuid: 69c0bb4e-6418-4256-9aca-22011cc19728
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAyWc8y2MlghCPzJrn7sRC8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D819
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1OTk2MjczMjUwMjIzMzkwNA%3D%3D

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1OTk2MjczMjUwMjIzMzkwNA%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 May 2021 21:45:32 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.181:80
AN-X-Request-Uuid: 94c36231-dbf0-4b00-8fa4-5266b85d5e76
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM1OTk2MjczMjUwMjIzMzkwNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 4632 111 KB
38 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 15:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21041
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 May 2021 15:54:51 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame 4632 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADUgj9jmmmjjNbMksMReWy4-gUzVpWUdX-y7W-ndUMUwuD0m2ZDteBDWkUCJXvn4PuG_kdqQRLpAifLAaViSyvSwA742caoENva899fFpMw84qMcETi6giv7t3uPuICVtDo2otFVN-BUvynVw3rFTmgtp7fA&dbm_d=AKAmf-DrKPm_TsX9DxFlPYPkBiang-q6MR88bGw0NvWQo25Sj2njmqywchXLMSaFik3Xis8Mcp5Rx_Cz1a_q7lyfCPPOoX1_zxsBg0M_wElUhtdwzy-938Ae-5SyddM19QVOaD3qei9fgcoYJIduu6aTrWIJqzAow8HlDWXbECiJ2Q1AqdDcmNRslHqvID6pgTRr7NpcfyiAyCXBfii9dWcPFAXcMIjr_qERCv1ZWeC7BUm4cLwnMYZ0BszBzuaOeEtw3vSiT2ILAsXQ4hhp0rJ4jCNAqPiwarJgHTK3UB0tyChba_my7gdxY2ENWFPiRH_h6yNTFJaGAK53IpXTKH0dGilvAZI1hdycFA_e_Yj2G_Nbe2npjcLNbS3xmrOH56Q3fsskoDjNmBplsvAp84pGc__QPCqWSr4CRtDWI4jppT0bTUeBPkxNQUnx5c4YtaSsNQm96ga9iI2u_IMpbFv9vN-VZMfaxFoHSxI1RE-exqf1ZB_AAJr-_dl9b7g2IkEUkIWP280rC-6rZC0l4yTW4-5ej2pv6LCTjCu39sepP0SspWfTBVsHE57NCpkZZ55fVceMdyiTcKBVnCw-8wb4PAX2DUqm14qEX_vVP_9wY23iAayG_ujUvatA-U9Ck9wqQ0uTmW1TGpTRiRyv25Bi0odPpvzUoFkGNgnowJPBVbWwrPHGJ-MuywpWiNOaDa-5sHlgRQGBWTVmJXBDzyLSG-fqpS4HyEzGG_TSyvSWzOv2h4wH6ZfGOJJf3mnO7vFNphGrq5bn3R0nNc4kSzxh0_HZ_l3WyXWma0kPCgk18sBoL7K6DmitvgHaq_Jpv_OqlOeU_02xiPxdf9MknEjskHxDjbd843vypPg8w3XfR4E-Pi-xSmJosmdNUibkVNpqctxq1Ze02sXyRx7ThPbkuKvbbCu5PIZ2atHnqz6xLqIOBpj0xST9k0SWYLnMmeLyuauf-R9BHMTmeB4osVlR4wmV00Z48TVvDlBmaP6XgU_GReVAZqVbjMEPFLytNnpeCNxl2-YnqtD6VCctSjRJMlhrudeFGc2F8bUj0K3s3tYSyUyQUbQgb-Dr9QJIGPcfC2QIIWwS_MX4OQYftSzI4vx09K-QGT9O8_0IEImk6XgKn5BDF7BnaXYsz3uyzbtsBPyI0eAYlzkMFqXT9MkEcUotQ6SBsgVpFz3q3Ecoepf187SUAHKO9TPakTuFexUCfWbVldolqqP2gNWvRh57KLJ3MiwARFB1Vi6E0fkEXzpFM3bHdD4elXFu60hiZcr4XcI-IEU3U5BU5KiFGBcuQJzdOKbL3XOHanB0YoPJUV_kvmDkDi0MJV3iBHOB3ZF2qYjonYurT-rRrQtLtTamw3J5OHi_Np8FFdym2O2B0JEkVf-zcaKFh70I6sCHwO3qMyADRqXB-Sry01io6ZMwFQVhSsqQ-EAAe9M6Frindnh2uqr60JocquXGn8g45fVh5EWWeaLxYa1mu5EU1wG8EtT5sintrYb757qUUoGpyF6nWjcUqBcGqUJHe0urX1XnPknBdLGPZxcJ-lvckGVSzW15WGo6lGjqFspI-Em48G_nnjt0mP_26QlzRa18NpArwPj7lZahqI5e4TUl-XWaWywngJMO_mUU-i5YOshA_il0q7p544DXe32rFSMWvUvfI8J2RKyWCyjLY2umunoaHPxolhKMquJ1cpQZDuIm4wd_MXYxaEBEvIwG7GBcy06qM3zY-zDSSxLEVv6bxttbQwDKcsR6AA_qkoGkZT7yx_drxrslYqiZD5LQbPFQxk11K1uNsTYHl3f4QnMY59o2zlATfRFAey32Gv4M7mjj6g2vOHxYNugcTLwSdtTuTnGkbtqxPc02HMZ8TAE7eOa_fU8E57nD-mbNrE3hDB-pWy7YtL0j7VHABXyYty9kwP3Xwu0VvZijx70TMLEmdVzQZv54Jzt-0zim9qvU7ki6cadxaPSOOQcfSSfeYfldk6WZM3HmTGgaebU-mOreREW6wjnSXKHHOHRVFHbtABQCf-wA7dynm0xd276hRS3nIZGWFGN_EkALcW1DJqjZfk6_t9LiCW8DrmdWQVl9VTlr8wy3K99AKM0bWnKCgs-Bh9t0FOuv1AnNJjPX9P0qi0oPfVDpiVbQZrh3VP3eaEDpqw5F1jI7FTUagE9R6l3yySqvfVnSdx5toa5djULK2eIIypMHiMT6_MXSuSu-qA5DKLlfF7J_5Fd5BDmUt5pcRPDXVxDybFLb1vKC69Go5oASwy_TPmpOqk6kcYjMIYytTPtnl9aA4pplpLtxquSDh3W4eNjZgacHD4rv5WtqM58PEXknzIEf4pA74HwpoV0b0yTf4r3AG5Pds6SVjzHz1tWOh8QiVpBwymxQOlNRRB1dlKZGnSnfeAfcccGXCYZ22niPLUckM9A8THzPpW8rYY09aDW0IhhTRy40cyHy4AZzqaa7FZmZrsyVdfcpHFOECSnyFBmxe4WHWn5yGEMgqvE5HGeAKbxZl1d3I9ZYPBr-dq0bUMAh_CBa_UIkBBMIfCUs19h29UOVaJnDStACwmJLshNa0GPLy1A7kIhEvzQAP46AjsNzBXnPflYRo5cWyUyhSSVP_xLponkh5xOB8A4wL01Ht-NWSdpKqlZX21kxfVTeGYWaJloJ80YCpCzbLSPkL6yGizI0oakY4WB00-VgnQdUhqljGiS11yo0piSI3cA4REAmEwk3lJiPsb8cd8m_Y6P0oIq1EZhU7HS7Rf_78T-G2RUzdJg1yPkXM2-4J_GRupmNCzIFAlhPw1xGbciH7Ilb82MgNrPzy-PdnLmOUK0rL1f_IBTswA8kD02DECrmwl6UG_VxwHbkgaurx8dAYYgQMV4wMAWpZOhzR6NSKL3C-f1P34F3gBfcO9CZcrldYo5FGrW7ubP5s3DY1RBk4ipmgA-o5ErBUUICGQnHHregWVcxZEGOdY5Bl-9N5lv-YYF4ITili7rr4jTTkQ5PkUt2tMdD6iw50ea2RBQBoOstzDSXO7gFJJFNWlZ97uqaC0MYTu0_yJfthN_fe_nfM61CzICkO3gZDS3cr4P02i46wtt3a24tdsjv8hTaTIV-HEGTrEc2oYPIzM_L_90qiOEdNM9voqA7LFiUjieQXOvr7yOLWLnpCGP9yTvTZOyMZA8DRL52Cp_IZVPkU-KfgK2T-p4WLd-k3oILtzdjvwvznTVGKdLPJogGnbKV1Bnb5dxbm5ioxt6xwa_NKpGMIP-hXVALJV9swgaKB6wWUojFStKS3VsCK0-AT26koXWOjJZdqCjbrNPC-xBOBZ6UBay8pN0&cid=CAASPeRoIDwxJu5l3i5R1B93Tw7fYSL1focV6pJ04BG1VozBj86IZRRcX9SnUmYX9kOjz6LbW3bZUFD0WjXiwl0&rfl=2%2Chttps%253A%252F%252Faubtu.biz%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:42:45 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 4632 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8609
x-xss-protection: 0
server: cafe
etag: 7365582700020686358
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:33:57 GMT

GET
H3-29 200 container.html Show response
bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0271 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 27 May 2021 21:45:30 GMT
expires: Fri, 27 May 2022 21:45:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B901
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKsv_0DJa-79ilNQcLr5Vgs&google_cver=1

43 B
180 B

49ms
48ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKsv_0DJa-79ilNQcLr5Vgs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLVtgEQ3bycyAIYqNispAEwAQ&v=APEucNVqA5ijPQwqKBRjFJHgilpz4_tI5F_3cmT6LDhXOlwYz-CVFLCaWbOsaWTxQZ0iCvBOrnR3oWfTPach9vI1xy04MPwJICzzIIWYR9tpdsO-AhWiXEEZwL08boJhXUXNMxLAGxtiq8p6PhbB_l_3IuLIy57ny7PdPLntdfvBypgJ3_1WzRM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:32 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKsv_0DJa-79ilNQcLr5Vgs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B901
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTljNzM2NmQtZTBmMS0yMmU5LWU5N2EtNDNlMTVlYmFhZGMz

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTljNzM2NmQtZTBmMS0yMmU5LWU5N2EtNDNlMTVlYmFhZGMz

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLVtgEQ3bycyAIYqNispAEwAQ&v=APEucNVqA5ijPQwqKBRjFJHgilpz4_tI5F_3cmT6LDhXOlwYz-CVFLCaWbOsaWTxQZ0iCvBOrnR3oWfTPach9vI1xy04MPwJICzzIIWYR9tpdsO-AhWiXEEZwL08boJhXUXNMxLAGxtiq8p6PhbB_l_3IuLIy57ny7PdPLntdfvBypgJ3_1WzRM

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTljNzM2NmQtZTBmMS0yMmU5LWU5N2EtNDNlMTVlYmFhZGMz
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame B901
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEI0OLAjo5M7YBABo2-qzIH8&google_cver=1

23 B
172 B

87ms
86ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEI0OLAjo5M7YBABo2-qzIH8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMLVtgEQ3bycyAIYqNispAEwAQ&v=APEucNVqA5ijPQwqKBRjFJHgilpz4_tI5F_3cmT6LDhXOlwYz-CVFLCaWbOsaWTxQZ0iCvBOrnR3oWfTPach9vI1xy04MPwJICzzIIWYR9tpdsO-AhWiXEEZwL08boJhXUXNMxLAGxtiq8p6PhbB_l_3IuLIy57ny7PdPLntdfvBypgJ3_1WzRM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:32 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 27 May 2021 21:45:32 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEI0OLAjo5M7YBABo2-qzIH8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B901
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjRkMjhiZDA1MDUyMjIzN2I5ZjFiMTRmZTBhYzEwYzExZDJmODdhNA==

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjRkMjhiZDA1MDUyMjIzN2I5ZjFiMTRmZTBhYzEwYzExZDJmODdhNA==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:32 GMT
server: akka-http/10.2.3
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjRkMjhiZDA1MDUyMjIzN2I5ZjFiMTRmZTBhYzEwYzExZDJmODdhNA==
cache-control: max-age=0, no-cache, no-store
content-length: 197
expires: Thu, 27 May 2021 21:45:32 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BBDE 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84057
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 22:24:35 GMT

GET
DATA 200
OK truncated
/ Frame BBDE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c97ea03fdd186d1f196a4811fbe0119620f7b21bcc8eb4da587300e4bc5b2e22

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 8304
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGAgeeND8etkJopSuF1slCw&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGAgeeND8etkJopSuF1slCw&google_cver=1&__user_check__=1&sync_id=dca40d80-bf34-11eb-bfe2-1ab0ad8d0406

43 B
549 B

51ms
51ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEGAgeeND8etkJopSuF1slCw&google_cver=1&__user_check__=1&sync_id=dca40d80-bf34-11eb-bfe2-1ab0ad8d0406
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQvfqfARi8l9qUATAB&v=APEucNWzI-OJUj9NTkjYciW2hGJQ9dfYKb2W59t-GyjVvJ0rxQZgL_xHNpXEX7kio1Bbh9j48v4KUiwJX0UFkanuAH2X2aQoZHNZ5gJXP-WHsL5pum_89Iq8i9OnI9riMOfgNrF2RjvdgC7kG9ZE3BXNvF6t-9mtSo1PsL8nUibtgA6TqYz6dKA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 21:45:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 104
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 27 May 2021 21:45:32 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEGAgeeND8etkJopSuF1slCw&google_cver=1&__user_check__=1&sync_id=dca40d80-bf34-11eb-bfe2-1ab0ad8d0406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 105
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8304
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGM5OTQxODAtYmYzNC0xMWViLTgzYzItMWQyMWI5ZWIwMjA2

170 B
188 B

44ms
43ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGM5OTQxODAtYmYzNC0xMWViLTgzYzItMWQyMWI5ZWIwMjA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQvfqfARi8l9qUATAB&v=APEucNWzI-OJUj9NTkjYciW2hGJQ9dfYKb2W59t-GyjVvJ0rxQZgL_xHNpXEX7kio1Bbh9j48v4KUiwJX0UFkanuAH2X2aQoZHNZ5gJXP-WHsL5pum_89Iq8i9OnI9riMOfgNrF2RjvdgC7kG9ZE3BXNvF6t-9mtSo1PsL8nUibtgA6TqYz6dKA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 27 May 2021 21:45:32 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZGM5OTQxODAtYmYzNC0xMWViLTgzYzItMWQyMWI5ZWIwMjA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 74
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 8304 0
446 B 22ms
6ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:32 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ 63 KB
21 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbc50a705dc4c90953d04a253a68cdcf04c621986c4713413c3706c909a7561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "885 / 471 of 1000 / last-modified: 1622114387"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21551
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:32 GMT

GET
H/1.1 204
No Content /
t.vi-serve.com/ 0
110 B 248ms
60ms Image
text/plain 54.154.115.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.vi-serve.com/?event=DISP_C_REQUEST&page_url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&pub_id=850113329001485&channel_id=l8lqqsa9v&placement_id=plt1UNC9ibFYiBzbuyX&ad_unit_type=2&session_id=a7rzbgur2dxu&focus=true&player=playerVI&pageLanguage=en-us&placement_w=750&placement_h=0&time_delta=3356&position_on_page=5&playlist_pos=1&mobile=false&floating=false&nv_video_id=3tza13MByJmLcwxnZY8-&nv_source_id=922&nv_feed_id=1640&in_view=false&cb=efcd
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.115.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-115-239.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 27 May 2021 21:45:32 GMT
Server: nginx/1.15.8

GET
H/1.1 204
No Content /
t.vi-serve.com/ 0
110 B 250ms
60ms Image
text/plain 54.154.115.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.vi-serve.com/?event=PLACEMENT&page_url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&pub_id=850113329001485&channel_id=l8lqqsa9v&placement_id=plt1UNC9ibFYiBzbuyX&ad_unit_type=2&session_id=a7rzbgur2dxu&focus=true&player=playerVI&pageLanguage=en-us&placement_w=750&placement_h=0&time_delta=3358&position_on_page=5&playlist_pos=1&mobile=false&floating=false&in_view=false&cb=61ac
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.115.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-115-239.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 27 May 2021 21:45:32 GMT
Server: nginx/1.15.8

GET
H/1.1 204
No Content log
pixel.inforsea.com/server/ 0
110 B 244ms
59ms Image
text/plain 54.217.85.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.inforsea.com/server/log?event=p&dim1=3358&session_id=a7rzbgur2dxu&affiliate_id=l8lqqsa9v&domainapp=aubtu.biz&width=750&height=422&visible=0&publisher_id=850113329001485&cb=e0d9
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.85.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-85-43.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 27 May 2021 21:45:32 GMT
Server: nginx/1.15.8

GET
H/1.1 200
OK player.js Show response
player.inforsea.com/ 566 KB
169 KB 203ms
46ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://player.inforsea.com/player.js
Requested by: Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: UploadServer /
Resource Hash: d47651029782d305693922cd96ea7667f3e1f604084df731e2ba8b70f45688e1

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tOpy4w==, md5=fbqWmKR0cLlMz4CxrcAFCg==
Date: Thu, 27 May 2021 21:45:32 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ABg5-UyUcW4zkPiGyqT662q_VRoK_quHN1uetr1LRvaPgbDxUm50CVN0RTEZSqoJOSith9BonBrY5-WHwCOM0dFAYf8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 172217
Last-Modified: Wed, 26 May 2021 13:38:35 GMT
Server: UploadServer
ETag: "7dba9698a47470b94ccf80b1adc0050a"
X-HW: 1622151932.dop039.lo4.t,1622151932.cds039.lo4.shn,1622151932.cds039.lo4.c
x-goog-generation: 1622036315752687
Cache-Control: private, max-age=0
x-goog-stored-content-length: 579849
Accept-Ranges: bytes
Content-Type: application/javascript

GET
H2 200 integrator.js Show response
adservice.google.cz/adsid/ 107 B
799 B 40ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.cz/adsid/integrator.js?domain=aubtu.biz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aubtu.biz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 468 B
272 B 125ms
124ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2340078085233420&correlator=962366206441108&output=ldjh&impl=fif&eid=31061311%2C31061327%2C31060413%2C21065724&vrg=2021052501&ptt=17&sc=1&sfv=1-0-38&ecs=20210527&iu_parts=21708299310%2Cca-pub-5617098146054077-tag%2C850113329001485display&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie=ID%3D925c5e895789e658-2292416a29c80095%3AT%3D1622151930%3AS%3DALNI_Mbw7Tt4qq7j-xEpmhX0pUvOyeY66A&bc=31&abxe=1&lmt=1622151932&dt=1622151932364&dlt=1622151929956&idt=554&frm=20&biw=1600&bih=1200&oid=3&adxs=490&adys=1059&adks=3827261324&ucis=8&ifi=13&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&vis=1&dmc=8&scr_x=0&scr_y=0&psz=750x250&msz=300x-1&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ed41bf95d185f3d5292a9d1ad8100a3419a58a951dc6d46305afffaadb238845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://aubtu.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/ Frame AFA8 178 KB
34 KB 29ms
14ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/index.html?e=69&leftOffset=0&topOffset=0&c=kAQ4CpmsXR&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d28ad7b82ed50b7931381a2e3ad50cbca92537b4127d6af6e9f75206a2b7e225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61774478/20210506135604241/index.html?e=69&leftOffset=0&topOffset=0&c=kAQ4CpmsXR&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34818
date: Thu, 27 May 2021 21:45:32 GMT
expires: Fri, 28 May 2021 21:45:32 GMT
cache-control: public, max-age=86400
last-modified: Thu, 06 May 2021 20:56:04 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame BBDE 0
24 B 84ms
84ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEmGzwIm8NSFP8hYtA0x9fkT3Z6mOVGbKNXmvRvy_6lR9LQzNEc9daexPFtSleh7xRrFyTKICpCd0ImMG18e_4sbZr83LKX18JwmocqOH3x_2JT4L-fjPXcu5UTAJUCjGpWD26YTTbYWCSqzNYm2hIfovPS1VLLXvInGEkc1_RtxQ0DE-lPm-Jtcmwnm74cJyF2KPAuuc7sQ3OFL_r0TPXaJhYYmFsntBEuMIjbHw6ec53uZ2d86_4KQmOFqvSuwP4vIT_5prHXAmYntFKDgaS59Ch6s9Mc3gXNHhV2DLrfHMx_Nzy4TG57BtaNf8APBLvrHGAXtJqNpLxVXNEj90gDkgi5_z-GK37LxpLIzScWwdw4-0EBjGIWZ6fgZs-Q0OW3PZi1aGIm6vzcwaARn8oxFCGdBaNPo2L84yZXAveIHvlViNHgEV2QZuOPPuv2OReKyP4plUXpk6DeOH_MbSQBcUpU_qWjs3in7sk0y1WgiNO7ARhRuEpRTGtQQzMiGxTm74ovm8rTCtDLwoVBwzYjR_cDPXX1YrAIhF9cTJQhMz4WUCh3bNK0e9Fvcp6ENwlYhTVr_xZ5XDD-ewM33J5t0kX9HjKtKwibrQpzmjGcgRNtLUVfeWw8E4r0vuyb5XVfu6UI8oRbqlOgyXxBT4UUCTEi0yLQXgRTzb_14T9sYN-jxXy_UBbvhagUlKMXuDR0o2LI8HXmJc_R_ulSqHIOg-7PIWZbfqPo3RuHbYjjg7E8ND6aO1I23ThZuWyqJJ8Tl7zHZZY7Hca9ejqKM94LoctlC0dPr3tfNfO_sLtaI_RCrlwoYpxiTlt8ZmhBZ_CkgGEYR0Jk-F2FKttdM1kVNVwOmOr4kH0ws83Y3t92XgG9twAEIFwgHndne6e8YNTt2tBpwVNjK6vF2WvNgiT_PKVmvmFrtsGxKZDpJhH0y9pU2FvnY6XIvLjpnHOFNdsBuwSc3vHj37z_7FwxmwgTpliiikW4mTF0s3uJfbi7WBOSwrUTGbHyznDIIe80yicbRfg-32qZ8lUY1bexykOPcBY0RZ_0F9P_saCA-mMHhsJJksx1KwSiw0jSHJ7YJ6FZn560zC62X3fKxbMLAbBefWAFV9q1QG6vCpd6y7xaOfc4DDUI_j6SipVRjpTtBu4uoaT0JdZcu1MxKXohqSqmVNw7rFSfzJWFyDXtCcweA4aAu-EnYCw33-X9v_DfB_QKR_6sk_m71Wg&sai=AMfl-YTk6yQhYTv9c5-GhY5q9HF-4myP2oqkamTySc_xlPAXQMm6dVQy77uMHz6AVQn7jS-ZVrNFIcKB6i7vI4-k4o9-cHPBJqt3N07qtr2I5ipkQV7W0gp9dXQMUyQXuvuG4F5okw3AE0JHd8rwBQ0igCxoIhVDhhhri7_eLB35JJbCdxXp8N56Ib9WsSX3oLEp8M9ZXy2GTg9VPNw3f7j7SRTmycjPDmhZdMW2Dn5MjQ&sig=Cg0ArKJSzOPECKqbdrvAEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=169&cbvp=1&cstd=163&cisv=r20210524.00072&adurl=

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 27 May 2021 21:45:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4632 41 KB
15 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84057
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 22:24:35 GMT

GET
DATA 200
OK truncated
/ Frame 4632 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e9eea4d492e2ccc8aab6b547221391bd275bd2acfe7b5c2d745f3cfa347f386

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index.html Show response
s0.2mdn.net/8278902/1603734231174/ Frame 6492 7 KB
2 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8278902/1603734231174/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b546e8d81d75644af817b5723f065b302ca556b91b341c078a632426c2f80683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /8278902/1603734231174/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2491
date: Thu, 27 May 2021 14:51:06 GMT
expires: Fri, 28 May 2021 14:51:06 GMT
last-modified: Mon, 26 Oct 2020 17:43:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 24866
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4632 0
24 B 85ms
85ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss70saPO0_l2K7AEw7gYNwa7dZzywkg3m038XtUgG9-cR60oLoeqGeYxPwjaUDXA3ChztZ-wo8ISjBAmalv2MdTrm9FBK8499bepZ8yi24zxVx3wQF4Cgy0p9c8WZ_MDv1fDocCgzDwzo3sZZt9GBjHVl6PXos8jFBA8y3uu1QnfQRdZHsitOI8GGfi9vU1R_Vt_5WbGb-b0l3OU4zslzg0BivXr_KIv2NclyrwGwmN_mr8kc-wMvS5EGPBMdboi1EZg1hYhFYKvSSkvBx-ukDx8jYc3QFIwq-Y1-8Od4Agh-pXjp-n2D7Fcp-NFspySlS5miED-kS8mqlUsGyIi1n8jRCLG5pCV3QhBn3u9C-Fr54U6k6ZRHuR_wwiDFs02UieoLfWZpVtVdTAcGrmboMBNFX-HbsCfYUce6iMqIsCJ7ZcQmbSc9cb7c1HoavPCKurXj5SYFDgQaIkhdGvUWswhG-I-NBFUfu0DGCiYb7u7tWBshfy5LJtC--DDruxl4z2dktxpLTjlnkLnUleeQI84lfQsK3gxLJjx5V8A230c8qJ0AE8m6GmdCcBSiAwBpLEt2xBisu_kE16N7u_Q49014dIXDe9qJ4q7XvuMl-Vk7zGvo8lTgBS60Al5_GkF0l2HXBPEMDmvmt_25x8eyU0DjvXHDWMHpvTZkRIlKxqoBv-WII7MtTW0HaZO-oi426w9Npfw6QzFsD7PXxfoxHLL12UP5ZNbm2paducg4Kk64tz2tIgakzI4WzQojZLq-DIpvG-iu9c3QHaa1zdSOHK_VZ12mYBwmUarFdGDKVpNGt5lZN7h-Q9jUCj8q8Am1gnzvPfzGeqiTkH0iNlyEFTghO30hUSbAm2geE0m8fVqcF2ynRua0_v3AIU7-CjDNLaan80ZIg1xigo9bAvZwHxYKcrF02sibyAI_BBvkg7wBzAO6VOW4otEGykeB5MahjrQL32SaMVxHgxwdUsitm0eBOOgsjqA12OSKmn5rrFtL4VURQgVZYUvhD_ObgdOgUfyk-s3fRzM52szqwky87zb_39VRBoXEbG2ATYj2bv-WM3qdS_m62IPaSl0bzrBf3nf8jlyOO_f2CYlzdL_5yLd45CYK4ufK-S3v9z4q3aBGZgX1j2Z-xFrwTKbABCp83ThBXCPAFT0ab38bDt8sXajjfWAE00kemg7dBT8f4a_0M6r31P1_CdjZw52gQ-EwfpgDNQ8D8D7fRiTTgNEJEeVttpcAka5Jl6q0-YmxgfdFUg4150l6KJOLQkMrqkNI2QMiYp0jCCEMAP&sai=AMfl-YRHXKDCA9Q4SaWKOtxctHMrEa2x9HyloY9R3zPqRNNoA0RWRn9Eur_5xT1dhxzX7eeCP__Kscdxn1CFm7DciJIGk1-ZgtUWLi3vV3VBi_PbfgykHfn5igOna1uZuwVD0adP0gOjEWt47ish0C_YxIkm67FSlTVsnsKgjoBAZMtwZwFd9w1tu-m-faK8EoDSou8NFYMaYA-IxyBxkjIobYto00cX6aj5RTCzWJJoy5aInAEIxNWS7DUYeHHDhLnIFw&sig=Cg0ArKJSzFTOBxdRNJyYEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=155&cbvp=1&cstd=152&cisv=r20210524.77113&adurl=

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 27 May 2021 21:45:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D763
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaSRNlmcGzPBhW30XB8KWKqjkL_FSGN_2o5CaPtQ9uMMg2YGKbLddd6PyY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 21:45:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 27-May-2021 22:45:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 21:45:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 21:45:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 637B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 13:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 375881
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5712
x-xss-protection: 0
expires: Mon, 23 May 2022 13:20:51 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 01C5 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 26 May 2021 22:24:35 GMT
expires: Thu, 26 May 2022 22:24:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 84057
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 336-280.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/ Frame C702 257 KB
101 KB 7ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39f00607e1e24f7d5d281b8effeb2d7f094e9b0b25bd78eba6e433e772d4ef60

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 27 May 2021 04:30:41 GMT
expires: Fri, 27 May 2022 04:30:41 GMT
last-modified: Wed, 26 May 2021 12:10:27 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 103798
age: 62091
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0271 0
0 76ms
76ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbCUL-xKwYI3fLsrX3wOg7bgQwb7G-GKfs4Od9g3ttornoAsQASCnxucsYMzh7YH8LsgBCakC0HBcd1K_aT7gAgCoAwHIAwiqBOYBT9DgPc6gMeSCfRjz4T6P9G_Z3YwKKgprtHGXf5E_uVAguVvPQ_QsG9LYvx8pNFYf1it1Y7wVP6MrZjwWjG8smU7i3tAmaoM6EsA4VSQkhkO7qBcr4IhNnvd1VYyvDQHarUgLd8XxMn0onmqiQglhEZ3YODiAG32_VEDELvB0K_TF0LJ9x8aXwKYWCqwPcLThmjyeUiXzQUjLLRxNnNvceYi2gK2X-ugrGFGkfZqyKSgvjRAcZSJLQqb1EBVmLTxtkMs4hyLJ1HY52CXid5hY8ogHJiEKDw4nzX-pNBIHIbXc4o0JaUTABN_3yfLWA-AEAaAGLoAHo-yuzwGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQjdMF0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi0xNTY3MDEzMDI2MDA3ODAwgAoDyAsB2BMD0BUBgBcBshcaChgIABIUcHViLTcwMDI0OTEwMDI0MDk5MTk&sigh=apdlQDcv9bI&template_id=419
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 0271 17 KB
7 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:43:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 0271 2 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:25:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0271 121 KB
37 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 0271 13 KB
6 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:44:54 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 0271 0
0 15ms
14ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTihUwYxY9m8gNUP73SRTviA87nlXusZtt2LLfwTK_qT-67NaADZ-OeALwI9ggE4-xKtLmc
Requested by: Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B2F5 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 26 May 2021 22:24:35 GMT
expires: Thu, 26 May 2022 22:24:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 84057
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 _ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js Show response
pagead2.googlesyndication.com/bg/ Frame ED8D 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 8518
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Fri, 27 May 2022 19:23:34 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame AFA8 2 KB
536 B 24ms
21ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/index.html?e=69&leftOffset=0&topOffset=0&c=kAQ4CpmsXR&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 May 2021 21:18:43 GMT
server: ESF
date: Thu, 27 May 2021 21:45:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 May 2021 21:45:32 GMT

GET
H3-29 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame AFA8 110 KB
38 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/index.html?e=69&leftOffset=0&topOffset=0&c=kAQ4CpmsXR&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/index.html?e=69&leftOffset=0&topOffset=0&c=kAQ4CpmsXR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 13:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28856
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 May 2021 13:44:36 GMT

GET
H3-29 200 style_3xUXK42.css
s0.2mdn.net/8278902/1603734231174/ Frame 6492 2 KB
756 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8278902/1603734231174/style_3xUXK42.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8278902/1603734231174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

997f7de240e306be5121567dfb4a8348bfbcbeb930fdcba907cfa66aef7149b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8278902/1603734231174/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9452
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 732
x-xss-protection: 0
last-modified: Mon, 26 Oct 2020 17:43:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 28 May 2021 19:08:00 GMT

GET
H3-29 200 cta-logo_15i2CtK.png
s0.2mdn.net/8278902/1603734231174/ Frame 6492 1 KB
1 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8278902/1603734231174/cta-logo_15i2CtK.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8278902/1603734231174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe78585caea81fbcc0cd94aa23a7537ac8ddf0c3b31afe2a2090c7a72660889b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8278902/1603734231174/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 14:51:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Oct 2020 17:43:51 GMT
server: sffe
age: 24865
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1490
x-xss-protection: 0
expires: Fri, 28 May 2021 14:51:07 GMT

GET
H3-29 200 pp-logo-white_360wWmq.png
s0.2mdn.net/8278902/1603734231174/ Frame 6492 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8278902/1603734231174/pp-logo-white_360wWmq.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8278902/1603734231174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7f44c1115aae5d12f7c02210193d56fd0d4b3ab52617eaa4b6ddf6ae151d52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8278902/1603734231174/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:08:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Oct 2020 17:43:51 GMT
server: sffe
age: 9451
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1808
x-xss-protection: 0
expires: Fri, 28 May 2021 19:08:01 GMT

GET
H3-29 200 replay-btn_3YrEPuA.svg
s0.2mdn.net/8278902/1603734231174/ Frame 6492 1 KB
517 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8278902/1603734231174/replay-btn_3YrEPuA.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8278902/1603734231174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ed8a6ae127902c149ed519898ee860ecdd1b8a91fd832b80a3e67b0de1a8e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8278902/1603734231174/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3061
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 493
x-xss-protection: 0
last-modified: Mon, 26 Oct 2020 17:43:51 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 28 May 2021 20:54:31 GMT

GET
H3-29 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6492 57 KB
23 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8278902/1603734231174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8278902/1603734231174/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 May 2021 21:45:32 GMT

GET
H3-29 200 main.js Show response
s0.2mdn.net/8278902/1603734231174/ Frame 6492 80 KB
25 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8278902/1603734231174/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8278902/1603734231174/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89caa135de98f6d4485557aedaa95d3a065a63ebc406bbc9758abe2d155ad3b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8278902/1603734231174/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 14:51:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24865
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26003
x-xss-protection: 0
last-modified: Mon, 26 Oct 2020 17:43:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 28 May 2021 14:51:07 GMT

GET
H/1.1 204
No Content /
t.vi-serve.com/ 0
110 B 117ms
59ms Image
text/plain 54.154.115.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.vi-serve.com/?event=DISP_C_NOAD&page_url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&pub_id=850113329001485&channel_id=l8lqqsa9v&placement_id=plt1UNC9ibFYiBzbuyX&ad_unit_type=2&session_id=a7rzbgur2dxu&focus=true&player=playerVI&pageLanguage=en-us&placement_w=750&placement_h=0&time_delta=3548&position_on_page=5&playlist_pos=1&mobile=false&floating=false&nv_video_id=3tza13MByJmLcwxnZY8-&nv_source_id=922&nv_feed_id=1640&in_view=false&cb=eb41
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.115.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-115-239.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 27 May 2021 21:45:32 GMT
Server: nginx/1.15.8

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C702 9 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 May 2021 03:57:01 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C702 26 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 May 2021 18:54:40 GMT

GET
H3-29 200 aktifoa-medium.otf
s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/ Frame AFA8 167 KB
92 KB 8ms
7ms Font
font/otf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/aktifoa-medium.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/index.html?e=69&leftOffset=0&topOffset=0&c=kAQ4CpmsXR&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b26ef9584e26b171e0a54132ba3e9026757015d0077a9b0b4156f27a78911591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/index.html?e=69&leftOffset=0&topOffset=0&c=kAQ4CpmsXR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48358
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93776
x-xss-protection: 0
last-modified: Thu, 06 May 2021 20:56:04 GMT
server: sffe
vary: Accept-Encoding
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 May 2021 08:19:34 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B968 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaSRNlmcGzPBhW30XB8KWKqjkL_FSGN_2o5CaPtQ9uMMg2YGKbLddd6PyY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 May 2021 20:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2902
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0271 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1231d00b5c5fc63132f29f66f2725e0f6413d8026d4a53f1eb3bed191c0dc253

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 01C5 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 13:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 375881
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5712
x-xss-protection: 0
expires: Mon, 23 May 2022 13:20:51 GMT

GET
H3-29 200 en-illustrated_jtQRqAs.css
s0.2mdn.net/8278902/1603734231174/ Frame 6492 437 B
228 B 7ms
7ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8278902/1603734231174/en-illustrated_jtQRqAs.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8278902/1603734231174/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53ed3b9c698de23e29079ceca55bc05ea68ffa9c060c026ba6def5f306057a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/8278902/1603734231174/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9451
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0
last-modified: Mon, 26 Oct 2020 17:43:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 28 May 2021 19:08:01 GMT

GET
DATA 200
OK truncated
/ Frame C702 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8826db2d14938686bf49796e475b6b517c679f3d5e425cdfa6b8f5ec0a323f1c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame C702 17 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ebb1c151192f11b0e3503d435b96fb66868bd44d0f0c0244e2b1775f893892a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C702 35 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c693c86e7852e167687744b8ef1d7f4719319ed6b226f069cbb8bbe51352c101

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C702 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33bc5b6a9944e817a3cd8d4a0f1d43af1c4f8959281e6b3b00dd9f79a40f53bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C702 20 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3273741995a4ec9ad375879173aa061c67bdfc099a40119af82834f3f5117e8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame BBDE 0
23 B 76ms
76ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK v2 Show response
vis.vi-serve.com/playlist/ 6 KB
3 KB 281ms
96ms XHR
application/json 54.154.115.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vis.vi-serve.com/playlist/v2?url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&session_id=a7rzbgur2dxu&category=IAB7%2C%20IAB16&publisherId=850113329001485&language=en-us&useAllCategories=false&useOnlyCategories=false&pageTitle=An%20Artist%20Inserts%20Her%20Ginger%20Cat%20In%20All%20Of%20The%20Famous%20Paintings&pageDescription=Svetlana%20Petrova%2C%20an%20artist%20from%20Russia%2C%20told%20us%20that%20she%20met%20a%20very%20talented%20cat%20and%20adopted%20him%20after%20his%20mum%20passed%20away.%20She%20believes%20that%20this%20Ginger%20cat%20saved%20her%20from%20getting%20into%20depression.%20Zarasthustra%20was%20dear%20to%20her%20mother%20as%20well%20and%20this%20is%20the%20reason%20why%20Svetlana...&pageLanguage=en-US&mobile=false&playlistLength=5
Requested by: Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.115.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-115-239.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash: 6d7b324ade1ce7d33ce2546b64dad4de9d5fdb37248f8743aa592e71b73360f5

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 21:45:33 GMT
Content-Encoding: gzip
Server: nginx/1.15.8
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
X-Execution-Time: 00:00.035 ms.
Connection: keep-alive
Content-Length: 3005

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AFA8 5 KB
4 KB 16ms
16ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec420e3a33fca367f5359cfcbce082b54366319d91ac9141d26ca141e874609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4156
x-xss-protection: 0

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4632 0
23 B 73ms
72ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js Show response
pagead2.googlesyndication.com/bg/ Frame B2F5 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 13:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 375881
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5712
x-xss-protection: 0
expires: Mon, 23 May 2022 13:20:51 GMT

GET
H3-29 200 container.html Show response
bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A28D 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 27 May 2021 21:45:30 GMT
expires: Fri, 27 May 2022 21:45:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Achtergrond_overlay_2_300x250.png
s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/ Frame AFA8 87 KB
87 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/Achtergrond_overlay_2_300x250.png

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85bd283b939f16ff763ed3cea41e41c54f8461078e5548626b8865cc56d90b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/index.html?e=69&leftOffset=0&topOffset=0&c=kAQ4CpmsXR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:19:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 20:56:04 GMT
server: sffe
age: 48356
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89329
x-xss-protection: 0
expires: Fri, 28 May 2021 08:19:36 GMT

GET
H3-29 200 Achtergrond_overlay_300x250.png
s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/ Frame AFA8 75 KB
76 KB 9ms
9ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/Achtergrond_overlay_300x250.png

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82c41e378312c3f46437908e9a244b9ed8b36e76330d1fb29a1d72bc69f4851b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/index.html?e=69&leftOffset=0&topOffset=0&c=kAQ4CpmsXR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:19:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 20:56:04 GMT
server: sffe
age: 48356
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77295
x-xss-protection: 0
expires: Fri, 28 May 2021 08:19:36 GMT

GET
H3-29 200 Achtergrond_300x250.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/ Frame AFA8 8 KB
8 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/Achtergrond_300x250.jpg

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706a0d4cec5dc845f5b1bd727482304100d88c701589b1fd808ddab909191ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61774478/20210506135604241/index.html?e=69&leftOffset=0&topOffset=0&c=kAQ4CpmsXR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:19:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 20:56:04 GMT
server: sffe
age: 48356
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7877
x-xss-protection: 0
expires: Fri, 28 May 2021 08:19:36 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AFA8 17 KB
6 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:32 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B968
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaSRNlmcGzPBhW30XB8KWKqjkL_FSGN_2o5CaPtQ9uMMg2YGKbLddd6PyY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 21:45:32 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 27-May-2021 22:45:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 21:45:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 21:45:32 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 336-280.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/ Frame AF96 257 KB
101 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39f00607e1e24f7d5d281b8effeb2d7f094e9b0b25bd78eba6e433e772d4ef60

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 27 May 2021 04:30:41 GMT
expires: Fri, 27 May 2022 04:30:41 GMT
last-modified: Wed, 26 May 2021 12:10:27 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 103798
age: 62091
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A28D 0
0 76ms
76ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ceoxw_BKwYK7PCZDu3gOutp_4A8G-xvhi56-DnfYNrgIQASC0jpFKYMzh7YH8LsgBCakC0HBcd1K_aT7gAgCoAwHIAwiqBOkBT9BV8aQ_beeK_ccrRNd-_57cYIM0yGFw099YGrR_YKXdjN5g5QdgRJTEahinsg7NrUURPimIS84cxnGk9pL3hj8PgE5t_8E_JHY9x17trmVexSEDGlkMl6UShr7FDGCx45T1wnlhsqpd242APL94aYho8hVuE7lgVSHl7PipL7IsmD5MImdWU-e90E3xbdTfhlCPTwQNiYqUbLSPyOlft7SGBDDjD-Ul_6LliJsC5ahzAReDDkXLxdA_rlFnpSF573-m-LlYwmOt6K8R-lmZ0AiqP6kQICDOL95afDfxsZwMMcMx3trLyavABI_3yfLWA-AEAaAGLoAHo-yuzwGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ758N0ggJCIjhgBAQARgdgAoByAsB2BMD0BUBgBcBshcaChgIABIUcHViLTQ0MDIzMjk2NDIxMTUxMjA&sigh=Z_QrDzMrzJc&template_id=419
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame A28D 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:43:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame A28D 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:25:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A28D 121 KB
37 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame A28D 13 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:44:54 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A28D 0
0 14ms
13ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7jcbnZlpvvu3nvjK2MXv1dWanD_kWJdeu5Oxyvt91zytOhBwikn9BwA9oTjyjjTTsKuLf4I44rIGeOxoGdqtD2rSNzA
Requested by: Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032105242203000/ Frame 1E3A 191 KB
54 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032105242203000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2959c879f8cb0789f46c27f13bd77102cd9790f0a08693ed3f4ac4c9e2d7e7a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 175082
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55243
x-xss-protection: 0
server: sffe
date: Tue, 25 May 2021 21:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0ab0e5049d400e4f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 May 2022 21:07:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032105242203000/v0/ Frame 1E3A 12 KB
5 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032105242203000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 175082
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4568
x-xss-protection: 0
server: sffe
date: Tue, 25 May 2021 21:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b435c2fa80137a0e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 May 2022 21:07:30 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032105242203000/v0/ Frame 1E3A 87 KB
27 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032105242203000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 175082
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27371
x-xss-protection: 0
server: sffe
date: Tue, 25 May 2021 21:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6687a81702b10306"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 May 2022 21:07:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032105242203000/v0/ Frame 1E3A 4 KB
2 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032105242203000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 175082
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1521
x-xss-protection: 0
server: sffe
date: Tue, 25 May 2021 21:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5a9e085610d63d0a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 May 2022 21:07:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032105242203000/v0/ Frame 1E3A 41 KB
13 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032105242203000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 175082
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13132
x-xss-protection: 0
server: sffe
date: Tue, 25 May 2021 21:07:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1bd5431ac5ac76b7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 May 2022 21:07:30 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 1E3A 4 KB
617 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=cs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 May 2021 21:33:43 GMT
server: ESF
date: Thu, 27 May 2021 21:45:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 May 2021 21:45:32 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 1E3A 4 KB
617 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 May 2021 21:21:46 GMT
server: ESF
date: Thu, 27 May 2021 21:45:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 May 2021 21:45:32 GMT

GET
DATA 200
OK truncated
/ Frame 1E3A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dde0d4559aa38dd76ee6586684ec581e605396691ded25b71a510bf2c8714727

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10693141849716037043/ Frame 1E3A 7 KB
7 KB 60ms
59ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10693141849716037043/downsize_200k_v1?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIrAEQWhgBIAEtAAAAPzCsAThaRQAAgD8&rs=AOga4qkLcPHXBlsBaIUhG65qesZx9luZTA

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb477e5dd18c6fc06a7dfc36ddbf7f68daffb5c26130a8bca0d828f2b4ab7aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 11:41:26 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7355
x-xss-protection: 0
expires: Fri, 27 May 2022 21:45:33 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3281121438664021481/ Frame 1E3A 8 KB
8 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3281121438664021481/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qm8pkKfsNurRZTguSrLkKbafPw7cw

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6172520ab4664e8da188823aa192432e29c2b16107b79f994a050304d7ab23e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 08:28:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Jul 2019 10:54:29 GMT
server: sffe
age: 134213
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8526
x-xss-protection: 0
expires: Thu, 26 May 2022 08:28:39 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1E3A 0
0 76ms
75ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMH3U_BKwYNn-KMr33wOUjJnoCeeL6OJiie376esLrgIQASCnxucsYMzh7YH8LqAB45zb6gPIAQapAtBwXHdSv2k-4AIAqAMByAMKqgTpAU_QlOwdHnlMJHpEXWWKkgKWL269Uehmie_k43b7eGL8iscQmGTIY4j3Mp9oSqbtvUk7Ypc14dDZ5wEw3RJgJZWZ-Q1q_FtUYJGwI7_VLGCknTg4jnJ9Z00iLBduwN75cSK4Q6lbiza1zxQV_vNytSuiYz1V3zMJ2DTcwOjpQ9BLcjYvwQnCLNP2KpIN_4bE5JKyTdtAA37PDIzMq70ExVXxFnfrkAonzLP_3XZDxgVJxxCUS-cTdL3pju3EA-ZUBIL41TPVGSJFFi4VwwHzlWQ02AX6M38iNP6jJKUeU6ldLJfUQzXwtlRIwATvj8HbjwPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHheOkFagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHAxDwLtIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tMTU2NzAxMzAyNjAwNzgwMIAKA8gLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi03MDAyNDkxMDAyNDA5OTE5&sigh=J7xwvuLz81M&template_id=492
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1E3A 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 14:36:54 GMT
x-content-type-options: nosniff
server: cafe
age: 25718
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 28 May 2021 14:36:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1E3A 295 B
325 B 7ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 May 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 84507
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 27 May 2021 22:17:05 GMT

GET
H3-29 200 2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 17B3 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 13:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 375881
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5712
x-xss-protection: 0
expires: Mon, 23 May 2022 13:20:51 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1E3A 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=cs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aubtu.biz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 261013
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 24 May 2022 21:15:20 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1E3A 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=cs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aubtu.biz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 19:15:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 181808
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 25 May 2022 19:15:25 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1E3A 11 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=cs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aubtu.biz
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:18:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:42 GMT
server: sffe
age: 260831
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
expires: Tue, 24 May 2022 21:18:22 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame AF96 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 May 2021 03:57:01 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame AF96 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11417214532185088857/336-280/336-280.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 18:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 28 May 2021 18:54:40 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 70B9 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaSRNlmcGzPBhW30XB8KWKqjkL_FSGN_2o5CaPtQ9uMMg2YGKbLddd6PyY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 May 2021 20:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2903
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A28D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b576c3f968b6f0be7329067c48d8ad935a5daddcf3b1b8b4bb35f94ed6345813

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204
No Content /
t.vi-serve.com/ 0
110 B 59ms
59ms Image
text/plain 54.154.115.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.vi-serve.com/?event=NV_LOADED&page_url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&pub_id=850113329001485&channel_id=l8lqqsa9v&placement_id=plt1UNC9ibFYiBzbuyX&ad_unit_type=2&session_id=a7rzbgur2dxu&focus=true&player=playerVI&pageLanguage=en-us&placement_w=750&placement_h=0&time_delta=4088&requestedCategories=IAB7,IAB16&requestedLanguage=en-us&position_on_page=5&playlist_pos=1&matchedCategory=IAB7&mobile=false&floating=false&nv_video_id=_QL3uXcB6kD-R34PCuct&nv_source_id=922&nv_feed_id=1834&in_view=false&cb=bd01
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.115.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-115-239.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 27 May 2021 21:45:33 GMT
Server: nginx/1.15.8

GET
H2 200 _QL3uXcB6kD-R34PCuct.jpg
nv.vi-serve.com/vis-media/922/1834/ 31 KB
31 KB 55ms
48ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nv.vi-serve.com/vis-media/922/1834/_QL3uXcB6kD-R34PCuct.jpg
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 5d5c23ed8ca34f944cdc05b9b8c5827dfa6e758362284598335fc841d5c8f3a0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:33 GMT
last-modified: Fri, 19 Feb 2021 11:13:20 GMT
etag: "1613733200"
x-hw: 1622151933.dop043.lo4.t,1622151933.cds276.lo4.hn,1622151933.cds246.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=51951
accept-ranges: bytes
content-length: 31287

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fe061d3da79d71cb8d7c2b7e72fc2b4e3affb446c1b3807e7e2ab5593988d5b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 204
No Content /
t.vi-serve.com/ 0
110 B 60ms
60ms Image
text/plain 54.154.115.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.vi-serve.com/?event=INFO&page_url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&pub_id=850113329001485&channel_id=l8lqqsa9v&placement_id=plt1UNC9ibFYiBzbuyX&ad_unit_type=2&session_id=a7rzbgur2dxu&focus=true&player=playerVI&pageLanguage=en-us&placement_w=750&placement_h=0&time_delta=4089&data=lazy:off&cmpFramework=false&gdprApplies=true&gdprStatus=none&consent=0&segments=&position_on_page=5&playlist_pos=1&matchedCategory=IAB7&mobile=false&floating=false&in_view=false&cb=6ce6
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.115.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-115-239.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 27 May 2021 21:45:33 GMT
Server: nginx/1.15.8

GET
H2 200 sources Show response
call.inforsea.com/adserver/ 3 KB
2 KB 186ms
59ms Fetch
application/json 34.255.45.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://call.inforsea.com/adserver/sources?affiliate_id=l8lqqsa9v&VI_DOMAIN=aubtu.biz&VIC_WIDTH=750&VIC_HEIGHT=422&VI_PUBLISHERID=850113329001485&VI_CDIM2=850113329001485&VI_DNT=0&VI_SEGMENTS=&VI_BSAFE=&VI_GDPR=1&VI_CONSENT=&VI_CDIM1=922&VI_CUSTOM10=IAB7&VI_IAB=IAB7&VI_IABSHORT=7&VI_DURATION=72&VI_CATEGORY=Health%20%26%20Fitness&VI_TITLE=Study%20Says%20Petting%20Dogs%20or%20Cats%20Can%20Reduce%20Stress&VI_VIDSEG=62u&cb=1f6nskb5j

Requested by

Host: player.inforsea.com
URL: https://player.inforsea.com/player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.255.45.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-45-240.eu-west-1.compute.amazonaws.com

Software

nginx/1.15.8 /

Resource Hash

0b82521fa29d9b7c86a0dd5330fff1e4cd1f09590b47e6c577d6e37fbfaca584

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:33 GMT
content-encoding: gzip
server: nginx/1.15.8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://aubtu.biz
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content /
t.vi-serve.com/ 0
110 B 60ms
60ms Image
text/plain 54.154.115.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.vi-serve.com/?event=INVENTORY&page_url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&pub_id=850113329001485&channel_id=l8lqqsa9v&placement_id=plt1UNC9ibFYiBzbuyX&ad_unit_type=2&session_id=a7rzbgur2dxu&focus=true&player=playerVI&pageLanguage=en-us&placement_w=750&placement_h=422&video_w=750&video_h=422&time_delta=4102&position_on_page=5&playlist_pos=1&matchedCategory=IAB7&mobile=false&floating=false&in_view=false&cb=16e8
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.115.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-115-239.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 27 May 2021 21:45:33 GMT
Server: nginx/1.15.8

GET
H2 200 vi_logo.svg
s.vi-serve.com/ 1 KB
892 B 349ms
48ms Image
image/svg+xml 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.vi-serve.com/vi_logo.svg
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: UploadServer /
Resource Hash: 3d98123e0840ba76b93bf92147d2664fb0bc23cf37d61561e48fd270bbd0d1de

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=kHN4+w==, md5=BaTzNhMnoBMWP5P9UtTwPg==
date: Thu, 27 May 2021 21:45:33 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1548836449
x-guploader-uploadid: ABg5-UyLqxtz1AU1azwVX7DjMc7l-XT1gHWfAzoMUeYLpMBwWYG2VfQZZ4XGaldqK_ijhdi5rfgcYpAZT-10c7upQlI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 558
x-hw: 1622151933.dop043.lo4.t,1622151933.cds276.lo4.hn,1622151933.cds282.lo4.c
last-modified: Wed, 13 Jan 2021 12:41:20 GMT
server: UploadServer
etag: "05a4f3361327a013163f93fd52d4f03e"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
x-goog-generation: 1610541680744704
access-control-allow-origin: *
cache-control: private, max-age=0, max-age=300, must-revalidate
access-control-allow-credentials: false
x-goog-stored-content-length: 1193
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *

GET
DATA 200
OK truncated
/ Frame AF96 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8826db2d14938686bf49796e475b6b517c679f3d5e425cdfa6b8f5ec0a323f1c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame AF96 17 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ebb1c151192f11b0e3503d435b96fb66868bd44d0f0c0244e2b1775f893892a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AF96 35 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c693c86e7852e167687744b8ef1d7f4719319ed6b226f069cbb8bbe51352c101

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AF96 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33bc5b6a9944e817a3cd8d4a0f1d43af1c4f8959281e6b3b00dd9f79a40f53bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AF96 20 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3273741995a4ec9ad375879173aa061c67bdfc099a40119af82834f3f5117e8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1E3A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 27 May 2021 21:45:33 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10693141849716037043/ Frame 1E3A 7 KB
7 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb477e5dd18c6fc06a7dfc36ddbf7f68daffb5c26130a8bca0d828f2b4ab7aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 11:41:26 GMT
server: sffe
age: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7355
x-xss-protection: 0
expires: Fri, 27 May 2022 21:45:33 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3281121438664021481/ Frame 1E3A 8 KB
8 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6172520ab4664e8da188823aa192432e29c2b16107b79f994a050304d7ab23e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 08:28:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Jul 2019 10:54:29 GMT
server: sffe
age: 134214
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8526
x-xss-protection: 0
expires: Thu, 26 May 2022 08:28:39 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1E3A 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 14:36:54 GMT
x-content-type-options: nosniff
server: cafe
age: 25719
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 28 May 2021 14:36:54 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1E3A 295 B
325 B 7ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032105242203000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 May 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 84508
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 27 May 2021 22:17:05 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AEC8 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskwixIBuqLmkDVY4nPovtG1BgyuEV07Oo3dAzFmt61z9fGimw6fcLs6ZnXubNurpmTd2ZAVPnIqY5nd65-j9_lDpSKk2LcwHmJDfiOn5DbO5Bv&sai=AMfl-YSA9sWW401Ge-IgPqu3yqoyyBIAED001cgQehPpRjyUjHWhXNMkAlb6lJJ2YoH09ZYcGpccLcuo5KpRRlt2BU3TZGxMDl0o2KuxYMKwKx7IwARfZ37OXsc6A8bPyhE&sig=Cg0ArKJSzAMUOaCdqhwaEAE&cid=CAASPeRosdJq7TEyOeE0M0-Q6LccAjSr8asVe3LAQKwRvMIgPcmlpmFjj_R6pFwq3-iVFkU6mn-3gI0muZ-MkXM&id=lidar2&mcvt=1071&p=506,472,760,772&mtos=0,1071,1071,1071,1071&tos=0,1071,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3502631132&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622151931803&dlt=117&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 44FB 0
0 48ms
48ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COgLN-hKwYPPKH9iHrATo47LADvKontViiq-izJYNg5n0_QgQASC0jpFKYJUCoAHfhLXYAcgBAqkCHKq4J3OGfz6oAwGqBNcBT9AFcGQkW3-K5me7LFdjBoCGjY6wXJYcqSEFbC704yWb2D2At8JUX8Yxi6Y6g3t-AgKLgqHWi-5OFxLH9OMPfs4dTCOd3hvlVTht7CRzdEJVIjhyY-ZUAi7wQ7XXWMJ-J0F3otptciqUAVAmkxQvK5QJbMGbUA_livtrCj-YOoqBuoYiDoBvIw-_h5uiU2iAEFlmtF2dM6LkXWlA2IFmCHxdPyAAC2tfMIsLMWsXKkQTMV4gv1F04LPAehGeraSrlDKzMLHpYnX94gobfXdZ_4nN5_PMXHrABLOe76LJA6AGAoAHifvKpwKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQxegF0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBgBcBshcaChgIABIUcHViLTQ0MDIzMjk2NDIxMTUxMjA&sigh=jYAk5sfYPP0&vt=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4402329642115120&output=html&h=90&slotname=2329401204&adk=2953745035&adf=1801062927&pi=t.ma~as.2329401204&w=728&lmt=1622151930&psa=0&format=728x90&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151930269&bpp=1&bdt=313&idt=231&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=320x100&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&correlator=6252834043920&frm=20&pv=1&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=g9V9DhFl39&p=https%3A//aubtu.biz&dtd=234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 27 May 2021 21:45:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44FB 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNwnL_AdDr5yt9CFt3yWpgJhLDcH5217qLsQ2_6BBXhwyhUURRj3yWBtabCK7o1uqu8SnVYzXBv7OLa20zroiopsZhYcie0xZ0zyHoJXqQv_Ob8YH4cNpEi33fjw&sai=AMfl-YTl6aD7YL92e_ibPKt-aOLaRNpZNZxaj1SIX9483pZ0rWVN_kcMYA8Q0RUYK-jmqWqKMeMDHMNbtEqb&sig=Cg0ArKJSzD-i3ZtaG3mdEAE&id=lidar2&mcvt=1073&p=1104,477,1187,1123&mtos=1073,1073,1073,1073,1073&tos=1073,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2953745035&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622151930504&dlt=1317&rpt=109&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED8D 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFTdg-hKwYIypJZiE3wP_lD8AAAAAOAHgBAI&bg=!qaqlqu7NAAaMan2LjGo7ACkAdvg8WsAm5WEbrWB9mPxjCji6XjqzVNLGVYtE5OFb5OZF31AbZxtETwIAAAG3UgAAALFoAQcKAJvUO-2bV0P63gCkvfbpLfrJarI8bdPNJ5wb8EBuS_mHW2Uo9y_V8owSxIE6UpYSNCwZimKGxuHqF9SEEo4ByMTzZpGxde9jaAnMLlkDWBy3a7alw3bEr8HJWEtxn5_owYPUXUZdPV9hKTdhvwvc5SOIYTKssuI3np_mxwqxHMSZMTB6YL_Le_euk91vn44g2h47o9aqCvnHxJjQfJkC31yDLo2CmpOU8oT6fTaSWBfYanvRD9hcC3HTeeo9JXqbMM-x8x9yOo8cINL1Jjv-zp8CTjYXJHn_Z04nCQ618YIFFS94TsVZaDgfrhRE5tmWmA84onH69fCaeC4o41oKyIKccfjq7Zyv0_ejV6b_1GUtT2TAnOMuS-Z1lFykxjmVJv0Q2Cn4WSRscVxSn0lNVPklsajZImiiUux9K3pb-j4TjDTCaZ4WjjCzkZri8k10iG7CgTJ0LwoFxvsQdPjQIEfwP3YIpCe-Vz4OSpner5sbmZEteFTBtVJ25qI3FjbkUC-Xg_ePfCzMeFy4LrOZ3y0cmVRIQ4kkJnhqu7VDn-hRgCB4tR-PULhtakyJ39_fDuvji8PcfMdHJnKUa_xygoX-D8xlxr2J2s_mxTUhdzl4SVqQIilItCISU_n7Cv6yu3NivpkXTgV2D8XYx8I9vNn-PgRG5JG6sd5yAS2WFqdR-rdWuZhJ4NJHB8SVWLffQP5MV-n6mScQoHExjT885ziSQEzyqXXYloKPAchFyLiJQGfAyy7kJ1biNXvPcYSrw-VgwtIm4PYJ76cR6meBw5IoMPyz0r7BwvnHlkdT4AoquNbR3ngXbxeSEQtw31rywl0W4O3m8iJS-Lh9fGUIh7Z6qFIc6s8Wma0UHpn-cCgA13LxjvjzKAGrZinvAIRUZqmmmMR4iKKYhiMwTdNcLGSuUTi9uhI_uLuYBTzclNW7CGsVzBBNhX5BQ4lNcywLdcYUZak082lBpzq-qwr_1rSonlfGAg-lmCd-bpMz2U99922MV7HrBtkxDaEU0g7VekRC8r3YvF9l82ormuE0NWAkmb2X5nZ-m2xvMPXy-PTIkXeypOB0Z_ZDy0BApgRutCwYqaVsfz8DMKyuSPynWi68FhuJf7cZrzyelykthHlB-iWspYWxnetVjMFiefb0U5ShDEPs3UJQqjD0r3wGaUmqWix-2Ds8YOw2w_VcmQ

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 70B9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaSRNlmcGzPBhW30XB8KWKqjkL_FSGN_2o5CaPtQ9uMMg2YGKbLddd6PyY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 21:45:33 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 27-May-2021 22:45:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 21:45:33 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 21:45:33 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D37E 336 KB
116 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.inforsea.com
URL: https://player.inforsea.com/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0763cefe362deddc5a533e71213145d35dcea9c9b80ae9e59a33e90240489e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117984
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:33 GMT

GET
H3-29 200 container.html Show response
bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BA5C 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052501.js?31061327

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 27 May 2021 21:45:30 GMT
expires: Fri, 27 May 2022 21:45:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 01C5 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bck9W-xKwYJWdOs-q3gOBtqLIBgAAAAA4AeAEAg&bg=!29il2JzNAAaMan2LjGo7ACkAdvg8WnhvKez2Z69UAKERm5ArxrtJ15aRdxQNhJqQX6to3nNtxOd_uAIAAAHjUgAAAERoAQcKAAajmMI1BdqZAt1yQ1EUx4-vOlbeLRiW_TZfJ72zKHfmlAG2UusMFRGd-0c-5O60k-nLCZ2bFDcnZiQNf71gVxDH-11tmz9S0xMJKJzV6wDxwcaktnvulv8xolGaLzyOhpI4dgMgdGd1Mzf8LS1eI9k1M30mesVks_H8MsiMqpPZ3PfC9Ds_2AG4Z1KaCj9pqXKyj6zBaLMblRXgtVlKhryL5XmlLzSWLnwGPsIMvWqCxpNhsyxeyie-qGEMFVlwNJj_sMwFK52m_rAPdrcvLLk6cSKN05JyKIagbi-6vwhU-VI73uJcgQo5cwKMTE1cKv43xJnfPqOyLOHzd6Ls55mZ9Sz4LdlA1D8ym1aUrpRE4Mr5kij7-eT80TC2z1n-05_Q9CRyAQBTiVXjyNYoeztbdfH-5MEqKO1uD9-57pY4etYaGk64IPcbvO17ZsZ_vYXBeEXlIJHlaMubd_eGNaYUPZri7BZW4lRlrP1r7frzs4fw4dCDMyGxqlGNMTCwd5VzX7bgaEsKqAJ7pG8tYziXGrSPjDMaq3iE7w9B0UEaP53Pq0WtNjfZUxqQtPtqyz0kjeOjGioSOWvZx4UuDzOJgkbBqaUEWa8VQeJ7wxiJYvFrhSIAh29Vuu2K7i4WCQC8_fbJnci8iw07gd_VsayqyebdAuiVHK_8QPXZHR3ducGcddt0zDYKzb5i8ZZl4aeFIlOpWOLASBudUsVf-BBWyNbJo019Wec7vmTRy-6k5--R0Zh5zeTXgH6Fq2uQeZbP2YMKGK_2P8ZZSLwnKa4vZiNAsvRfQ00FiOEYtJwO7aq4Icp0v8nTVuYCIXzXo4u1dzzJMawXdXQ_kl56NOA68ZHv6fm4ifJJI5oxvAX1CQzN0WV3tpOGA75zeIiFPEZTzE-aXOmMIRx1f4p-8or4Mf9zHM-5Rkk_9lo1WRi_SiFcOy4ZBiies9YHi69_zCGIHbkhfdB9dQrxODVea5vWnnn5ruiR

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2F5 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByiVt_BKwYOOWCbPd7_UPm-uH6AMAAAAAOAHgBAI&bg=!WlmlWR3NAAaMan2LjGo7ACkAdvg8Wr60JfDEfkMPjcUBWkTymKN-S8UEzW6rwBMK_LuCe8IY8zkj_wIAAAIJUgAAACtoAQeZAtiJ45Hwl-mggV3Iidg1IJ23Rm5RZo4W-3tQXXJBndm4CVdLHZRKBD7m99NeOr_PMr-WTe-Speis44a12g7_tOHvYD12FbGNVCY4aXNzzzzOVI00vVgFNgWQaGGf5ljWJREe2v5Nd1CrcFPoXleG7O4t0SRHCQfZ5IA6CosLatO_oeDOwWMQENv-R8RV53ZXirUwzoCD7RzY4liVzJj3ba-XW3frxzgyPNN169Pmwp5cTLJco-UdSdyEUJkPL4rk6Xqyvc97p66eRdfKwpxMOJ9moojIrN6M68jiBu5li-VxPCZOAkTa2ASweRafMfH_V2gCCaSE2njRyBI5tIZT64mxYNXiLaZDkiLsxjnovcj9YtLGKmVXwFiL0rDAR0WrL1xsYoUX7-fssvAXOf6Uenf0QtM63g2wUYkiyqUP1IbJb6q5TLNIAiI81cgmYBG_zmqeHT9swCnFaRBMahcP0Ti4yZ9xTWDAVw5fuiTSbhJq5XBjgKRkfd3zyYz3E-ycwkAeBA6sQ9PusRv55nlW_6qieUAA2aPt29Xo6-fPqaToKRSNGr_H7IvJpNrp18I3naj6ftSt2geTYdNlQMvjyR787dfT4K7e14d7Jyhv3gyL-VRMixeXvB_YGzdozi9LWTCDle16xOq6XCdvXCldJNXBBkVlC4vLc1IpVBXbrGEp2ZFE2eBmZdBcCN2k3_z4DcfCy9st7h8_zJaCm02vxkN6tW-cxCWNPTWpoTwFL6rN2nITkTWp0ZwcTNU6_X1GU4GQ7fPQRLry_toJdixDSd4LGQ_tkGyABrI-6lXkcM7FSbRvuC3lJaNqgtXY80TRKonS61jAxP9x-BOv4UXBxyKWIN5QCndc8XI-8ljCdHiRr5fL-FP1tdYMDrQqkHkE04e6fkqtl44ZmFkYi8q-wZ_oViI0rv970RgtEvYv31-goA1vZqRYKMxgXGOK7geEQKUqWUgbpAdefw

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4661 500 B
322 B 17ms
17ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu-4wIQ1qTt-AEYnuCfpQEwAQ&v=APEucNXCymvJSu3ckkph3jXKLl_fRbsFEq-6JtdjvxZVVMBSK5HNiug5jrncMMurkYQORXWGfQiMEJnHrndhI-H_kkGQM-FYFNFNzIcoGyov8CxYqiH0E3M77uCMIG0nSNANyosu8BilCjd4C7upYP6us_jIFJe-JRdsXWLZcrnGB4J47j0XqHk

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aedf3dff6e3596bea2ed1f9bb489aca220ac62eb0f0eb2ec34306f215388a1c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMu-4wIQ1qTt-AEYnuCfpQEwAQ&v=APEucNXCymvJSu3ckkph3jXKLl_fRbsFEq-6JtdjvxZVVMBSK5HNiug5jrncMMurkYQORXWGfQiMEJnHrndhI-H_kkGQM-FYFNFNzIcoGyov8CxYqiH0E3M77uCMIG0nSNANyosu8BilCjd4C7upYP6us_jIFJe-JRdsXWLZcrnGB4J47j0XqHk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaSRNlmcGzPBhW30XB8KWKqjkL_FSGN_2o5CaPtQ9uMMg2YGKbLddd6PyY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 27 May 2021 21:45:33 GMT
server: cafe
cache-control: private
content-length: 299
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 May 2021 21:45:33 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame BA5C 17 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 8821855511435206686
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 20:48:02 GMT

GET
H3-29 200 8980984824084812770
s0.2mdn.net/simgad/ Frame BA5C 61 KB
61 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8980984824084812770

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f269942eccf95f26426c83daf9ec1d38f3180a53f28da808bf722af7b2126905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:23:12 GMT
x-content-type-options: nosniff
age: 602541
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62870
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 18:35:27 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 22:23:12 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame BA5C 6 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 20:56:17 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame BA5C 0
24 B 77ms
77ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5by-bIWFnpgqLtVBq7sWbQeY6bfRBKGnRKlQBeGNobh1eSGPw-v9JO7RdgKvnhi3Q-6GydQEUQsxOktqb_57tO9ZBu1ZIvz8xoJMSlgNA-RAqiV8fii-RHI7VX9wcCMAZxXFsXvopMiomZbZNqiXRZTfi1-YJxRJQjL1iWSrg9sZFkPXVz6LO5yO56bGG-L3jdHEqxIgEAUafZ8ZC7WoAOH9kJTja1KZbIG_QopLpRhM4N73WjAETbc-7lzt298D0f90lT2kF9cgbe2u44W3445X-HD_6WA4vTADtsClM7t1l-U5yKxozgNSms7f8fJfE76yKouHs4GbA0AzkGcDsD78853-3mpGsuggK4xl4ix8QzMLi_ehwrmd-l3Hbef7amqdYkExy3tFVAgdRqIN3FenqkOYxhyift4DzWY4_Zwl3JvgH_6UWaTec0kEqUrgWdGqF1HGxQ9YeNjIa7hWAZmcb5L_CbUkMKwVvESX728gjyNlqAC3jGYjISksr_VO0EJThHvRYjyQxJK7FJJHZ8iRyoyG4Lc-Q5cdy5lFktXVOoO7ixBZgG3mkf3DwpTFrSFHHc60_jqWePzY6pjF3AMrUnvAt88HFqLG3bUiZlrh-vbj8OrjwxDIlWPqz3QoToGmm3C7sTNZFP5bpZfsBvJCHjzPe_XCtaUftcukgNgj20Gg6ure5NeQNXrZ9MzeObCl1Nnq3wjBaVdaKs9TAZUkZBHQV7oRf72uu049X7ehet1d7VBVU9w-q4gCzEydF-pH5E6lq7xAxj9ioJoqCWApi9jedeMkfXZA9R3czAlhLh0wjzSH-eRPbb03QXmhjjPsCSTcwy_VsFFVxctaDoCRYmfhHgsvJqChoAE46soe7WxOYRlCNHL-C9DEzu_ljnHGhrBjGsxwt5883VGxLYnFOfbeZNTitG4mBqGrTpPfCTT4_b5Q9ADGPM2kiDit7QmqKPkO8XFHA2hXVtoV6TbVbz9JLgd878FwfHH2rU3mYzVXQm8HeC7JDSJrYqzhYT3KhOYN9aRBwrV-X7mrCZY81L68y7iC863YJnMkN2ju2R_JzFVpxvg6DUvPJynP4sOop6eqkruwhu2a0u-1EeDL5w3mmW7nDIfo4emP6QH5DAD7PVKG_82H7t-SNU-lNEjKP61SJiNIdFLmaDOQKT6vX9lGfDOgkud3WALY12p5WJA&sai=AMfl-YRwGcDJANc1tf0BHWMjgWHgIbKfVbfAQ8zd0aRnxFJ6iRwv1rGkmmI-c7I_rlaDV7ACDylLZ9Ee5HgHeUbJ4GSdd0-Rcs5VX-ljw1HVkUeD_gfHcDCL7kAqCFFeZxrzk4Er2jsCHYAh6mdSLKj3IdWX00JD0yCrLO-13JihVS37_KWw0_vHXrrRwb_TRqUKZ4RbHuEz3VyhLAtzIfG7rz7AOJIpZWzljD9IOkojIQQmhDqfnlmqP2NQ17xjFQN2KpcdP39RowBRHNypuho1f2QV3o3Mhd0uVmaRajERrYjkE9ncRN5zq2RnOqOC1Qr6JopDG2NhPnLpPNuAcw0CTW0BsHAksG8_tfCFd3hkKT2X1oZZFEwy5egaKAYLeFL6N4uoOydo&sig=Cg0ArKJSzPIQI2lbVoOEEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210524.76222&adurl=

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 27 May 2021 21:45:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BA5C 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84058
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 22:24:35 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BA5C 42 B
63 B 45ms
44ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLSLV9Jxeit0Sts9h9z1uXqTGmCH5GxEW-i0QMDtQMeQALNuX3MPej-m8t0L92idccU16vU0PvfFYp3GAqlzVCHsLyaPClN5kENmTX-TOANPX-x-A

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame BA5C 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:25:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA5C 121 KB
37 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:33 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame BA5C 13 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
URL: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:44:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Jun 2021 21:44:54 GMT

GET
H2 200 vans-adapter-google-ima.js Show response
static.adsafeprotected.com/ Frame F7BD 19 KB
7 KB 192ms
64ms Script
application/javascript 108.128.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by: Host: player.inforsea.com
URL: https://player.inforsea.com/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-95-108.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b7aa714a4418a8e3d269a472e0ba2168cca963243ce2c94ad32315cd239fd245

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:33 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 18:23:25 GMT
server: nginx/1.16.1
age: 552316
etag: W/"90eaad1daab4870a6a4ed031687aa680"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame BA5C 0
23 B 74ms
74ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1FF3 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 26 May 2021 22:24:35 GMT
expires: Thu, 26 May 2022 22:24:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 84058
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4661
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1qdndDSjA1RTJ1R1RUS0Q2dEhwV29IQURIaVFCNVdhR35B

170 B
188 B

44ms
44ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1qdndDSjA1RTJ1R1RUS0Q2dEhwV29IQURIaVFCNVdhR35B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu-4wIQ1qTt-AEYnuCfpQEwAQ&v=APEucNXCymvJSu3ckkph3jXKLl_fRbsFEq-6JtdjvxZVVMBSK5HNiug5jrncMMurkYQORXWGfQiMEJnHrndhI-H_kkGQM-FYFNFNzIcoGyov8CxYqiH0E3M77uCMIG0nSNANyosu8BilCjd4C7upYP6us_jIFJe-JRdsXWLZcrnGB4J47j0XqHk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 27 May 2021 21:45:33 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1qdndDSjA1RTJ1R1RUS0Q2dEhwV29IQURIaVFCNVdhR35B
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 4661
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKe7ZqfUIpi5gT7swDz5-tg&google_cver=1

43 B
163 B

150ms
50ms

Image
image/gif

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKe7ZqfUIpi5gT7swDz5-tg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu-4wIQ1qTt-AEYnuCfpQEwAQ&v=APEucNXCymvJSu3ckkph3jXKLl_fRbsFEq-6JtdjvxZVVMBSK5HNiug5jrncMMurkYQORXWGfQiMEJnHrndhI-H_kkGQM-FYFNFNzIcoGyov8CxYqiH0E3M77uCMIG0nSNANyosu8BilCjd4C7upYP6us_jIFJe-JRdsXWLZcrnGB4J47j0XqHk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:32 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKe7ZqfUIpi5gT7swDz5-tg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 4661 43 B
163 B 152ms
51ms Image
image/gif 185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMu-4wIQ1qTt-AEYnuCfpQEwAQ&v=APEucNXCymvJSu3ckkph3jXKLl_fRbsFEq-6JtdjvxZVVMBSK5HNiug5jrncMMurkYQORXWGfQiMEJnHrndhI-H_kkGQM-FYFNFNzIcoGyov8CxYqiH0E3M77uCMIG0nSNANyosu8BilCjd4C7upYP6us_jIFJe-JRdsXWLZcrnGB4J47j0XqHk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:33 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H3-29 200 _ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 1FF3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_ITcuHTDnJFauDqltlBqrEjQ-T5zT23sppn99C3Ar0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:23:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 8519
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5710
x-xss-protection: 0
expires: Fri, 27 May 2022 19:23:34 GMT

GET
DATA 200
OK truncated
/ Frame BA5C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbf76306502e1aecff1c2458d6b561a18b7098f93b96e5046a01eddbc2c6ef3f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 bridge3.461.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A076 575 KB
188 KB 22ms
7ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1676929b05575b877aee5503070d1260e83b7201265b27f87e64472e956bfdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.461.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192624
date: Tue, 25 May 2021 04:13:02 GMT
expires: Wed, 25 May 2022 04:13:02 GMT
last-modified: Tue, 25 May 2021 03:58:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 235951
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D37E 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:33 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D37E 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aubtu.biz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1E90 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 934
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 27 May 2021 22:29:59 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FF3 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeHsP_BKwYLqWN82S3gOS1ZCYCAAAAAA4AeAEAg&bg=!5uWl5aHNAAaMan2LjGo7ACkAdvg8Wpo74WVxTmCiJ3oYhghZMfu5sCSW9AnL3LbQSKU3tJ6HZiXvsQIAAACIUgAAAB9oAQcKAM4SNddEUnTuAMW8v9R9quI7-s3wFaf9f3OwFtZi7XHm3hxykAVqtcnfH3r2Y5eAjZ5Ef2RIhZIwIuLocoaHsSRz9jgn-JkRnhXiRjOieh49bOz2s_nvG6D88EcFx3wx-6sIanUWcY5Z09NvPitKHkS355CkGkH9b4BlgpsK0DCH0ywb7QwpqpPCZdr-R43y1WF00gj9uW7NY3ASSr4g0yHhlLp3Ym-T61QcaMNvhaRQqX3a7k4FTAoCULX3MIMOV94b9BzHoX_RWKM57VtXX5kCgyllMZaYNseGxPvhBMR_b3MCy5iPOqgXVy7eshHpbYv-6zwIBY1JFI7FSnY0fip_RqLuaGLLtIEflxdBlMxgyuzHBcRxCQ7GLwjY3Y1lcVYtyBv3gUm5HUonFb0mR9FWSTPrtjA3J0S3DnOM9sHaK2JIG6FFO1QLxxO3cwURZNPrGERQlrfefNwLty0zd-OOEGdCoKJbB1anc4MlOaIsHCfGWN2F1r2vkN8O81kwf-vsc9LL0ShyCVwhDAhp4Nk7qi5M0bk5Y6B0wgg7neBjXOHCf0T7J-ZuJfazmqGENs3WEnnIILWvJ_MWmXXaAS1HkFfJyAV6DBVc_gCZSeqA3eTCDxF_CfX-e4k0xzFh3lsQQqM7knt0Nq6Gi3S4FLAaAIHDeXhX9fUF_3QMqtKLmAL-yL8g_p6xBTa1-uheFFFvtb3G0aBtR3-k66qUor62Eut7oRaYYzoKuEUf9iS--krkPJgjfFdqQU_6gR7VjORp7Nlmt_vkXQPt7ViHWfvxL9mLVirCPW41qwPI0YGdHcXKAeByElh2osiNpYzsA1mg-IFutor-aQQKPaMFoxPrUkX2ABWUzqRevcHREeid-857FU4ocuYzJmCOvsV6x4S1IDrhQUCvDW5qsOuKTDRKyYNBwarr_CU1tGz2TZiEzGqmsOa6LGB_TJKGOTOWMlCrB3de0Nj70VZhXd4MdVyvtzw-nTFp4K4LChvkBEd_Avfmsa-_g2xKRYl3nUbq0McDtkzyWw6I8AOcb3NW4tgnqSf2l_wZ29GwsCtpGy33yzYpLy5KgelK56f6MqW2OchUPYC4uaKFMPUBDZq4pSlh4Thh28KsvWSpBcbahvfF4hD8DrI

Requested by

Host: aubtu.biz
URL: https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&tn=DIV&cls=sticky-footer-pc&ign=false

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=aubtu.biz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aubtu.biz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EF91 0
16 B 15ms
15ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7002491002409919&output=html&adk=1812271804&adf=3025194257&lmt=1622151933&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151933815&bpp=1&bdt=3858&idt=1&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce4d82b34bdc6579-2292ca8129c8007d%3AT%3D1622151930%3AS%3DALNI_MbBMkf-0u_NMLAfNFdgB3_HUPKDPA&prev_fmts=320x100%2C728x90&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&nras=1&correlator=6252834043920&frm=20&pv=1&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=14&uci=a!e&fsb=1&dtd=11

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7002491002409919&output=html&adk=1812271804&adf=3025194257&lmt=1622151933&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622151933815&bpp=1&bdt=3858&idt=1&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce4d82b34bdc6579-2292ca8129c8007d%3AT%3D1622151930%3AS%3DALNI_MbBMkf-0u_NMLAfNFdgB3_HUPKDPA&prev_fmts=320x100%2C728x90&prev_slotnames=aubtu.biz_adx%2Faubtu.biz_adx_336x280_detail1&nras=1&correlator=6252834043920&frm=20&pv=1&ga_vid=1497643118.1622151930&ga_sid=1622151930&ga_hid=1343021819&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065724&oid=3&pvsid=2340078085233420&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=14&uci=a!e&fsb=1&dtd=11
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnaSRNlmcGzPBhW30XB8KWKqjkL_FSGN_2o5CaPtQ9uMMg2YGKbLddd6PyY; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 27 May 2021 21:45:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbf6287612bc94dcfa057521d92094b5acdde7795b0f980942e36dc660871491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7719
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:33 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame A076 156 B
816 B 727ms
648ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21708299310%2C22347246196%2Fca-video-pub-5617098146054077-tag%2F850113329001485&description_url=https%3A%2F%2Faubtu.biz%2F&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1258832475908137&sdkv=h.3.461.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2987319805&sdk_apis=2%2C8&sid=F5D5BB19-B62B-4484-8C0E-E831AB350C78&eid=21064201%2C668123728&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&dt=1622151933864&cookie=ID%3Dce4d82b34bdc6579-2292ca8129c8007d%3AT%3D1622151930%3AS%3DALNI_MbBMkf-0u_NMLAfNFdgB3_HUPKDPA&scor=1847897451279845&ged=ve4_td1_tt0_pd1_la1000_er1049.265.1206.565_vi0.0.1200.1600_vp96_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C6B7 28 B
54 B 19ms
18ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/X9Olvj8jDss?feature=oembed
X-YouTube-Client-Version: 1.20210524.1.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtER0hNTW00dm4tWSj6pcCFBg%3D%3D
X-YouTube-Ad-Signals: dt=1622151930731&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C750%2C422&vis=1&wgl=true&ca_type=image&bid=ANyPxKq49t9eBp9SdIXsIlGuPSLPF1eBKA2s5seGnF--cT9LpuFCIHHLovLJBf7R7k60MN6zrKasjgp8iSEIQEGj9UBuzcE8OQ

Response headers

date: Thu, 27 May 2021 21:45:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:33 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame A7F1 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 27 May 2021 21:44:13 GMT
expires: Fri, 27 May 2022 21:44:13 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 80
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3E03 783 B
530 B 16ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3983ba8d3bdca48c705c7a867dd24fbcb3384a192467fdccd9e0089afd5f877d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jWUx+lr1Calbia4pbcDIrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

expires: Thu, 27 May 2021 21:45:33 GMT
date: Thu, 27 May 2021 21:45:33 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-jWUx+lr1Calbia4pbcDIrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js Show response
pagead2.googlesyndication.com/bg/ Frame A7F1 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 13:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 375882
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5712
x-xss-protection: 0
expires: Mon, 23 May 2022 13:20:51 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 46ms
46ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=2340078085233420&bg=!JySlJGDNAAaMan2LjGo7ACkAdvg8Wkcdp84JVIDfPTWptWfkiDktLCSBDiS9r6KfA5Bykc3VwwT1mAIAAABpUgAAAA1oAQcKAUm-uWE9pbUqPx7B7rOqtYFIEiahehTNA0Y1_nBE9jVpy7fktEcNvnmMPdgZQgtdcvs-N5i6l43fYaskidZwdknWzbI7JSuBEMcpedr3YL9rqbaAexg7eH8tfG7D0usyB2jD6Bfm1ludrkZdzzU91mE-jN21lSC_iX7UxW57yHgWEVENeDqPUeTek-ApVvqd1sQqjXUEv5IlX7D1efE9lvKRTsxnO51ArdkYDkMdkvQzcfrCIo7GgA8IsO7QbAtphmilliSHZQWtrb6Nq70GSrNJyhyarzsaiWbGCJKwZL5gXIxBtdnBkZM5hNAQa7IdKdpDdeQ1W6-e5MsLOOup8d21zdAvZfXIkoPbE12W86MdgPLq8aYVPx1Kbt2rrBtzmBvQDLiNPXdIWdRnlmaNNtNyURWgIR9Gqe6Ci0icN1rDNyO_cS-pbs1VHZkCLZxyUIbnEKa_7htsuWHXL1IXLy8J2quY5kW5vR_1IMGWaFcjsX0squxg-bAh1Pfx7EtX8Fqm_w94wTVtMvAtNVSPLgugxX5Twm578WXV13ldRzcJufiz-DPvczbZ5p8MVFC1GeohA_v3rc6JenZ_hN5hyKj4kU77p2yswkHuAqWZ3zpdHvH7dMDF1NO4XdC3vBQ8rZCAhUzLiznPT3xTJaoHuusINwxa_tV0H08HaMhXjfwPioU5TgyEBLrpvi7orH0qSikbaNSoRvtb6m70lnsXrgZ0HX7EVVEKTFcfGs5P0gT5HmcdOvg_r9xgdLZpO_3yLvY4d2oW4LFvNnZKW24A-Q2VFg_KKcbwKyzq2b-WFGUGpzdNcAbdeHGGHdxX5panOiysqjic7sjmGrZIE08lsZIEwIt9NnAt63JSKb-BlSrkE5e0Mf_GETZyzrd5msll5ZZClbEF-KDfajvNOEGhrh9txr2AAyQTNB0nyOLNZirEz7vBPC1lMbz367zRak-xCX71TzaRlfllIKZaXAHKIqOyuoW0BUNLIvUerw6MowA3-X98G05451LpO5eOihXxzfktGkxfmUBbVmxlAc8BkljCnkhczUvY3IkKDjh3SIxeRAsf9CMlmYYQRoKtVoa-3W4wrp_f4KbplNL_M_s-0xcW1sWsKjwIZuLCTVaNnse0xHAniEhF5x1wpZHhI_WcHTz10FPmXbV3ra8cCv-0gs6SWvtcKU_pgViP

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame DAC0 28 B
54 B 20ms
20ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e467278e/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/YOT7VmgzzFU?feature=oembed
X-YouTube-Client-Version: 1.20210524.1.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtDM1hjenhjN3VmVSj6pcCFBg%3D%3D
X-YouTube-Ad-Signals: dt=1622151930723&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C750%2C422&vis=1&wgl=true&ca_type=image&bid=ANyPxKoX_AOXE1oUi2fHvNOLSj2Z1tOVA8YDygAKiFxd8-5rqiKdtZhcBuumLe0bs_s46qFU4cjKeGcCYrPLKAmCmHPYHAGIuw

Response headers

date: Thu, 27 May 2021 21:45:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:34 GMT

POST
H/1.1 204
No Content log
pixel.inforsea.com/server/ 0
0 242ms
61ms Fetch 54.217.85.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.inforsea.com/server/log
Requested by: Host: player.inforsea.com
URL: https://player.inforsea.com/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.85.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-85-43.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://aubtu.biz
Date: Thu, 27 May 2021 21:45:34 GMT
Server: nginx/1.15.8
Connection: keep-alive

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 147 B
840 B 102ms
102ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.inforsea.com
URL: https://player.inforsea.com/player.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

dce66c629760e4c24dc7b5ed6fb10b5248ade6e9a588f04ad0ae3c55fcf63735

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 21:45:34 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.75:80
AN-X-Request-Uuid: 5da1853e-6a71-4720-b0f3-043d101630a2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://aubtu.biz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 147
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
645 B 218ms
114ms XHR
text/xml 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1032352&t=2&w=750&h=422&url=https%3A%2F%2Faubtu.biz%2F&gdpr=1&gdpr_consent=

Requested by

Host: player.inforsea.com
URL: https://player.inforsea.com/player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:34 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://aubtu.biz
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BA5C 42 B
64 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZaykIwUj9pngdfPkYITl3pc8XNL6m-K30UQcuJkzY3QCtoctBQD6YCF8e4AHSPHGDaoyXlHM7mtLc0DvvGx3gfN9IEJLW33QwtLvNgYnHosX2&sai=AMfl-YTomufhsBF4LT9f5ExmlbtQST6GSQf4Z4tIRStnsG1-nOLPfMc572qJ68tlSV2JsZedlHEk0AEgyZMuD8O6Ui-WYZyCwn4GvCuiPfqMbMlp2sUlTX2BHOXwHxOMZc0y&sig=Cg0ArKJSzLDV8ZModCTfEAE&cid=CAASPeRodiKxpSCvGZwN_HfSPP0700qTdVFLaHej6e_9NeKPowcI8gzuvr_75boTIvV5qWvMx1YvKi01BedwvnA&id=lidar2&mcvt=1001&p=666,1040,1270,1340&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=0.88&if=1&app=0&itpl=20&adk=3622917733&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622151933432&dlt=22&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C080 52 KB
17 KB 155ms
53ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.inforsea.com
URL: https://player.inforsea.com/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://aubtu.biz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=4359962732502233904; anj=dTM7k!M41.D>6NRF']wIg2In4JD2!N!1yIE`fS1ueD1W-044)d+]Uep+7p^EG$pgMX(G^hob1S]C9(%F.s312NUA_<P(hw9P-HC_#tuY^*.kPi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 28 May 2021 21:45:36 GMT
Date: Thu, 27 May 2021 21:45:34 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C080 0
750 B 69ms
69ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 21:45:34 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.6:80
AN-X-Request-Uuid: 2d177680-39ae-4a05-8c04-187bbbd66324
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B06F 336 KB
115 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.inforsea.com
URL: https://player.inforsea.com/player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0763cefe362deddc5a533e71213145d35dcea9c9b80ae9e59a33e90240489e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117984
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:35 GMT

GET
H2 200 vans-adapter-google-ima.js Show response
static.adsafeprotected.com/ Frame DB9A 19 KB
7 KB 63ms
63ms Script
application/javascript 108.128.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by: Host: player.inforsea.com
URL: https://player.inforsea.com/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-95-108.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b7aa714a4418a8e3d269a472e0ba2168cca963243ce2c94ad32315cd239fd245

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:35 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 18:23:25 GMT
server: nginx/1.16.1
age: 521521
etag: W/"90eaad1daab4870a6a4ed031687aa680"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

GET
H3-29 200 bridge3.461.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B014 575 KB
188 KB 9ms
8ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1676929b05575b877aee5503070d1260e83b7201265b27f87e64472e956bfdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.461.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192624
date: Tue, 25 May 2021 04:13:02 GMT
expires: Wed, 25 May 2022 04:13:02 GMT
last-modified: Tue, 25 May 2021 03:58:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 235953
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B06F 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:35 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame B06F 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aubtu.biz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EE0E 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 936
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 27 May 2021 22:29:59 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame B014 156 B
183 B 487ms
445ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21708299310%2C22347246196%2Fca-video-pub-5617098146054077-tag%2F850113329001485&description_url=https%3A%2F%2Faubtu.biz%2F&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2265130573032083&sdkv=h.3.461.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=813533625&sdk_apis=2%2C8&sid=57EC4E8B-2FFE-4E0D-B87F-E10A230B6AA0&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&dt=1622151935530&cookie=ID%3Dce4d82b34bdc6579-2292ca8129c8007d%3AT%3D1622151930%3AS%3DALNI_MbBMkf-0u_NMLAfNFdgB3_HUPKDPA&scor=1255450140258751&ged=ve4_td1_tt1_pd1_la1000_er1049.265.1206.565_vi0.0.1200.1600_vp96_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content log
pixel.inforsea.com/server/ 0
0 61ms
60ms Fetch 54.217.85.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.inforsea.com/server/log
Requested by: Host: player.inforsea.com
URL: https://player.inforsea.com/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.85.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-85-43.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://aubtu.biz
Date: Thu, 27 May 2021 21:45:35 GMT
Server: nginx/1.15.8
Connection: keep-alive

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C080 0
752 B 45ms
45ms Script
text/html 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 21:45:35 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.116:80
AN-X-Request-Uuid: 44385686-bee9-479e-87c0-baefcb4b16a4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 147 B
841 B 75ms
74ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.inforsea.com
URL: https://player.inforsea.com/player.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6f5b8114f0dac3aa0abb4ace9fdce499d9a843ed4240ae252ecfbd5d78b6349a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 21:45:36 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.236:80
AN-X-Request-Uuid: 61e66fe1-df76-41b3-b5e6-72654f828f41
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://aubtu.biz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 147
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
644 B 127ms
127ms XHR
text/xml 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=1032352&t=2&w=750&h=422&url=https%3A%2F%2Faubtu.biz%2F&gdpr=1&gdpr_consent=

Requested by

Host: player.inforsea.com
URL: https://player.inforsea.com/player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:36 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://aubtu.biz
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8FF9 336 KB
115 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.inforsea.com
URL: https://player.inforsea.com/player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0763cefe362deddc5a533e71213145d35dcea9c9b80ae9e59a33e90240489e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117984
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:36 GMT

GET
H2 200 vans-adapter-google-ima.js Show response
static.adsafeprotected.com/ Frame 7E23 19 KB
7 KB 64ms
64ms Script
application/javascript 108.128.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by: Host: player.inforsea.com
URL: https://player.inforsea.com/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-95-108.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b7aa714a4418a8e3d269a472e0ba2168cca963243ce2c94ad32315cd239fd245

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:36 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 18:23:25 GMT
server: nginx/1.16.1
age: 520978
etag: W/"90eaad1daab4870a6a4ed031687aa680"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

GET
H3-29 200 bridge3.461.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0200 575 KB
188 KB 8ms
8ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1676929b05575b877aee5503070d1260e83b7201265b27f87e64472e956bfdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.461.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192624
date: Tue, 25 May 2021 04:13:02 GMT
expires: Wed, 25 May 2022 04:13:02 GMT
last-modified: Tue, 25 May 2021 03:58:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 235954
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8FF9 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:36 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8FF9 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aubtu.biz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5327 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 937
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 27 May 2021 22:29:59 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 0200 156 B
183 B 455ms
454ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21708299310%2C22347246196%2Fca-video-pub-5617098146054077-tag%2F850113329001485&description_url=https%3A%2F%2Faubtu.biz%2F&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=197345948675356&sdkv=h.3.461.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=880843147&sdk_apis=2%2C8&sid=0BA9217F-DF7B-4C9F-A7F0-CC8C0802F9D4&eid=44741361&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&dt=1622151936864&cookie=ID%3Dce4d82b34bdc6579-2292ca8129c8007d%3AT%3D1622151930%3AS%3DALNI_MbBMkf-0u_NMLAfNFdgB3_HUPKDPA&scor=784848466389670&ged=ve4_td0_tt0_pd0_la0_er1049.265.1206.565_vi0.0.1200.1600_vp96_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content log
pixel.inforsea.com/server/ 0
0 61ms
60ms Fetch 54.217.85.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.inforsea.com/server/log
Requested by: Host: player.inforsea.com
URL: https://player.inforsea.com/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.85.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-85-43.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://aubtu.biz
Date: Thu, 27 May 2021 21:45:37 GMT
Server: nginx/1.15.8
Connection: keep-alive

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
839 B 54ms
54ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.inforsea.com
URL: https://player.inforsea.com/player.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1670a771c7bd2a706b466c54d267bb8e69f3ab66b6123e7319ba189a265dafba

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 27 May 2021 21:45:37 GMT
X-Proxy-Origin: 89.238.186.243; 89.238.186.243; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.50:80
AN-X-Request-Uuid: e0d028fa-a94c-4a6a-ae15-282b7ef60dfb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://aubtu.biz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 28CC 336 KB
115 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.inforsea.com
URL: https://player.inforsea.com/player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0763cefe362deddc5a533e71213145d35dcea9c9b80ae9e59a33e90240489e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117984
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:37 GMT

GET
H2 200 vans-adapter-google-ima.js Show response
static.adsafeprotected.com/ Frame BD07 19 KB
7 KB 64ms
63ms Script
application/javascript 108.128.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by: Host: player.inforsea.com
URL: https://player.inforsea.com/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-95-108.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b7aa714a4418a8e3d269a472e0ba2168cca963243ce2c94ad32315cd239fd245

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:37 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 18:23:25 GMT
server: nginx/1.16.1
age: 552316
etag: W/"90eaad1daab4870a6a4ed031687aa680"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

GET
H3-29 200 bridge3.461.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BF24 575 KB
188 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1676929b05575b877aee5503070d1260e83b7201265b27f87e64472e956bfdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.461.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192624
date: Tue, 25 May 2021 04:13:02 GMT
expires: Wed, 25 May 2022 04:13:02 GMT
last-modified: Tue, 25 May 2021 03:58:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 235956
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 28CC 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:38 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 28CC 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aubtu.biz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8837 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 939
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 27 May 2021 22:29:59 GMT

GET ads
pubads.g.doubleclick.net/gampad/live/ Frame BF24 0
0

POST
H/1.1 204
No Content log
pixel.inforsea.com/server/ 0
0 430ms
31ms Fetch 34.248.169.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.inforsea.com/server/log
Requested by: Host: player.inforsea.com
URL: https://player.inforsea.com/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.169.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-169-210.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://aubtu.biz
Date: Thu, 27 May 2021 21:45:38 GMT
Server: nginx/1.15.8
Connection: keep-alive

GET
H2 200 dc_oe=ChMI1Ya07erq8AIVT5V3Ch0BmwhpEAAYACCaneFHQhMI9pj67Orq8AIVHph3Ch04HwMq;met=1;&timestamp=1622151942820;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame BBDE 42 B
107 B 65ms
45ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1Ya07erq8AIVT5V3Ch0BmwhpEAAYACCaneFHQhMI9pj67Orq8AIVHph3Ch04HwMq;met=1;&timestamp=1622151942820;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI44TA7erq8AIVs-67CB2b9QE9EAAYACDg2uRCQhMIkYaW7erq8AIVk_Z3Ch0UwgID;met=1;&timestamp=1622151942836;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 4632 42 B
498 B 46ms
42ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI44TA7erq8AIVs-67CB2b9QE9EAAYACDg2uRCQhMIkYaW7erq8AIVk_Z3Ch0UwgID;met=1;&timestamp=1622151942836;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C702 0
446 B 64ms
45ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=415.0000&a1=https&f1=layout_html&s1=0&d1=15.0000&a2=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F11417214532185088857%2F336-280%2F336-280.html%23t%3D17729221498375546024%26p%3Dhttps%253A%252F%252Fbca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com&a3=https%3A%2F%2Ftpc.googlesyndication.com%2Fpagead%2Fgadgets%2Fhtml5%2Fapi%2Fexitapi-impl.js&s3=129.8000&d3=7.6000&a4=https%3A%2F%2Ftpc.googlesyndication.com%2Fpagead%2Fgadgets%2Fhtml5%2Faddata.js&s4=129.9000&d4=7.0000&a5=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F11417214532185088857%2F336-280%2F336-280.html&f5=Custom_layout&s5=-1&d5=-1&i=523917599751&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F11417214532185088857%2F336-280%2F336-280.html&qqi=CM3IqO3q6vACFcrrdwodoDYOAg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 21:45:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A046 336 KB
116 KB 32ms
14ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.inforsea.com
URL: https://player.inforsea.com/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0763cefe362deddc5a533e71213145d35dcea9c9b80ae9e59a33e90240489e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117984
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:43 GMT

GET
H2 200 vans-adapter-google-ima.js Show response
static.adsafeprotected.com/ Frame B908 19 KB
7 KB 90ms
30ms Script
application/javascript 108.128.95.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by: Host: player.inforsea.com
URL: https://player.inforsea.com/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-95-108.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b7aa714a4418a8e3d269a472e0ba2168cca963243ce2c94ad32315cd239fd245

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:43 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 18:23:25 GMT
server: nginx/1.16.1
age: 405995
etag: W/"90eaad1daab4870a6a4ed031687aa680"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

GET
H3-29 200 bridge3.461.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9714 575 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1676929b05575b877aee5503070d1260e83b7201265b27f87e64472e956bfdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.461.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aubtu.biz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aubtu.biz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192624
date: Tue, 25 May 2021 04:13:02 GMT
expires: Wed, 25 May 2022 04:13:02 GMT
last-modified: Tue, 25 May 2021 03:58:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 235961
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A046 44 KB
17 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 27 May 2021 21:45:43 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A046 107 B
553 B 33ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aubtu.biz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 May 2021 21:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 50AA 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 944
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Thu, 27 May 2021 22:29:59 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 9714 25 KB
8 KB 537ms
518ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21708299310%2C22347246196%2Fca-video-pub-5617098146054077-tag%2F850113329001485&description_url=https%3A%2F%2Faubtu.biz%2F&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2809483054855349&sdkv=h.3.461.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2367225093&sdk_apis=2%2C8&sid=2E35B413-BC9D-43EA-AC31-D48F606ECE14&eid=44741234&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&dlt=1622151943630&idt=213&dt=1622151943853&cookie_enabled=1&scor=21333583988338&ged=ve4_td0_tt0_pd0_la0_er1049.265.1206.565_vi0.0.1200.1600_vp96_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

ltt /

Resource Hash

5657c6d4d102c6a935132366b8c54341b355bb997e2ffc5eb2d3e93473993650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7095
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: ltt
google-creative-id: -1
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content log
pixel.inforsea.com/server/ 0
0 1705ms
64ms Fetch 34.248.169.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.inforsea.com/server/log
Requested by: Host: player.inforsea.com
URL: https://player.inforsea.com/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.169.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-169-210.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://aubtu.biz
Date: Thu, 27 May 2021 21:45:45 GMT
Server: nginx/1.15.8
Connection: keep-alive

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 9714 26 KB
13 KB 222ms
89ms XHR
text/xml 108.177.15.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CIxNMu1vYQpPkFFHIC7p6d4mTePmfx_IcfvbiAQKClso8_T-vbMR5aXYKfeWN6kExHBmuKVSiOsxNsS_qLfjiPMVZsJw&dbm_d=AKAmf-C80M1G3SgbvGkCA4kRY79H8nEm4KzynGsWA9Kx2_fdply_y0FDHNRxLVHkdaSeToNZR2RgRi3Y3pMukLfQ2zJaR-IyN0lQ4koWDQGcWVsftqOkoXAAncq3fh-EBlrPIBZLC06UhB8oX-UpfgLHeQ8gHmBGxr5XVrQl7ede8kAlstqE8xNIs04cftpBPTIT_U_dUBTXJb23npAi5yi17r6ljAR4WeWRjZn238WoPXOCQTvToC4Omw21r_BQx9w5JZbdYph5lTaApNkDEvBidu5rKT6Q_EuFa6QpKgdTQtD4q3UwSKWQV5vg7ZXqJxznu9HfaNU2nDtioazMyBZUiECy_4yPBczALHxEyZUYwQrVtUs6A26JTEV3Vcq2sN2CRmvDtcHk8DClG0LIF4SYaL9Mv3pr8TTgBPszqLmgx1GBavtUvUuJ4A4S6RHze2k_NSXqNnR0HxTg9MZ1ssMZPE_ixZnkNkxvTak3c-YCAnw5LnlD_DmVExnyttTZxMAgymLzmNUrruJJ32Qo7bgBin5Kv6wCASBmLjnJmU1qQgCmnmE1wMMx9iZJzv-T4zqoubcy7dALecpJqlnZb8lEV75SAxBOWIBz7IStBEM83H7xrQrT48rJbBQkse4gLo6lTyRTi9QxYuFu2dOliPvzv_nfyDJU0fIvWSsPXxqFeLyk60g_4y6jNhDp54_4Pd3cSkD-BnDXQW3zuzvE3aQgG6aXYqGaaVRY5stDa9lQcMpc7ttzqCobQXRXQ_mdRfq07iCiCSPysFHiKkN3K2kIvYpMWdQrx2thFKaZ5rDGrgbjSeE7xr7lWC60aiA_BdEf6hoi3r9fFSvE47SFwIJbxKvt5b8gVDvvojsKiUZcb2ugzt08mUDsqZ-6TbKGoi_psxmHkip6fkDhKNNWjNAhTpWxM9Ho_jSjnZvRTMDgO4lHgKtD2hwO35XiX5YggjeS4zi6eOOp_OmfWyAyswVRYz_3uo6wtyPMcuIGT4AqeLocfybgBJM4qEDCIJNI3x5Wf5-AXdAJs1SqXBqgshaZ23UCR0-fbypU4Ch0T8kDLMxWZ_RBwDaA1JJtmmzEGFvb1X5l_JoYeyzKI4TE6_geKnpxpNp-8MJfRfcgy0nMWuUAhfExER3EdbSvys0-2vxayPZESzQPbHKHgd49AQSpVLae3pCNg1kiSfNErW4v5J7n3BMByP1II28Dt-JYPiztEQpb9PVnZ0S9IELr4S1sy5CZIUA2mp_F6Ip7w-h0hdD1kwG-goKRPyWXSOHZ9XeoPTjzgWUoKAkECAeAZEw-XPwiDaBBYhtYwyEPrU9tv5zIPoq-RNo9AGkTfJ7kmf__cnHmZ7Hyc2qXQ3hFQjggsgSCI_I4enwW5b3YYfb5rt26FylRI5kgj0XoblX4h6sXwMINggZR7PYg_Nectwtv6bWooZl9cXPKYSmgtb3RRJ_7BdNsgGSoc90fOfiiidsOQkOH8suUn0QtvJD3wSQY56uq1tLDvabvHiaxgF9eIKfgFZnpg8gpDMIYKePcv_h0KUaesxJEAoo43ojsQaf2CRiEPKcLvpII-ILIDatxghKGxQxZNJp671K2pSjnAzEeklafFv1DkbsDJbjeDqxKvGaqWfv0AgzY7MRn4WRNXITmsarZPNc0gAe4sBa4EctFQf1FF4OxWYClG6-cJ_Nfxv4TS1vBcuwTvsKUDTY-XmBLRa75adsnb_PgV1naK5U-2LKobeBZ2W-z7HcCPY8QUQ4y5C4FBApo9AkDT8AUccemG1x104xNCgCwPHGTGkysHJd4PF_VbwG4fK3eEUtVuM6rVVQ1IqoZspy_fXUUFaJXGXHicFCY3IdjzGyPgI-nDsNQuivNIGjN0toiKtoGYyQGE0L11PXltYiWxhPgjE1AksAX7SXyjLbOdJS52Wv8Z60SkhtXPbZP3D3o7s4qVCA1O-jM16DT1bsHAV5jtXX0k-MtChHLwSUN3jbg2lzB4HDtYBqTwAkmFD6bomjUbgzNHLgEKB0Sj0fAIvUr2-pZRM0XpP7gb-T6u9USBs-pXVvSP0m-lFCScRfKSUHxO3g2k6x0-p8WcEbrtR0BHrop8qZ9ZwS2hCNNs8bBUU8Lyv0882ay8MAVeIFq4tvRWP3tdogc4aoXtOdUaWnw6Dtr6VhR9_vd7WnpFMM2rzNLtHKO8kccgdwTkvpoM83KUo3Kc1_ErFxGUMQYVho13U4quVQcuJfGI6CdoFkTNKDjv2NgIxdglKOX8nyVudnVZ3HW-sZnXpISfh418DJc2nKcljBdquxTHtTImUZgdIXnpC9mb69r8Nk8vTwsDUcFFc8__VecpgbeFBDan2urumQIEpV3W8QhQ-KFUjuQHV4FztIv9Ti6g7J1mW2GDRLx3PtHTesRhmqajX9gCsggH5dtKL_ru4pHzzNgAOg7OR9PumbOL2va4PWXoafREshcWwrcDP4MKgJ2lsHejtETssBiFF_Ddt16GSkOUeN8hZ0x5NlwoRDbkF9m89hCaY2K2hNEpDgGCDaMJZMaulVnXPk4Yc6ORxD6qEJpCj1qeVeokezY2sy257uPNiRtXT_l4UiiTz-fLEJo267fmajuZNAEEtkkK8P9BocizPZCjcqlKMXAuu0VXwU-9AL1Y7s9r7vmo2IDTsAI6CR7CuOkSISr_o8tIl58TRChTNeOGE8bIm2gJOWRziqspcn6JqVpjs2-5Kyt6PkMnESDVw6zrVk6YvxR2Tyfnk_ZCIHdYfcmv5fpU9qHsf5_fkwMF6-XDz6Joj6ceKp-J1rNE6wWq2iS2HZmNh87Lx9ZaTwvZ35HGxggXyBKRDgwjp_PBxI1KPVSBaQhLCtOB4YrOr5OvZQocF9l2m98us2mIyIlbfRFm_EK8GxaATIklVqKplLs1lHisjHrfFoO_weapIWiAf9rBdCbHE-QMdivVARDtKyLsFuwfznJUFQpleg2BjWYqPIN4EjGlk95aOvgEDLVgmU_L0w5vvr5D_PIpReGoxzBgnNdJYIH78E2QYsquS0l96cwoGNWvvyg4r2c_oqDdNRozy0Gr0RIeiUQS_z1F38JgGSoTjsux9t6VsmUkairCl_1K53CP0R7Hh-lpbuaPKRyHdWBzUlXStCniiyc3y_nQ57uOMmVHyb-4YqlrniK8n8sptcly6S9eq4hKFBLO5JknVyd4E8OcGhxOKRB-muYxn2vl17OxWcEUhT719djT8UDlZz-vsVfGvq94ydfSuUW-EHqeWF1w6Cehn5hy20mWkoU5wEYUmAWnTmiISc3sW_lYScOVzVileRY0pKo3jFRbTaFJMg&cid=CAASPeRoPxEw4ICMAPFsZ4lKHH2RFUIa8P5mTNiz0fVQEIBk8sObTUWyYp3w_1mnJ8lyd2qQEZlDJPXQGq8miqQ&sdkv=h.3.461.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2367225093&sdk_apis=2%2C8&sid=2E35B413-BC9D-43EA-AC31-D48F606ECE14&eid=44741234&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&dlt=1622151943630&idt=213&dt=1622151944400&ged=ve4_td0_tt0_pd0_la0_er1049.265.1206.565_vi0.0.1200.1600_vp96_ts0_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.461.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f157.1e100.net

Software

cafe /

Resource Hash

de58a0043353f7d42075d29a99611d5ede2bb2c0e6c38b61a524ff11a912f2bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 21:45:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12802
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content log
pixel.inforsea.com/server/ 0
110 B 281ms
70ms Image
text/plain 34.248.169.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.inforsea.com/server/log?event=b&dim1=15639&session_id=a7rzbgur2dxu&affiliate_id=l8lqqsa9v&domainapp=aubtu.biz&width=750&height=422&visible=36&cb=5327739371141&publisher_id=850113329001485&country=CZ&os=Windows&os_version=10&browser=Chrome&browser_version=89&iab=IAB7&vidseg=62u&ad_source_id=x58qqu0pr&sell_cpm=3.87&request_cost=0&impc_aa=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.169.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-169-210.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 27 May 2021 21:45:44 GMT
Server: nginx/1.15.8

POST
H/1.1 204
No Content log
pixel.inforsea.com/server/ 0
0 254ms
64ms Fetch 34.248.169.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.inforsea.com/server/log
Requested by: Host: player.inforsea.com
URL: https://player.inforsea.com/player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.169.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-169-210.eu-west-1.compute.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash

Request headers

Referer: https://aubtu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://aubtu.biz
Date: Thu, 27 May 2021 21:45:45 GMT
Server: nginx/1.15.8
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: animals.24hminecraft.com
URL: https://animals.24hminecraft.com/wp-content/uploads/2021/05/17613.jpg

Domain: animals.24hminecraft.com
URL: https://animals.24hminecraft.com/wp-content/uploads/2021/05/17609.jpg

Domain: animals.24hminecraft.com
URL: https://animals.24hminecraft.com/wp-content/uploads/2021/05/17616.jpg

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21708299310%2C22347246196%2Fca-video-pub-5617098146054077-tag%2F850113329001485&description_url=https%3A%2F%2Faubtu.biz%2F&tfcd=0&npa=0&sz=400x300&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1516736105469469&sdkv=h.3.461.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2367225093&sdk_apis=2%2C8&sid=D6A9E56F-0AE7-4482-8C30-C0415412AE2A&eid=420706106&url=https%3A%2F%2Faubtu.biz%2F2541%2F%3Futm_source%3Dcatparadises%26utm_medium%3Dcatparadises%26utm_campaign%3Dcatparadises&dt=1622151938124&cookie=ID%3Dce4d82b34bdc6579-2292ca8129c8007d%3AT%3D1622151930%3AS%3DALNI_MbBMkf-0u_NMLAfNFdgB3_HUPKDPA&scor=4381635221425916&ged=ve4_td0_tt0_pd0_la0_er1049.265.1206.565_vi0.0.1200.1600_vp96_eb23147

Verdicts & Comments Add Verdict or Comment

304 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 22:55:03	Name: VISITOR_INFO1_LIVE Value: DGHMMm4vn-Y
.doubleclick.net/	1970-01-19 18:35:55	Name: DSID Value: NO_DATA
.aubtu.biz/	1970-01-20 03:57:27	Name: __gads Value: ID=ce4d82b34bdc6579-2292ca8129c8007d:T=1622151930:S=ALNI_MbBMkf-0u_NMLAfNFdgB3_HUPKDPA
.aubtu.biz/	1970-01-19 18:35:51	Name: _gat_gtag_UA_153122571_11 Value: 1
.aubtu.biz/	1970-01-19 18:37:18	Name: _gid Value: GA1.2.1959807853.1622151930
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Z78rU3rs37s
.doubleclick.net/	1970-01-20 03:57:27	Name: IDE Value: AHWqTUnaSRNlmcGzPBhW30XB8KWKqjkL_FSGN_2o5CaPtQ9uMMg2YGKbLddd6PyY
.aubtu.biz/	1970-01-20 12:07:03	Name: _ga Value: GA1.2.1497643118.1622151930

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://aubtu.biz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	info	URL: https://cdn.ampproject.org/rtv/032105242203000/amp4ads-v0.mjs(Line 17) Message: Powered by AMP ⚡ HTML – Version 2105242203000 https://aubtu.biz/2541/?utm_source=catparadises&utm_medium=catparadises&utm_campaign=catparadises

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ade.googlesyndication.com
ads.yahoo.com
adservice.google.com
adservice.google.cz
adservice.google.de
adx.adform.net
animals.24hminecraft.com
aubtu.biz
bca98fca4f4fb7da8a571f821b7b5b6e.safeframe.googlesyndication.com
bid.g.doubleclick.net
call.inforsea.com
catsmylife.com
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gamezity.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.imgur.com
i.ytimg.com
ib.adnxs.com
imasdk.googleapis.com
nv.vi-serve.com
olipfun.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.inforsea.com
player.inforsea.com
pubads.g.doubleclick.net
rtb-csync.smartadserver.com
s.vi-serve.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
t.vi-serve.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
vis.vi-serve.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
animals.24hminecraft.com
pubads.g.doubleclick.net
104.111.242.245
108.128.95.108
108.177.15.157
142.250.181.226
142.250.184.194
142.250.184.226
142.250.185.130
142.250.186.130
144.202.54.102
151.101.112.193
18.156.0.31
185.33.221.15
185.86.139.115
185.94.180.126
2.18.232.130
2.18.234.21
205.185.216.10
205.185.216.42
207.148.25.39
2606:4700:3030::ac43:cf9e
2606:4700:3031::ac43:8358
2606:4700::6810:125e
2a00:1288:80:800::7001
2a00:1450:4001:800::2001
2a00:1450:4001:802::200a
2a00:1450:4001:803::2016
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2006
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:828::200a
2a00:1450:4001:828::2016
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
34.248.169.210
34.255.45.240
34.98.64.218
37.157.6.253
54.154.115.239
54.217.85.43
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0763cefe362deddc5a533e71213145d35dcea9c9b80ae9e59a33e90240489e5c
083ee6d2f1036f9facc5582267142fc4fa950ebe1657adeb776210a2d3f4d1b3
0a0db2bebecd6f3a00abe15e1d8db96c364f9dce55cf27aec9d9f758755118a4
0b82521fa29d9b7c86a0dd5330fff1e4cd1f09590b47e6c577d6e37fbfaca584
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be138567f72e46ea2b9622d43b8b1a33df3996a50eb1397eae716a463535da2
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d0d250d6054bd22892dd75adb8f3b9f0b3f40445939e3ad39ceb99aa38c1991
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1023acb5d2a1a9f32ced070b62285c08f8a1e3b4019e415132ed378a99c56376
1231d00b5c5fc63132f29f66f2725e0f6413d8026d4a53f1eb3bed191c0dc253
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98
12a63339f449f6df0e3b830e636f5b3b60ba29abc9393e3286cf59cdb43f8cfc
139c8dc658913a591b755ccc6a99bda3ce2c1da7ee36ac945b9a382c3ed0eca3
155badaf72ee5c49d2c776cbd4a156211c0d692f17f9d84daf1db28388a0666c
1670a771c7bd2a706b466c54d267bb8e69f3ab66b6123e7319ba189a265dafba
1676929b05575b877aee5503070d1260e83b7201265b27f87e64472e956bfdd6
17380526a824a0cf0baab498facbd805f184972ef8e56bbd7f5b3ce87785ec8a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189196e7f1a6f800e0ae56a8ab2aeddb9403eae4e650884204d71ab5863b0637
1a90b34d4e3de868e011c4985e18878e5de768b5697bb10b32b291ceb941dde2
1b6686f06d08282c3d7d0f76d73b131649eb5df5d66031b8ac292c2c4904bca4
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e
23a29854f31eb2dbd28971361346d3978b843bbfdd0cef7fa300008ba701db07
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2795a8903b81d5c68f94c21f5fb42790b6e1e165c1d72ba8400a4043a2a1632f
2959c879f8cb0789f46c27f13bd77102cd9790f0a08693ed3f4ac4c9e2d7e7a5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bbc50a705dc4c90953d04a253a68cdcf04c621986c4713413c3706c909a7561
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320
2ebb1c151192f11b0e3503d435b96fb66868bd44d0f0c0244e2b1775f893892a
2f83c1acd35841625e35918c4410bc6bb8d7f410f11955cad2b327a3407f673f
30b1f89fe424a9bdc9c520692eaff3c9793f60ed4003218d74f3dc7bd5c9b6fd
31b5b8188e3bbd2dd128285dd6f0a9713da79baf61c8293d0a9cf2c8dafb4359
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bca00e47d0f75c52da52741e92427fa59e4783b1190e52f959a29cf4a21719
33bc5b6a9944e817a3cd8d4a0f1d43af1c4f8959281e6b3b00dd9f79a40f53bc
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3983ba8d3bdca48c705c7a867dd24fbcb3384a192467fdccd9e0089afd5f877d
399867dc3b446172a68f80282541843d4687f3808bd6daaaed088c596eca9e13
39f00607e1e24f7d5d281b8effeb2d7f094e9b0b25bd78eba6e433e772d4ef60
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d98123e0840ba76b93bf92147d2664fb0bc23cf37d61561e48fd270bbd0d1de
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
409237b1874174dc89c33f672a39eb1e2d486f7d846f5d4d9ac77feb80282b45
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
47e659b1f4e21e26efc39650687f1d1a53034e91b49240a38e8f5d66bac247ff
47e66402d3528e52a4f463140a11dc5b91550f0db13fca8e579c653839082f07
4872888105238016fa734b451219676ae7389a2168b96465846d52bd41e40a5c
4ae5900a96fbc8d58ab39545174c767f4d897ac58fc1397f4ca780756bddc303
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6db79a82864325a3f0f836f8b67736c287b51e02163ac93af23a48c50e3f41
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53ed3b9c698de23e29079ceca55bc05ea68ffa9c060c026ba6def5f306057a04
540ba53df389d0f2bc093ca892888ca796eac68acc10f95a345b3da38d1cf3a5
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5657c6d4d102c6a935132366b8c54341b355bb997e2ffc5eb2d3e93473993650
577cf87bef6a4cf8a0d07d27447e5841959c9658e5681600593625e60430e629
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d5c23ed8ca34f944cdc05b9b8c5827dfa6e758362284598335fc841d5c8f3a0
5e9eea4d492e2ccc8aab6b547221391bd275bd2acfe7b5c2d745f3cfa347f386
5fe061d3da79d71cb8d7c2b7e72fc2b4e3affb446c1b3807e7e2ab5593988d5b
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60468cee664f21f8ee97547282aba1fd5fd7a5ed82601b87f6b63b92483c3244
6172520ab4664e8da188823aa192432e29c2b16107b79f994a050304d7ab23e6
65ee7d1ce98b3e7467c019eba6776f712b608186028187ea324cf891228e1616
6701698f0a27ba0ecce30ea473ee4891b1f704af62b77122333c33070c205932
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
69a107f89472559b9a1802546df23bfb3125619782fd984a2a8172dd1fb18f7e
6b072b4759b5545ede303930f6c13f22a76d726fc862fb2ac39896b4e61c108b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7b324ade1ce7d33ce2546b64dad4de9d5fdb37248f8743aa592e71b73360f5
6f5b8114f0dac3aa0abb4ace9fdce499d9a843ed4240ae252ecfbd5d78b6349a
706a0d4cec5dc845f5b1bd727482304100d88c701589b1fd808ddab909191ed9
71d67862610b80dc5c9a9ceb03f4bf2e2e6305b17e490a32fec5139c40b00ba1
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74a67b8c7ae08c6d59dc50172516683401d19b8495c83b3be490ea3dce522193
7637f68bf369ee02f856926de0c80d735bdd2df1271ee56cfa3cc2d3f0d4bba7
766c3f5cbcd4d99fba2867ad30c7345ba75be294d5f7ff15c674b500e5cbe2c7
7af5b0f3908ef5196c81bdba087950891681f2158cead3f3de9f072f580e7556
7c1cee699790ee87de9f36a82cbfe76c58acb77bd63691d62fc3c04c605e6c78
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80ccae0c7abf01078d1634a24abb13e596838529b9731bd081d3a404d74c05fd
82c41e378312c3f46437908e9a244b9ed8b36e76330d1fb29a1d72bc69f4851b
83157061139655ccc080500c2f8404f56ba592c5b1b74d27c4fffbfc680aa740
85bd283b939f16ff763ed3cea41e41c54f8461078e5548626b8865cc56d90b56
8826db2d14938686bf49796e475b6b517c679f3d5e425cdfa6b8f5ec0a323f1c
89caa135de98f6d4485557aedaa95d3a065a63ebc406bbc9758abe2d155ad3b4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b01e38bdd110c6f7f61a41092c37a3c3d2aa632b8d9d5108705998250a8be73
8b08e5d2c9b489b9a7831d41e2a2c99d87b57d4dbebf0a824279a2123d506125
8c70fcd4d89f203ca0e2a682bc7a2f0cff21d048fa62be3ec0a5b43ad5649357
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8ed8a6ae127902c149ed519898ee860ecdd1b8a91fd832b80a3e67b0de1a8e5a
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
8f46a3c3b3a88ed8b0f5fc0ff4369fb2bfb9cbed4a6514432e5603e471b30077
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
997f7de240e306be5121567dfb4a8348bfbcbeb930fdcba907cfa66aef7149b8
9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0dcd898567fb08ee65ac7a92f8624127bcecb9db600dd4e15207a6fba4796b4
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1b8ef6d40a6f447aa71becd00f6fa9a4e1be4405fad120ab1aa8ae6ef2146bf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a656137c96d7c5550298220b3583603d6342a582bb53251bdcc52dace3716d4b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
aedf3dff6e3596bea2ed1f9bb489aca220ac62eb0f0eb2ec34306f215388a1c7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b257ff6a705b02d48170bf95141ba1214fbccc5f74edfb42191d14893c19b509
b26ef9584e26b171e0a54132ba3e9026757015d0077a9b0b4156f27a78911591
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b546e8d81d75644af817b5723f065b302ca556b91b341c078a632426c2f80683
b576c3f968b6f0be7329067c48d8ad935a5daddcf3b1b8b4bb35f94ed6345813
b7aa714a4418a8e3d269a472e0ba2168cca963243ce2c94ad32315cd239fd245
b7f44c1115aae5d12f7c02210193d56fd0d4b3ab52617eaa4b6ddf6ae151d52b
b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d
b9349f4c54faf880afc1330faaa54e545021524395d144bd0fd2f31cf9584505
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb6ea51b6549e388055293d2f4e1c00ddbc5abe710749e3b0fc15fa1d0e25bc1
bb731be92c4bfe2360141c42a987ee49e2191ed75e2efff0dcc42e1882d6da7b
bbf76306502e1aecff1c2458d6b561a18b7098f93b96e5046a01eddbc2c6ef3f
c31c63cd4056193e7e3c989f558af05b303553846bbbac70e4078913c9b15f7c
c36e552360dd27644374f1aa62a2bbb1d08d3982f08f0e0c5ab256fbcedfc5a9
c501e639f042876982dcda9b053b1cb2d8980f12ae90f0376f147a749bb2973c
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c693c86e7852e167687744b8ef1d7f4719319ed6b226f069cbb8bbe51352c101
c97ea03fdd186d1f196a4811fbe0119620f7b21bcc8eb4da587300e4bc5b2e22
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce5980f48cf7c9a1b7a40fa2c5748dc036d43121c1bbdc33837217a2a0a6999c
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d28ad7b82ed50b7931381a2e3ad50cbca92537b4127d6af6e9f75206a2b7e225
d3273741995a4ec9ad375879173aa061c67bdfc099a40119af82834f3f5117e8
d47651029782d305693922cd96ea7667f3e1f604084df731e2ba8b70f45688e1
d5b5fab3b788b3161871e2509cbaaa55f9b73fae0aae0459211269320f11ab5a
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
dbf6287612bc94dcfa057521d92094b5acdde7795b0f980942e36dc660871491
dce66c629760e4c24dc7b5ed6fb10b5248ade6e9a588f04ad0ae3c55fcf63735
dde0d4559aa38dd76ee6586684ec581e605396691ded25b71a510bf2c8714727
de58a0043353f7d42075d29a99611d5ede2bb2c0e6c38b61a524ff11a912f2bf
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
e0d4e45e6e6cf1cf3e46ac89bb78c5d6cc2acd55b0505c0431ab0d4eed65eeb1
e20abb6f914cdac4c1c0f76fc8075da6f6c61acfe24e44abff0d165e89ad6f73
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e3a8b7336bec502f846c8101cd4b1a751bdbf3d3fff3949949462517f27e1cec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44755283382e266e00e6d22ce683ffe0f4722f322cf137db2643708706d034e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
eb477e5dd18c6fc06a7dfc36ddbf7f68daffb5c26130a8bca0d828f2b4ab7aa4
ec420e3a33fca367f5359cfcbce082b54366319d91ac9141d26ca141e874609d
ed41bf95d185f3d5292a9d1ad8100a3419a58a951dc6d46305afffaadb238845
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f269942eccf95f26426c83daf9ec1d38f3180a53f28da808bf722af7b2126905
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f4a7417eacfbc4ae2bf6fc2338c9daf95f0d37ff354555283317d765be5397bb
f51a91ff8eb2d7894e2d382ca1ad5b88b869e38d6b51f2ed0312e279b67c75e0
f54058a293064a56829b8e597e4a728a2e034e14afcdf4082bf3670194b7c976
f5d80f77956546fd342f44c2568d74804703fbbddc975c1a8401c6b055f31666
f8a1f42a40c1e2028d200abb326158a82193ebea3bc01bcdbfb8300e95e66630
fc80dd2f9b853f15d3692d4cd94b16949a9359d009911f3d77f661648593c701
fc84dcb874c39c915ab83aa5b6506aac48d0f93e734f6deca699fdf42dc0af43
fd47e4044c504282b3d2ea7893de1aae9e19dd914a42afeac4b46f94f5819eb0
fe78585caea81fbcc0cd94aa23a7537ac8ddf0c3b31afe2a2090c7a72660889b
ff6d9846785ea4b6d32d4ce1b56f1cf21c9983cd574055f1f991bc241fc2c2cd

aubtu.biz Open in urlscan Pro 2606:4700:3031::ac43:8358 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

340 Requests

99 %HTTPS

53 %IPv6

34 Domains

53 Subdomains

53 IPs

7 Countries

7929 kBTransfer

20384 kBSize

8 Cookies

32 Outgoing links

Redirected requests

340 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

aubtu.biz Open in urlscan Pro
2606:4700:3031::ac43:8358 Public Scan

Screenshot
Live screenshot

Full Image

340
Requests

99 %
HTTPS

53 %
IPv6

34
Domains

53
Subdomains

53
IPs

7
Countries

7929 kB
Transfer

20384 kB
Size

8
Cookies

340 HTTP transactions
21 data transactions