urlscan.io logo urlscan.io
SecurityTrails logo

popcornfor2.com Open in urlscan Pro
202.162.79.112  Public Scan

Go To Rescan Add Verdict Report
URL: https://popcornfor2.com/content/-news-116414
Submission Tags: falconsandbox
Submission: On June 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 80 IPs in 14 countries across 72 domains to perform 383 HTTP transactions. The main IP is 202.162.79.112, located in Thailand and belongs to PROENNET-AS Proen Corp Public Company Limited., TH. The main domain is popcornfor2.com.
TLS certificate: Issued by R3 on May 30th 2021. Valid for: 3 months.
This is the only time popcornfor2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
52 202.162.79.112 23884 (PROENNET-...)
2 2a04:4e42:200... 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
1 104.111.224.62 16625 (AKAMAI-AS)
21 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.112 16509 (AMAZON-02)
4 143.204.98.68 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
9 151.101.13.44 54113 (FASTLY)
8 216.58.212.162 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 178.250.0.165 44788 (ASN-CRITE...)
7 185.86.138.32 201081 (SMARTADSE...)
1 10 35.244.159.8 15169 (GOOGLE)
1 185.64.189.112 62713 (AS-PUBMATIC)
4 10 185.33.221.13 29990 (ASN-APPNEX)
1 23.37.38.181 16625 (AKAMAI-AS)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 3 52.222.158.39 16509 (AMAZON-02)
10 52.222.163.195 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 119.81.192.141 36351 (SOFTLAYER)
47 199.232.137.44 54113 (FASTLY)
20 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 139.99.121.205 16276 (OVH)
2 20 141.226.228.48 200478 (TABOOLA-AS)
2 2 84.200.5.215 31400 (ACCELERAT...)
1 1 78.46.85.162 24940 (HETZNER-AS)
1 82.113.101.236 6805 (TDDE-ASN1)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 8 13.248.242.197 16509 (AMAZON-02)
3 52.59.102.119 16509 (AMAZON-02)
4 4 185.94.180.125 35220 (SPOTX-AMS)
1 2a00:1450:400... 15169 (GOOGLE)
8 9 3.121.79.35 16509 (AMAZON-02)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 35.241.31.249 15169 (GOOGLE)
1 15.165.52.101 16509 (AMAZON-02)
8 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
16 26 142.250.184.194 15169 (GOOGLE)
2 9 2.18.234.21 16625 (AKAMAI-AS)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
13 213.254.244.15 36062 (DOUBLE-VE...)
1 142.250.186.38 15169 (GOOGLE)
2 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 3 18.156.12.32 16509 (AMAZON-02)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 188.42.191.196 7979 (SERVERS-COM)
1 52.21.23.66 14618 (AMAZON-AES)
1 2 198.148.27.139 19189 (PULSEPOINT)
13 185.64.190.80 62713 (AS-PUBMATIC)
1 2 216.52.2.39 29791 (VOXEL-DOT...)
1 185.86.137.133 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
2 2 178.250.0.163 44788 (ASN-CRITE...)
3 4 54.36.109.49 16276 (OVH)
2 2 52.57.38.160 16509 (AMAZON-02)
1 1 34.251.173.19 16509 (AMAZON-02)
1 1 172.105.221.240 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
6 6 185.29.135.226 30419 (MEDIAMATH...)
2 2.18.233.180 16625 (AKAMAI-AS)
1 151.101.113.108 54113 (FASTLY)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.186.253.211 15169 (GOOGLE)
1 2 185.64.189.115 62713 (AS-PUBMATIC)
2 2 216.52.2.19 30282 (AS-INAPCD...)
2 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 3.127.92.82 16509 (AMAZON-02)
2 3 52.49.40.147 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
5 6 37.157.6.241 198622 (ADFORM)
4 213.254.244.17 3257 (GTT-BACKB...)
2 2 213.155.156.167 1299 (TELIANET ...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 185.64.189.114 62713 (AS-PUBMATIC)
1 1 146.59.148.16 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 159.253.128.188 36351 (SOFTLAYER)
2 2 18.156.0.31 16509 (AMAZON-02)
1 1 146.0.227.107 20773 (GODADDY)
2 2 151.101.14.49 54113 (FASTLY)
1 2 54.239.17.112 16509 (AMAZON-02)
1 35.241.40.233 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 185.86.137.32 201081 (SMARTADSE...)
383 80
52    202.162.79.112 (Thailand)

ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH)
PTR: ppp-202.162.79.112.revip.proen.co.th
popcornfor2.com
2    2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)
anymind360.com
9    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    104.111.224.62 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-62.deploy.static.akamaitechnologies.com
cdn.innity.net
21    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    143.204.98.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-112.fra50.r.cloudfront.net
compasscdn.adop.cc
4    143.204.98.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-68.fra50.r.cloudfront.net
compass.adop.cc
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3031::6815:2597 (United States)

ASN13335 (CLOUDFLARENET, US)
me.jsfuz.com
9    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
8    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
7    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adasia-d.openx.net
u.openx.net
eu-u.openx.net
us-u.openx.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
10    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    52.222.158.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-39.cdg52.r.cloudfront.net
sb.scorecardresearch.com
10    52.222.163.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-163-195.cdg52.r.cloudfront.net
www.viu.com
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)
1878cff205e3eb15b35fd683bab7f750.safeframe.googlesyndication.com
ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
10    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    119.81.192.141 (Singapore, Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 8d.c0.5177.ip4.static.sl-reverse.com
as.innity.com
47    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
15.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
c3.taboola.com
wf.taboola.com
match.taboola.com
20    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    139.99.121.205 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: as04.adlooxtracking.com
as.adlooxtracking.com
20    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
am-wf.taboola.com
2    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.blau.de
1    82.113.101.236 (Giessen, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de
portal.blau.de
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
8    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
3    52.59.102.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-102-119.eu-central-1.compute.amazonaws.com
pixel.advertising.com
4    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    3.121.79.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-79-35.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
data00.adlooxtracking.com
1    15.165.52.101 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-165-52-101.ap-northeast-2.compute.amazonaws.com
data.adop.cc
8    2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
3    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
26    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
9    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
1    2a02:26f0:10c:488::4469 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn3.doubleverify.com
13    213.254.244.15 (United States)

ASN36062 (DOUBLE-VERIFY, US)
rtb0.doubleverify.com
tps20515.doubleverify.com
sync.doubleverify.com
tps.doubleverify.com
tps20227.doubleverify.com
1    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
ad.doubleclick.net
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    18.156.12.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    52.21.23.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
jadserve.postrelease.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
13    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    54.36.109.49 (France)

ASN16276 (OVH, FR)
id5-sync.com
2    52.57.38.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
1    34.251.173.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
1    172.105.221.240 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1875-240.members.linode.com
s.c.appier.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
6    185.29.135.226 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
gcm.ctnsnet.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    3.127.92.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
3    52.49.40.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
2    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
6    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    213.254.244.17 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
tps20229.doubleverify.com
2    213.155.156.167 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dsp.adfarm1.adition.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: ns3181477.ip-146-59-148.eu
pixel.onaudience.com
2    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    146.0.227.107 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
2    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com
dmp.brand-display.com
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)
www8.smartadserver.com
Apex Domain
Subdomains		 Transfer
76 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
trc-events.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
c3.taboola.com
am-match.taboola.com
wf.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
match.taboola.com
am-wf.taboola.com
1 MB
52 popcornfor2.com
popcornfor2.com
2 MB
45 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
333 KB
44 googlesyndication.com
pagead2.googlesyndication.com
1878cff205e3eb15b35fd683bab7f750.safeframe.googlesyndication.com
tpc.googlesyndication.com
ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
380 KB
26 doubleverify.com
cdn.doubleverify.com
cdn3.doubleverify.com
rtb0.doubleverify.com
tps20515.doubleverify.com
sync.doubleverify.com
tps.doubleverify.com
tps20227.doubleverify.com
tps20229.doubleverify.com
226 KB
20 pubmatic.com
hbopenbid.pubmatic.com
simage2.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
30 KB
11 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
24 KB
11 openx.net
adasia-d.openx.net
u.openx.net
eu-u.openx.net
rtb.openx.net
us-u.openx.net
3 KB
10 viu.com
www.viu.com
169 KB
10 smartadserver.com
prg.smartadserver.com
rtb-csync.smartadserver.com
www8.smartadserver.com
4 KB
9 bidswitch.net
x.bidswitch.net
3 KB
9 googletagservices.com
www.googletagservices.com
227 KB
8 adsrvr.org
match.adsrvr.org
3 KB
8 casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
8 KB
8 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
4 KB
7 ampproject.org
cdn.ampproject.org
124 KB
7 google.com
adservice.google.com
www.google.com
2 KB
6 adform.net
c1.adform.net
3 KB
6 mathtag.com
sync.mathtag.com
3 KB
6 adop.cc
compasscdn.adop.cc
compass.adop.cc
data.adop.cc
12 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
74 KB
4 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
3 KB
4 id5-sync.com
id5-sync.com
6 KB
4 lijit.com
ce.lijit.com
ap.lijit.com
2 KB
4 spotxchange.com
sync.search.spotxchange.com
3 KB
4 google.de
adservice.google.de
1 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 mfadsrvr.com
rtb.mfadsrvr.com
2 KB
3 advertising.com
pixel.advertising.com
373 B
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
117 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
961 B
2 everesttech.net
sync-tm.everesttech.net
742 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
937 B
2 de17a.com
d5p.de17a.com
637 B
2 quantserve.com
pixel.quantserve.com
943 B
2 w55c.net
pm.w55c.net
1 KB
2 indexww.com
js-sec.indexww.com
2 KB
2 360yield.com
ice.360yield.com
1009 B
2 contextweb.com
bh.contextweb.com
828 B
2 betweendigital.com
ads.betweendigital.com
955 B
2 criteo.net
static.criteo.net
53 KB
2 blau.de
partner.blau.de
portal.blau.de
2 KB
2 adlooxtracking.com
as.adlooxtracking.com
data00.adlooxtracking.com
42 KB
2 facebook.com
www.facebook.com
162 B
2 facebook.net
connect.facebook.net
97 KB
2 anymind360.com
anymind360.com
137 KB
1 ad4m.at
ad4m.at
1 brand-display.com
dmp.brand-display.com
253 B
1 admixer.net
inv-nets.admixer.net
559 B
1 simpli.fi
um.simpli.fi
611 B
1 onaudience.com
pixel.onaudience.com
398 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 ctnsnet.com
gcm.ctnsnet.com
476 B
1 dotomi.com
dclk-match.dotomi.com
104 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
360 B
1 gumgum.com
rtb.gumgum.com
305 B
1 emxdgt.com
e1.emxdgt.com
59 B
1 postrelease.com
jadserve.postrelease.com
428 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 2mdn.net
s0.2mdn.net
61 KB
1 google-analytics.com
www.google-analytics.com
19 KB
1 cloudflare.com
cdnjs.cloudflare.com
13 KB
1 jquery.com
code.jquery.com
33 KB
1 lead-alliance.net
www.lead-alliance.net
540 B
1 telefonica-partner.de
www.telefonica-partner.de
191 B
1 googleadservices.com
partner.googleadservices.com
442 B
1 innity.com
as.innity.com
638 B
1 jsfuz.com
me.jsfuz.com
664 B
1 innity.net
cdn.innity.net
4 KB
0 truehits.net Failed
hits1.truehits.net Failed
383 72
Domain Requested by
52 popcornfor2.com popcornfor2.com
26 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
popcornfor2.com
ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
eu-u.openx.net
21 pagead2.googlesyndication.com popcornfor2.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
ad.doubleclick.net
securepubads.g.doubleclick.net
20 images.taboola.com popcornfor2.com
20 tpc.googlesyndication.com googleads.g.doubleclick.net
cdn.ampproject.org
popcornfor2.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
10 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
10 www.viu.com popcornfor2.com
www.viu.com
9 x.bidswitch.net 8 redirects am-match.taboola.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
popcornfor2.com
9 ib.adnxs.com 4 redirects anymind360.com
googleads.g.doubleclick.net
acdn.adnxs.com
ssum-sec.casalemedia.com
9 cdn.taboola.com popcornfor2.com
cdn.taboola.com
9 www.googletagservices.com popcornfor2.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
compass.adop.cc
cdn.doubleverify.com
www.googletagservices.com
8 simage2.pubmatic.com popcornfor2.com
ads.pubmatic.com
8 cdn.doubleverify.com popcornfor2.com
cdn.doubleverify.com
ad.doubleclick.net
8 match.adsrvr.org 3 redirects am-match.taboola.com
imprammp.taboola.com
eu-u.openx.net
ssum-sec.casalemedia.com
7 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
7 prg.smartadserver.com anymind360.com
7 securepubads.g.doubleclick.net anymind360.com
www.googletagservices.com
securepubads.g.doubleclick.net
popcornfor2.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 sync.mathtag.com 6 redirects
6 sync.taboola.com 2 redirects popcornfor2.com
5 image2.pubmatic.com ads.pubmatic.com
5 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
5 trc.taboola.com cdn.taboola.com
popcornfor2.com
4 am-wf.taboola.com vidstat.taboola.com
4 tps20229.doubleverify.com popcornfor2.com
cdn.doubleverify.com
4 tps20227.doubleverify.com ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
cdn.doubleverify.com
4 eu-u.openx.net anymind360.com
eu-u.openx.net
4 id5-sync.com 3 redirects popcornfor2.com
4 sync-t1.taboola.com am-match.taboola.com
imprammp.taboola.com
popcornfor2.com
4 sync.search.spotxchange.com 4 redirects
4 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
4 compass.adop.cc popcornfor2.com
compass.adop.cc
3 match.prod.bidr.io 2 redirects eu-u.openx.net
3 us-u.openx.net eu-u.openx.net
3 rtb.mfadsrvr.com 3 redirects
3 sync.doubleverify.com ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
popcornfor2.com
3 tps20515.doubleverify.com ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
popcornfor2.com
3 www.google.com popcornfor2.com
tpc.googlesyndication.com
3 pixel.advertising.com am-match.taboola.com
imprammp.taboola.com
3 c3.taboola.com popcornfor2.com
3 imprammp.taboola.com popcornfor2.com
vidstat.taboola.com
3 trc-events.taboola.com popcornfor2.com
3 15.taboola.com cdn.taboola.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
popcornfor2.com
3 gum.criteo.com 1 redirects static.criteo.net
2 www8.smartadserver.com 1 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 sync-tm.everesttech.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 pixel.quantserve.com 2 redirects
2 pm.w55c.net 2 redirects
2 pr-bh.ybp.yahoo.com eu-u.openx.net
ads.pubmatic.com
2 ap.lijit.com 2 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 js-sec.indexww.com anymind360.com
ssum-sec.casalemedia.com
2 ads.pubmatic.com anymind360.com
ads.pubmatic.com
2 tps.doubleverify.com cdn.doubleverify.com
2 ice.360yield.com 2 redirects
2 dis.criteo.com 2 redirects
2 ce.lijit.com 1 redirects popcornfor2.com
2 bh.contextweb.com 1 redirects popcornfor2.com
2 ads.betweendigital.com 2 redirects
2 u.openx.net 1 redirects popcornfor2.com
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 static.criteo.net anymind360.com
static.criteo.net
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 www.facebook.com popcornfor2.com
connect.facebook.net
2 mug.criteo.com popcornfor2.com
2 connect.facebook.net popcornfor2.com
connect.facebook.net
2 fonts.googleapis.com popcornfor2.com
googleads.g.doubleclick.net
2 anymind360.com popcornfor2.com
anymind360.com
1 ad4m.at ssum-sec.casalemedia.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 secure.adnxs.com ssum-sec.casalemedia.com
1 inv-nets.admixer.net 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 rtb.openx.net 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 dclk-match.dotomi.com ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
1 acdn.adnxs.com anymind360.com
1 bttrack.com popcornfor2.com
1 s.c.appier.net 1 redirects
1 rtb.gumgum.com 1 redirects
1 e1.emxdgt.com popcornfor2.com
1 rtb-csync.smartadserver.com popcornfor2.com
1 jadserve.postrelease.com popcornfor2.com
1 pixel.rubiconproject.com popcornfor2.com
1 match.taboola.com popcornfor2.com
1 s0.2mdn.net ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
1 ad.doubleclick.net www.googletagservices.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 cdn3.doubleverify.com cdn.doubleverify.com
1 data.adop.cc popcornfor2.com
1 data00.adlooxtracking.com as.adlooxtracking.com
1 www.google-analytics.com www.viu.com
1 am-vid-events.taboola.com popcornfor2.com
1 imasdk.googleapis.com www.viu.com
1 cdnjs.cloudflare.com www.viu.com
1 code.jquery.com www.viu.com
1 portal.blau.de popcornfor2.com
1 partner.blau.de 1 redirects
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 as.adlooxtracking.com securepubads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 as.innity.com cdn.innity.net
1 1878cff205e3eb15b35fd683bab7f750.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 htlb.casalemedia.com anymind360.com
1 hbopenbid.pubmatic.com anymind360.com
1 adasia-d.openx.net anymind360.com
1 bidder.criteo.com anymind360.com
1 me.jsfuz.com popcornfor2.com
1 compasscdn.adop.cc popcornfor2.com
1 cdn.innity.net popcornfor2.com
0 hits1.truehits.net Failed popcornfor2.com
383 128
Subject Issuer Validity Valid
popcornfor2.com
R3		 2021-05-30 -
2021-08-28		 3 months crt.sh
anymind360.com
R3		 2021-05-08 -
2021-08-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.innity.net
DigiCert SHA2 Secure Server CA		 2021-05-12 -
2022-05-17		 a year crt.sh
*.adop.cc
Amazon		 2020-10-24 -
2021-11-22		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-21 -
2021-07-21		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
www.viu.com
GlobalSign Extended Validation CA - SHA256 - G3		 2020-10-23 -
2021-11-24		 a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-11 -
2021-12-12		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.adlooxtracking.com
R3		 2021-04-23 -
2021-07-22		 3 months crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-02-19		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.id5-sync.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 41 frames:

Primary Page: https://popcornfor2.com/content/-news-116414
Frame ID: 9FA9F6C3BA211E154D5CBE721D42C402
Requests: 168 HTTP requests in this frame

Frame: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Frame ID: B312DCD50CF2A610148FDC18514ADE62
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html
Frame ID: FF90BFA7B5F82568B662CF69A67C7AED
Requests: 1 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/470e2e7c-1d80-493f-ac71-4eda44151816?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=470e2e7c-1d80-493f-ac71-4eda44151816&type=re&loc=https%253A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&rnd=&percentage=false&size_width=336&size_height=280&
Frame ID: C162965E1F13169436AC6C6F38400574
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
Frame ID: 9ACB45B9EDA6FCCBBCAA8DC6F56ADEC8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
Frame ID: FCDFE95A86E03A154FA6C207B1C3D739
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Frame ID: CD8BB70A87C3F59A8EF15AD94C81FF6A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs
Frame ID: 2F26E8D46EEA0BA05FC3D5DEFEFD6237
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssce2cmWS1pS8xvQkpInfqbGRnLIB38T6V6EDJ_ITEpGDrXxy9vj6esUv8iBVm4xEBs-Pv2pMmBqxhZeXttiJpk76diYULqIBlWdQn5OnjOU8HoAcBOThTklaNv3jqHlmCJLvq8EnkWm-0rDoEg6hhvyZjjo3K-jYDuY3t81LHMogR4PS-Hr3yR0MyqEpB182voSdEJHqpi-qNIFB5wmPVOuvdIzm9BMc7WK9CC9ZUJTvMXlJNa78gDbzuuuIxMriP370IcW0La6xMhuKcaCWD7jg7JMhZkXerJmWNYylHm1gFoxYk0MxiK3S-5b5sPBw_qzdqhYYGHN5x7sbU14A_5iTc61Pegk4GT6O6xEwPh&sai=AMfl-YS6MpJPCUz4bxrLTeMTP8Zhz50BeEGVoLh6TOd88EyuWwKJ5GHEMq3_P1EkmZbztE6eIm_eV2ME0h46xo__JuxpWCQx1mBfAvW0Ceuh2vYhTfokB_v3gbhX30OUlRg&sig=Cg0ArKJSzGYbz8dJC5gUEAE&urlfix=1&adurl=
Frame ID: 38892A374523F3B2DE1C986980F8289C
Requests: 7 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=F960AA74BE502427121583821123&cicmp=1337627&cijs=1&dast=V7fw8CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHG8acDRYM3mjCYg0mo8lusZjMRqPhYDkbLiFhFovFaDJbDadgsIXP6e5uAwaaTofPda8X_A0fv-Vu81suc43f7ZcDAAAAwAMAUUs0xI5vQ3sEAAAAgATPyLUCRUDFv4XABQAAAAAGAIFYuAYAFIeBuCxnp90fAAAPBSAAAAIYIQA9A_YiAAAAACMAAAAAJAACiYUlAA53iyYAAAF50YwkEScAAAAHdTJP2yz_____MQB5700yABRpGzcGPQAPPgAPQgAAABdDlrwKX8hP811EBXlFjAAAAACy8oFWjyZ1QmVR9f___28FcAUAEJAXzUiyknVzUswaBgAAADC2QA-L32922DV-t8v-_________83-zwDQhKQ8cNOCrCj21HhGrhXWfgEBANjeDQDgLQAu5gDsAAAAAO7-____8wAAAMj2KNleq_HsUdb7DLbwOd3d9ZuwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHOJB1bl0Pq_OxwZcziWj5Vw2mit2i1UCAAAAAAAAAFjClHkTAAAAgNMgZrPJbrfixps9E8RarZY1AAAAALdu5AA!&excid=22&tst=1&docw=0&cs=false
Frame ID: EAF0024E114AAC66E015FC67F35A7EB4
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=D4154E527189021201519657646&cicmp=1337627&cijs=1&dast=V7jyQCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGkRarEYr1mS3GC4Hk8ViORwNV7PRbLhZQsIsFovRZLYaTsFgC5_T3d0GDDSdDp_rXi_4Gz5-y93mt1zmGr_bLwcAAACABwCilmiIHd-G9ggAAAAACZ6RawWKgIp_C4ELAAAAAAwAArFwDQAoDgNxWc5Ouz8AAB4KQAAABDBCAHoG6EUAAAAARgAAAABIAAQSC0sAHO4WTQAAAvKiGUkGTgAAAA7qZJ62Wf7___9jAPLem2QAKNI2bgx6AB58AB6EAAAALoZ06LogM0ALWogKUosYAQAAAGTlA60eTeqEyqLq____3wrgCgAgIC-akcQk6-akmDUMAAAAYGyBHha_3-ywa_xul_3_________m_2fAaAJSXngpgVZUeyp8YxcK6z9AgIAsL0bAMBbAFzMAdgBAAAA3P3____nAQAAUOxRsr1W49mjrPcZbOFzurvrN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJTshwtJmsRrvVbrIcTkaj2WayQYpWrWajzWC4mk1mu91qOBguRyOkaM1iNpksZqPlbjNYTkaD4WQ4xIOqc-l8Xp2PDbicS0bLuWw0V-wWqwQAAAAAAAAAsIQp8yYAAAAAp0HMZpPdbsWNN3smiLVaLWsAAAAAbt3IAQ!&excid=22&tst=1&docw=0&cs=false
Frame ID: 1B330D8A9C9D3150A03D0DDBFA528772
Requests: 1 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/2d982c6f-d025-4935-b59d-f601cf322314?loc=
Frame ID: 158F6FEA00F3625C9DA7A0D92FEFA689
Requests: 12 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66479105&crid=6166585&dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&cmcv=&pix=undefined&cb=1622718293314&uv=2978&tms=1622718293314&abt=adh5c-1_vA!ecf_vB!insc_vA!prbdsm6_vB!spa2_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9BBCAFD676198335252002118676&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 09E98EDB807ECFFA219733F2AFF65F99
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 9F3B8DA3B2932D0DCAB5D8452DEF769F
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 8413FEFB933FDA879A2BE2F06F584577
Requests: 4 HTTP requests in this frame

Frame: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 965F8897C7D9C6776DD6CB0C7417C3A5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZsc-ZATAB&v=APEucNVmtkbVErFs_bn0QGK1XB6E1ZPRnwB1LmpJVdik1EqhCc9nIRTJCEYc4hmU-HGgRnr6yuJBaI6_icHhlP2Q38OnjnQVyccI5GWSX1RiLKYJ0hUsgM9GkkqoeIXlNJ345nLV08nOXBrLeJ9ocW6dDUA9oQQHNn9PSXSrpZS9grXOJ4V0pJQ
Frame ID: 6EE0CAA9F84A95F1212CCBF9CEF482A3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhOQd_ednjUlnPW-GKy1hKb5U52h5Qow97hu_OE7xThMpfIe32H30_nR9glz_vQDdKUnPZVe3Mu_psoEddUPovYyRn8DpY-74CPoeEcB-YNOBALLl6xeRgE7IzLjnB44H6EYZjTZoMGgxM6ixeKswO8croeg&cry=1&dbm_d=AKAmf-A1HM_HOLdmdpNM4AEDzhOUI3ScqOvDaoyMPgY02H3i8uqMOWwTg4q7kepJ0U8M5XT86sIh88b1EnQ8klE0BePJuvrQaiq8DoZuIysalEQ3TnA0sKe3I5vFq0yhZXc7ZGYb74cQqwbrc-mRw-CoGhelb4Lxg3xeg2djRhrY2LbrqCH28TQ_BX6DNXs9cuQxB07vvI6lOBJ5ChuU-xn8C_VpolF1EJHYpb7Dx5Ymoy4dHikZow8wTX2YiExQFLZWr5HNvVF2FtZOvNA-hSuUf-Ha6d5iB8X_91Mhqn1_4KHhkXBm2qM44ALhZpuS02vVZC5eSsC60SV5X38n_yHOjfsRhtih1RaZgeuKqt2j03G-2rM70IRGt8u9vypH4L4z-eNEZ6r4q9tMPm6MARuWrTQzz1oA_SvH4DD9pxGWuoXK1JvYBv4TGJo9QVN-L0ZYIxFArRgSBYfm5azNvNig7U2iCUGmYgkKg0BUqk2SbQH_UsWx6BfawpRJCtGKbHJI6oPIbH5r1ZEKZ4flqE7x8H-Sw7H-WaGqIbpFwfbs_HYmZjheIK_X0ERmKe01jIT70YFF3mMLqpaxtERedCEpcGqATUz_btYghb1rie9JdBEOAGE_-ihvIPC2uxCA4pvg3EK3vtKiknM-egSh9m73PLkwoWZ4mp6nTPnG0HLDCQ43zWe9YC4kGy3SYIgbx_CPBBmqdUC3Ebbh6f7aSTjAtfC-DHB_TQG85ffSZwp24EzPBYj-vfrdxEFg0lWH0Cksj946B5OgE01VMhdvGDdpAk4nBNOLapLc_sfVF4Gf1UWtxv5vhv6fUO7aGaZKDb4f-ISny-53w9f2zId2Mmo_4MPVczXiDsnoAeQgGeZQOwONgEeaHEAzr3xo2yaA2etOBtGbNudeWT62LtRlDU7IDMp9NIFuMNhs-OEaeFrpaJb5b8FE8NSaL7bZW8lutk78oqdm4_J6CaKWficMMLZvle86c6C-Z0z8IWEKW8zI-7zk5WI0w-f06imQvilLAsjxogcI6In6hgXSK7bf7ojWSXAeZgKJcbcPQGCVM_6RiOBpRzSutWPKfPW12I3hiPXbPpMWluAkpzvL4W1zV4gE2zptkzPALwjQM29lqHm0UCaggFrEim3vpRDuNt4tCwKe1k0ErnZXrf3nZFLQGDWxumvNVNv6wiWPqwwVsNmSvjVQINWYY5bm7xgnjAaeNtO4f0uoZE-mIBiR-1w0NH7jJ1tEc-xAjnT7VLBUEQKK6mZU5AslNcqauDznC2SQa58G3Dq88m2Cp_bQ3RwqaSNQ-2mwJzYldcTA5ZHMPtcHvYeGKXkALlan7Yi35yN4BSP5rruejQbz1F2CwmkroyubejLCd1U7XPPONydpvt2EYdKpaNQibTnfBXt88pyKDWiYxLeuzzazfoodw8_zS32MDf0ThzbePJGcC2sqNhw0Dz1fxogrXQTTI8dk9o7q3bt_fobb9RBx4ngt6RxTk-VvwRujeDZ1QfMI7a04DGMvXsuZuRpLqA9D1YlYDRAnNbcoq-epx61iJBbcAA_xFMcOSFvBo7fVNZI96-oHJG9l0f1_lFMCZWEpDG8WSzLsAPqPkY2uEFIsWG2RcQWGZenhZ48M7x4RlmVd6aCkpfTcsin6Q4EBS7rEXciU9IJZyIcorTYH4xje2Me3KVDuuLb_D0myLpBRdNtniT9BmN5mh9-LVqb_GMgZZLhELWl3mx4KL-OiBo3C_QfIf-gTV77Qlabx9thDYRs_lpbTShU61Po5h3Tlr1YuqWr1D3vrOFsWa_GGMxohF7DmLkNUkUJNISlor4-1xR02MjIAlttTM9WgR-_QQctEPut7XGkcGuV0r20f1aCnHZO6Tc0wuSvRR-stGeccDRtP6LdYEi-_Vx7m25bO396wKwWNwzepvkuXEVrR8kwmPioyDnKtlxatymkNJuo43H4IBXQno0xQUWLXlX4kl0I46A7lHyDIZs4LBNoHW24Dw9I_Fw5_if03Ee0uhEOHxUyLWsHPwUOgPqRXp715d5uSqyAwZcooRlOYi7wTnB1mrpxqYI3a2pgM4IfSbEKrpcZHX1D6S_j8D3tUBczQntYqzqn4aDqaXCyzNsEIPDLPrIrt2A6XzDOTJ4lgPtjKfToUVbjjs4S3q7n79ZaD28jD9E-qfV8Fy02XtonlipUCM-2PuzBM1vamfJERAP2dcU-WL1LGKKMdWbc9FGSoXBYUPfrhVgwiE5imSK0trZGi8aQ5cjS2TFfhqN_NjoVJzfVRGgL5DwUZk9K5jJkN7lOjBphFUUoSAgsK4z7EkmUPBzDL1rNcvbO2gVhB0KuPnjHnz63Lp5mg77WQveXtOCJhXFekj9zTC30TmZmsoovK1kyUWx8wT4f0j6bAAZ1hFheAaBBFs_nuW8rZ1-FQZkCELgLGcflYZibgeZnMkUPal1FHaTWE7tafNDw4n-5QOT8usPy1GfpsBHzEIFXo8Ceb7lOIgJ_XnrldfqVuSC7tWj_vKiKqhz-VYAwcxM2Bs9n4q-c5-9U1ug5bW__mLJi--mussoVgW1sUgzGqGUngCUYV6qzZ5iZW6O5rKVp0vGqh-e00zITHlRMwITBk1w4SwEPvio5wrOnGE9eJkRlkXHPK0T2rpTvc616i8LrUxUScBno8H-avp81Rir4rCPulLcty2AktWOV5ypwWAwVU5OTqlvOWAlyamzMTu33seCRTT2Sco0_8tSc2cDpXnos4YKJozT1YdpgbkQdLNT3ZSIxRZiv4tBAb9j5Z70XlZCuWFpWnlmZoX3k0MPFY3cVMx3GDCDrz-Pb2uDxSIEpJCZcbmrzCbOfk9glBsYvlZW04EyzUsY3Qs5gmlUxXpH88GHnmLsSMdUOUlJeOKiHtmjuWMupZJNrgMuy1Y-h75QFivQoELvwVs9cGWK68tlYgn_O1Bu7PZiK3cBYmDDw0o3QIXYx3T7AorhRhRuq4jIV1U0RJ7i1uQu5T2MgXmr5e7WjGcrPfs75v2joFws5dDqkPZb3eg57fI6I62nD3T_jix3aKldKWnzrTJGFGJ663nGfAuwtflmBgBaGGdzlc5BGOtuSiBzY6oBkD0HFEI5rTMCEmGpxRzJDW9B1pYKs&cid=CAASEuRoDUjnjEBlxkN6JAl94RAlOg&rfl=4%2Chttps%253A%252F%252Fpopcornfor2.com%242%2C%2Chttps%253A%252F%252Fpopcornfor2.com%252F%240
Frame ID: 275EE55F518BF56677BE0820565069B5
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7EAB74021A5A63041322AA4AD0E98851
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 44B59A3ECAE8B977689C047126D9CC25
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 333447ADF55BB21EC363BC9CC5886A5A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1421.js
Frame ID: 51C3D037FBD4D2B46790030594FEE09E
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 06AEC842A5A0251F8FC7E20C60621338
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 96E630C04110B1494653C2EDF5CB20EE
Requests: 3 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4da5a146-fa4e-42f1-b3cd-50bd47f4bc56&tbid=fdad47b6-456e-476c-9c4c-08e018e1622d-tuct7b23cd5&query=taboola_hm%3D4da5a146-fa4e-42f1-b3cd-50bd47f4bc56&isDirect=0
Frame ID: A9C719A516455A7B81C8F9AB19A1C05D
Requests: 20 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1389.js
Frame ID: 549138CCEA40745492D7C572DD482B38
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C75F151923FD7501E5C6908FD9EAD27A
Requests: 17 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FE7190EB8564D8D982D495C724CEA0B9
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Frame ID: 059F58BDCBFCD99AE21F8696215FE0E6
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7BACD03DA59D5AACC5D5605B8B54BF5F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://popcornfor2.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C3EF99FACF7C23B08B7DE468A2AFF3EF
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0A44633E-4390-46DA-9C3B-3D7DF3C00210
Frame ID: 83A726174C7FD5B57843B15579B3300E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8956874937439035966
Frame ID: 387B1B1E1A4C8CA6D097E63B66007921
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Frame ID: 7A6C9D6731D4C6E0F57F86637A619FCE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969522011945433229
Frame ID: 0D9733B6BDB7F1005D50A58EF02740B3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 2653C1BD8F74326A69CDB76F6EFF9E63
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4CE7EC1A3F2203F372CB3469217286A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&adk=1812271804&adf=3025194257&lmt=1622718298&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718298680&bpp=1&bdt=8055&idt=2&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&prev_slotnames=1320941389&nras=1&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&psts=AGkb-H9p7w9flzl9acITZ5JNwnudn-Ogg4g8z4MdrTCP8afjKccfQL9dpXtlcLgWG4B5ZZ9AVOxb4qnf39AU1g&pvsid=871901546580247&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=10
Frame ID: D103E75559075DF67E5DB89A1A0B5FAD
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=popcornfor2.com
Frame ID: B501E35825541FAD1A0730483BE73747
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 4AC5773DF671BF7AEBFD540C989DD189
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7CF0F8B6E0362197270AC8E38318EFC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

383
Requests

99 %
HTTPS

30 %
IPv6

72
Domains

128
Subdomains

80
IPs

14
Countries

5497 kB
Transfer

12356 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpopcornfor2.com%2F&domain=popcornfor2.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=swC7H3xsRFJzL2YvNVhGeGpZRUJUcnJxdGZJNy81K0NXZkNRY0ZDY3p0ZExoK0FzeU9qMEZnNnlGYVRlSm1kN2tGeUxNcDd5dWpCUFErOWhQUWg5SUVsZ2JYVjA3SGQ3TVNUQmJveFlHbUl1R2phU0RUMFhxRDlzTDdZMGp3SVpJbVpOUkg3Tk9EaVRHVGJOWDF6VHNrSG8rL2RYeFQ3WnpoT1RlTWd3TkFFcFRwVnJ4cE15TDAyMjlkRnpxUXlGbnFXVDFWbWNycmUvdEgzYXFDdG1qWmx1RFZDWEN3Z2dDSUpqejNCOVdnRU43RGFnPXw&cppv=2
Request Chain 95
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1622718292111&ns_c=UTF-8&cv=3.5&c8=%E0%B8%81%E0%B8%B9%E0%B8%A1%E0%B8%B4%E0%B9%82%E0%B8%AE%20(Gumiho)%20%E0%B8%84%E0%B8%B7%E0%B8%AD%E0%B8%AD%E0%B8%B0%E0%B9%84%E0%B8%A3%3F%20%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B8%84%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%B2%E0%B8%AB%E0%B8%A5%E0%B8%B5%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B8%95%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%81%E0%B8%A5%E0%B8%B1%E0%B8%A7%3F&c7=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622718292111&ns_c=UTF-8&cv=3.5&c8=%E0%B8%81%E0%B8%B9%E0%B8%A1%E0%B8%B4%E0%B9%82%E0%B8%AE%20(Gumiho)%20%E0%B8%84%E0%B8%B7%E0%B8%AD%E0%B8%AD%E0%B8%B0%E0%B9%84%E0%B8%A3%3F%20%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B8%84%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%B2%E0%B8%AB%E0%B8%A5%E0%B8%B5%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B8%95%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%81%E0%B8%A5%E0%B8%B1%E0%B8%A7%3F&c7=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&c9=
Request Chain 145
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=tabnat_Pros_Desk_Generic_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=tabnat_Pros_Desk_Generic_view HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2021060313045351050634719X117667V1225131106MStabnat_Pros_Desk_Generic_view HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021060313045351050634719X117667V1225131106MStabnat_Pros_Desk_Generic_view&wfid=117667
Request Chain 204
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=85fe6c03-c45b-11eb-8cb8-18969d310306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=85fe6bc4-c45b-11eb-8cb8-18969d310306&orig=video&us_privacy=1---
Request Chain 207
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=85feb07e-c45b-11eb-a878-1e5bf6c20206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=85feb038-c45b-11eb-a878-1e5bf6c20206&orig=video&us_privacy=1---
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFOVZ7-LWMRhUcvx_Fgj0FU&google_cver=1
Request Chain 246
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLi3VuvTpQybyF-dGHd8iAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFOVZ7-LWMRhUcvx_Fgj0FU&google_cver=1
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBB3z8Bl1azC5JTI0T39nLg&google_cver=1
Request Chain 248
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyOTcwNzEyMjE2MjY3NTE1MQ%3D%3D
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&google_hm=**&cbust=1622718294711296 HTTP 302
  • https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1622718294711296&google_hm=2&google_gid=CAESED2mVvyaTRAFUIFuKIpSdH4&google_cver=1&google_ula=7327243,0
Request Chain 273
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4da5a146-fa4e-42f1-b3cd-50bd47f4bc56 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4da5a146-fa4e-42f1-b3cd-50bd47f4bc56&tbid=fdad47b6-456e-476c-9c4c-08e018e1622d-tuct7b23cd5&query=taboola_hm%3D4da5a146-fa4e-42f1-b3cd-50bd47f4bc56&isDirect=0
Request Chain 274
  • https://u.openx.net/w/1.0/sd?id=543998486&val=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&gdpr=0&gdpr_consent=
Request Chain 276
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=7754909c-3838-529a-a7ab-5fb7c713e8e1
Request Chain 278
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=p3nAMYajIXCI&ev=1&orig=trc&pid=562107
Request Chain 279
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=2929707122162675151&orig=trc
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAlsbwrAeGa542sSfRfrUN8&google_cver=1
Request Chain 282
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=fdad47b6-456e-476c-9c4c-08e018e1622d-tuct7b23cd5
Request Chain 283
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fa0655f6-0ad2-4ec9-b050-91f9d487286b
Request Chain 284
  • https://ce.lijit.com/merge?pid=42&3pid=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 288
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a15ddd12-9432-460d-bf6a-4eb14c45346c
Request Chain 289
  • https://id5-sync.com/s/464/9.gif?puid=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOq_YuxT0ggJ5a33PQp4TMKffPpJeWePDz7RhFmw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOq_YuxT0ggJ5a33PQp4TMKffPpJeWePDz7RhFmw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=450be4e0-68f8-4a80-a938-27e6e900ab0c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/5/3.gif?puid=e_7dabbfad-f9b6-41d5-9add-2d8526792d73&gdpr=1&gdpr_consent=
Request Chain 290
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=nDdVa7SDA2eiP3EqWLe4YA
Request Chain 292
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dtaboola%26bsw_param%3D59fd1fca-abaf-4530-8bef-8368b8705d3c&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=1f0860b8-b756-4d00-bbd4-81733000b1ee&expires=30&ssp=taboola&bsw_param=59fd1fca-abaf-4530-8bef-8368b8705d3c&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=59fd1fca-abaf-4530-8bef-8368b8705d3c
Request Chain 301
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELVzHovIymJpF8G5UO-EBQI&google_cver=1&google_push=AQvitULxH33zvNqsNH87kLweYGcbl1tXt5vNQW8d7FzmDb0E7GStYpDie6lhhe0oyHcGT54rNHUVVdiwIL4M6P6LmSP2_Yv1o-Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULxH33zvNqsNH87kLweYGcbl1tXt5vNQW8d7FzmDb0E7GStYpDie6lhhe0oyHcGT54rNHUVVdiwIL4M6P6LmSP2_Yv1o-Y
Request Chain 302
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL9QsaaZnm1Df9bqkmb4TX4&google_cver=1&google_push=AQvitUJek2P6ETwFrX71_aajE8avBtc6SzQwN3V__ibKVGv59SXJcDPPqoBemd_mwsUobg-6v8d3EojXMbZTVJowdpgUqevKW3c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJek2P6ETwFrX71_aajE8avBtc6SzQwN3V__ibKVGv59SXJcDPPqoBemd_mwsUobg-6v8d3EojXMbZTVJowdpgUqevKW3c&google_hm=t2fN10rmQNmO6Woamfishqs
Request Chain 303
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIHRiS92dAhW__fZHNzk3E0&google_cver=1&google_push=AQvitULWlnO8_tU8esD7FPU_9wfjEMrxg60jTsvElxK2LGrQFFtMs6QpgLsYvwVBbhscXt_PxLekKmQ-CDmIDHI2KVqNYc12Vmw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULWlnO8_tU8esD7FPU_9wfjEMrxg60jTsvElxK2LGrQFFtMs6QpgLsYvwVBbhscXt_PxLekKmQ-CDmIDHI2KVqNYc12Vmw&google_hm=Wf0fyquvRTCL74NouHBdPA==
Request Chain 304
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFOfsOPGVKfwlfZned3xwhQ&google_cver=1&google_push=AQvitUIWJbHbCLN3wxmWphGicR4rqoZnHBVGkQAYgWA9ZHSne3vvLWFwyzm4z76hps0vkvqCui2IT3k41ffi2UjsxOQcdibqauY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIWJbHbCLN3wxmWphGicR4rqoZnHBVGkQAYgWA9ZHSne3vvLWFwyzm4z76hps0vkvqCui2IT3k41ffi2UjsxOQcdibqauY&google_hm=Ye4KcxYxzKcBKPz5jFhrWA==
Request Chain 305
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJgSA_gWqQUmVcsEyzV7Y0k&google_cver=1&google_push=AQvitUJzHqXBFzLu5ADiJvBI3sZg9hlKPftF6mReyBOKYBgr_Kj-wHmnMF8dUOQkSBZNoFtC90JaL3Lx2q19tBEs4Za0I5_N0qE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CkRjPkOQRtqcOz1988ACEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJzHqXBFzLu5ADiJvBI3sZg9hlKPftF6mReyBOKYBgr_Kj-wHmnMF8dUOQkSBZNoFtC90JaL3Lx2q19tBEs4Za0I5_N0qE
Request Chain 306
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEJLPQ0tv7Gv70FVUm0E1mE&google_cver=1&google_push=AQvitUKH5vgpwfsMhYoPsNDG0yv1yD86alVAeN83mZingUQ8iM7S65Oqji0xxJlA6oKeb_Yb5ci05FFP9ArfpI68c1_N1G26isI HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEJLPQ0tv7Gv70FVUm0E1mE&google_cver=1&google_push=AQvitUKH5vgpwfsMhYoPsNDG0yv1yD86alVAeN83mZingUQ8iM7S65Oqji0xxJlA6oKeb_Yb5ci05FFP9ArfpI68c1_N1G26isI&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUKH5vgpwfsMhYoPsNDG0yv1yD86alVAeN83mZingUQ8iM7S65Oqji0xxJlA6oKeb_Yb5ci05FFP9ArfpI68c1_N1G26isI&google_hm=1da266253fa02cb7c81105a1
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&google_hm=**&cbust=1622718295058166 HTTP 302
  • https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1622718295058166&google_hm=2&google_gid=CAESED2mVvyaTRAFUIFuKIpSdH4&google_cver=1&google_ula=7327243,0
Request Chain 312
  • https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=6588265853&google_hm=**&google_redir=https%3A%2F%2Ftps20227.doubleverify.com%2Fevent.png%3Fimpid%3Ddeeaff356d8e47bd9a2f3635032b88d7%26gdpr%3D%26gdpr_consent%3D%26dvpx_gfbc%3D1&cbust=1622718295058895 HTTP 302
  • https://tps20227.doubleverify.com/event.png?impid=deeaff356d8e47bd9a2f3635032b88d7&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1622718295058895&google_hm=2&google_ula=6588265853,0
Request Chain 314
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=EnWuFgfb1LOL9J5
Request Chain 315
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=59fd1fca-abaf-4530-8bef-8368b8705d3c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4da5a146-fa4e-42f1-b3cd-50bd47f4bc56&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=59fd1fca-abaf-4530-8bef-8368b8705d3c
Request Chain 316
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFESGhVN0JjVzhBQURKYWY3TEFiZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 317
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1f0860b8-b756-4d00-bbd4-81733000b1ee
Request Chain 318
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=K8RAcX_DF34wxRYoLMwPcS7AF3wwwBd6eMMhAngZ
Request Chain 319
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6982712400737837658
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAmsdNd4MpdaVAa3Jl0UU24&google_cver=1
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&google_hm=**&cbust=1622718295092583 HTTP 302
  • https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1622718295092583&google_hm=2&google_gid=CAESED2mVvyaTRAFUIFuKIpSdH4&google_cver=1&google_ula=7327243,0
Request Chain 325
  • https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=6588265853&google_hm=**&google_redir=https%3A%2F%2Ftps20229.doubleverify.com%2Fevent.png%3Fimpid%3D66d7af7a01db441cadf24bb369d968da%26gdpr%3D%26gdpr_consent%3D%26dvpx_gfbc%3D1&cbust=1622718295093967 HTTP 302
  • https://tps20229.doubleverify.com/event.png?impid=66d7af7a01db441cadf24bb369d968da&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1622718295093967&google_hm=2&google_ula=6588265853,0
Request Chain 328
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0A44633E-4390-46DA-9C3B-3D7DF3C00210 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0A44633E-4390-46DA-9C3B-3D7DF3C00210
Request Chain 329
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8956874937439035966
Request Chain 330
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Request Chain 331
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969522011945433229
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CkRjPkOQRtqcOz1988ACEA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 333
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1f0860b8-b756-4d00-bbd4-81733000b1ee
Request Chain 334
  • https://pixel.onaudience.com/?partner=214&mapped=0A44633E-4390-46DA-9C3B-3D7DF3C00210 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=cfefab596081d56f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=82c3446e-435c-4318-41ef-cce55c988b64&reqId=65a259c0-959e-4ee1-713a-4341227df692&zcluid=cfefab596081d56f&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEIwcVh7oiYlmMmUmn78ZJh4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=82c3446e-435c-4318-41ef-cce55c988b64&reqId=65a259c0-959e-4ee1-713a-4341227df692&zcluid=cfefab596081d56f&zdid=1332
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEE0NDYzM0UtNDM5MC00NkRBLTlDM0ItM0Q3REYzQzAwMjEw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJrmkITIpmMrOerQ7ZJjGQg&google_cver=1
Request Chain 338
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7409291517371381188
Request Chain 339
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1f0860b8-b756-4d00-bbd4-81733000b1ee&gdpr=0&gdpr_consent=
Request Chain 340
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fa0655f6-0ad2-4ec9-b050-91f9d487286b
Request Chain 341
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2929707122162675151&gdpr=0&gdpr_consent=
Request Chain 343
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0A44633E-4390-46DA-9C3B-3D7DF3C00210&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0A44633E-4390-46DA-9C3B-3D7DF3C00210&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-deMtPOBE2uV8q7O0RP3Mj6TaYi7YGfc-~A&gdpr=0&gdpr_consent=
Request Chain 344
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_at_HKmsKBPmqilF-qMwHPivKBHmrygXrqweq1nB
Request Chain 345
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param%3D59fd1fca-abaf-4530-8bef-8368b8705d3c%26gdpr%3D0%26consent%3D%26gdpr_pd%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=2b8845bc9b4148168d96d664498b9c17&ssp=pubmatic&bsw_param=59fd1fca-abaf-4530-8bef-8368b8705d3c&gdpr=0&consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=59fd1fca-abaf-4530-8bef-8368b8705d3c&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 346
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YLi3WAABc-2F9AAC HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLi3WAABc-2F9AAC&gdpr=0&gdpr_consent=&_test=YLi3WAABc-2F9AAC
Request Chain 352
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLi3VuvTpQybyF_dGHd8iAAABLkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLi3VuvTpQybyF_dGHd8iAAABLkAAAIB&dcc=t
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLi3VuvTpQybyF_dGHd8iAAABLkAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEL6HAW5xPNU_FHiuICBSo_4&google_cver=1
Request Chain 357
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1f0860b8-b756-4d00-bbd4-81733000b1ee&gdpr=1&gdpr_consent=
Request Chain 387
  • https://www8.smartadserver.com/ac?siteid=353075&pgid=1339190&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1622718308688&pgDomain=popcornfor2.com&vpw=700&vph=393&gdpr=1&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://www8.smartadserver.com/ac?siteid=353075&pgid=1339190&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1622718308688&pgDomain=popcornfor2.com&vpw=700&vph=393&gdpr=1&gdpr_consent=&us_privacy=1---&cklb=1

383 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request -news-116414
popcornfor2.com/content/ 		44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 / PHP/5.4.16
Resource Hash
5b6d1902fb031a848a9384af13b55a192a754c13a0f521454891131a591a15af

Request headers

:method
GET
:authority
popcornfor2.com
:scheme
https
:path
/content/-news-116414
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.18.0
date
Thu, 03 Jun 2021 11:04:50 GMT
content-type
text/html
x-powered-by
PHP/5.4.16
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; path=/
style.css
popcornfor2.com/css/ 		43 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popcornfor2.com/css/style.css?1112
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
0bec1537e1a863e97be3c54107419a5adbb701232b0e3913b8613449d9331579

Request headers

:path
/css/style.css?1112
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:50 GMT
last-modified
Wed, 09 Jan 2019 03:17:28 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"acac-57efde6d99889"
content-length
44204
content-type
text/css
jquery-1.10.2.min.js
popcornfor2.com/plugin/jquery/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popcornfor2.com/plugin/jquery/jquery-1.10.2.min.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

:path
/plugin/jquery/jquery-1.10.2.min.js
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:50 GMT
last-modified
Wed, 17 Dec 2014 06:28:41 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"16bb3-50a63962daeb9"
content-length
93107
content-type
application/javascript
jquery-ui.css
popcornfor2.com/plugin/jquery/ui-1.11.1/ 		34 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popcornfor2.com/plugin/jquery/ui-1.11.1/jquery-ui.css
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
561c7dbea8de1c1f53895f5991e4001e07e4ecf89c79d94ea156a7bcee46e74e

Request headers

:path
/plugin/jquery/ui-1.11.1/jquery-ui.css
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:50 GMT
last-modified
Wed, 17 Dec 2014 06:29:24 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"898c-50a6398bb9adc"
content-length
35212
content-type
text/css
jquery-ui.js
popcornfor2.com/plugin/jquery/ui-1.11.1/ 		454 KB
454 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popcornfor2.com/plugin/jquery/ui-1.11.1/jquery-ui.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
20064947a7ba1d5876bbc8c1dffaf11fc7092ee5d9fa8b2e8cd66015a68d8bd1

Request headers

:path
/plugin/jquery/ui-1.11.1/jquery-ui.js
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:50 GMT
last-modified
Wed, 17 Dec 2014 12:33:19 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"7171d-50a68ae32e1c0"
content-length
464669
content-type
application/javascript
jquery.wysiwyg.css
popcornfor2.com/templates/admin/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popcornfor2.com/templates/admin/css/jquery.wysiwyg.css
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
462350cf18e413f65046f2b1f1cdff263386016a238ee9e677c8658205f3fce1

Request headers

:path
/templates/admin/css/jquery.wysiwyg.css
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:50 GMT
last-modified
Wed, 17 Dec 2014 06:36:18 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"c99-50a63b16f29f2"
content-length
3225
content-type
text/css
jquery.wysiwyg.js
popcornfor2.com/templates/admin/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popcornfor2.com/templates/admin/js/jquery.wysiwyg.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
750afe59a26bf8952b85176aac95b52711b1a0cab36f99d857104784dacdb51d

Request headers

:path
/templates/admin/js/jquery.wysiwyg.js
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:50 GMT
last-modified
Wed, 17 Dec 2014 06:36:28 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"338c-50a63b2011108"
content-length
13196
content-type
application/javascript
ckeditor.js
popcornfor2.com/system/ckeditor_4.4.5/ 		516 KB
516 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popcornfor2.com/system/ckeditor_4.4.5/ckeditor.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
99ee441510a93b7123a9ea73f14a527fac26ce8a93f4cc7a3bbbacd30aa00063

Request headers

:path
/system/ckeditor_4.4.5/ckeditor.js
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:50 GMT
last-modified
Wed, 17 Dec 2014 06:31:30 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"80e40-50a63a042c7e8"
content-length
527936
content-type
application/javascript
jquery.fancybox.css
popcornfor2.com/plugin/fancyapps/source/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popcornfor2.com/plugin/fancyapps/source/jquery.fancybox.css
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Request headers

:path
/plugin/fancyapps/source/jquery.fancybox.css
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:50 GMT
last-modified
Wed, 17 Dec 2014 06:29:13 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"131f-50a63981b2159"
content-length
4895
content-type
text/css
jquery.fancybox.js
popcornfor2.com/plugin/fancyapps/source/ 		48 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popcornfor2.com/plugin/fancyapps/source/jquery.fancybox.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65

Request headers

:path
/plugin/fancyapps/source/jquery.fancybox.js
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:50 GMT
last-modified
Wed, 17 Dec 2014 06:29:15 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"be42-50a63983ce5c5"
content-length
48706
content-type
application/javascript
ats.js
anymind360.com/js/1331/ 		104 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/1331/ats.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
395aba58b0fcc0b97807071499234cbdd81997848de3014a541109e04e45d13b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:50 GMT
content-encoding
gzip
age
947
x-guploader-uploadid
ABg5-UyvL9v3ow9rV9_CdBg9W51cG1akbWxokF34GbFd_Sr3KVWL6jrt70SULOrXEsc-o6grzBlgnwm8fio11EoM5toG0eibKQ
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
strict-transport-security
max-age=300
content-length
25855
x-served-by
cache-tyo11975-TYO, cache-hhn4021-HHN
access-control-allow-origin
*
expires
Thu, 03 Jun 2021 10:49:03 GMT
last-modified
Thu, 03 Jun 2021 10:49:02 GMT
server
UploadServer
x-timer
S1622718291.673454,VS0,VE1
etag
"bb315fe9286b73595c0a10e6f738a183"
vary
Accept-Encoding
x-goog-hash
crc32c=T918FQ==, md5=uzFf6Shrc1lcChDm9zihgw==
x-goog-generation
1622717342525917
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
25855
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
x-cache-hits
1, 1
gpt.js
www.googletagservices.com/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08c7f7a74db8d5c95b02d7800149a7e9f0a45e85a4b5180ffda161b4854e9568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"891 / 57 of 1000 / last-modified: 1622713237"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21317
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:51 GMT
admanager.js
cdn.innity.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.innity.net/admanager.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.224.62 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-62.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3cbc91b08f13856bfdca4216f4827f45654ee8c4daa770f79767d967595194a7

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 11:04:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Feb 2019 01:30:07 GMT
Server
Apache
ETag
"2833-5825d6a16c5c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3259
Expires
Fri, 04 Jun 2021 11:04:50 GMT
logo.png
popcornfor2.com/images/v2/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/v2/logo.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
444de98d6b324cb44a453ed89eefdb69bfea4ba03a070ab0d92deba04cd5a502

Request headers

:path
/images/v2/logo.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:26 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"3f2a-50a63954aae2d"
content-length
16170
content-type
image/png
icon-search.png
popcornfor2.com/images/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/v2/icon-search.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
58a591dd28e68db4bfd32d959f3d6b12112b767742c29067c6283fe0e0c016f1

Request headers

:path
/images/v2/icon-search.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:24 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"634-50a6395350747"
content-length
1588
content-type
image/png
icon-signup.png
popcornfor2.com/images/v2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/v2/icon-signup.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
032ccb6b94d826879010c7d32ba6a74343bc08d2369cc5f7e2bb8fdb6cea73c6

Request headers

:path
/images/v2/icon-signup.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:25 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"11aa-50a63953800fc"
content-length
4522
content-type
image/png
icon-user.png
popcornfor2.com/images/v2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/v2/icon-user.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
f08c909a96af173d1385ab70ef663fb8b7b265b4af1c1824c0e9e3939f9410d5

Request headers

:path
/images/v2/icon-user.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:25 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"55f-50a63953b8751"
content-length
1375
content-type
image/png
fb1.png
popcornfor2.com/images/v2/ 		406 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/v2/fb1.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
3da70d13898dd96111dad3cee26eb8ba5dcb82cd1c58ed7f9a706f8c978f134c

Request headers

:path
/images/v2/fb1.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:24 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"196-50a63953230b9"
content-length
406
content-type
image/png
icon-facebook.png
popcornfor2.com/images/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/v2/icon-facebook.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
6a40c50c628e708c2a68bc9f50ae46fff8da1db2a0c8e2343343a308787d25f9

Request headers

:path
/images/v2/icon-facebook.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:24 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"84b-50a639536a16d"
content-length
2123
content-type
image/png
icon-twitter.png
popcornfor2.com/images/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/v2/icon-twitter.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
07eedc9e2f2d2df29bb3fc378d3b6d2bf9d51e84ada691758dbdc18a74c92e49

Request headers

:path
/images/v2/icon-twitter.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:25 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"8b2-50a6395402eb5"
content-length
2226
content-type
image/png
icon-rss.png
popcornfor2.com/images/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/v2/icon-rss.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
ab099ea7cfa35a68e348fadd6f3f21977465cddb240bdb42a6063f8ec3bcc886

Request headers

:path
/images/v2/icon-rss.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:25 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"8b4-50a63953adb72"
content-length
2228
content-type
image/png
icon-home.png
popcornfor2.com/images/v2/ 		449 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/v2/icon-home.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
61fe798dad0d0f18d77acc8c9dbf6b7d3a639613d024f1b8827152372638452e

Request headers

:path
/images/v2/icon-home.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:25 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"1c1-50a639538d7d3"
content-length
449
content-type
image/png
style2.css
popcornfor2.com/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popcornfor2.com/css/style2.css
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
9b489d02f44a4c62bcb9add3710722bace319b9ae208ef12b56514314e56e32d

Request headers

:path
/css/style2.css
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Tue, 10 Jan 2017 15:31:10 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"9fc-545bf2c72df8e"
content-length
2556
content-type
text/css
rrssb.css
popcornfor2.com/css/rrssb-master/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popcornfor2.com/css/rrssb-master/css/rrssb.css
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
63e64de90532643fdbf033ffc93b82577940b123e36fd30a4de1f463529e57ec

Request headers

:path
/css/rrssb-master/css/rrssb.css
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Thu, 18 May 2017 03:28:54 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"1f00-54fc40122350c"
content-length
7936
content-type
text/css
top_title01.gif
popcornfor2.com/images/ 		51 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/top_title01.gif
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
297c9b0b785b6b64f662e17ded45f05d0be604d480c00829884035b38bc3a095

Request headers

:path
/images/top_title01.gif
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:13 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"33-50a639485a568"
content-length
51
content-type
image/gif
share-b.png
popcornfor2.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/share-b.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
21bd9459df0e0ef0c64a5f407ff07b6382e6c1c519a22239684fe409625ae039

Request headers

:path
/images/share-b.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Sat, 10 Nov 2018 16:01:19 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"413-57a51941aa216"
content-length
1043
content-type
image/png
news-full-116414.jpg
popcornfor2.com/upload/117/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/117/news-full-116414.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
87847e7e583a7c678697fce846181b5104f65b1daafdb3a66a8488529829868d

Request headers

:path
/upload/117/news-full-116414.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Tue, 03 Nov 2020 01:38:14 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"aa50-5b329ea9f3b16"
content-length
43600
content-type
image/jpeg
did-you-know-that-a-gumiho-nine-tailed-fox-is-considered-as-a-scary-monster-that-eats-a-person-s-body-parts%20(1)1.jpg
popcornfor2.com/upload/user_15/files/186/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/user_15/files/186/did-you-know-that-a-gumiho-nine-tailed-fox-is-considered-as-a-scary-monster-that-eats-a-person-s-body-parts%20(1)1.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
bed83f2820f81eb20ffb3d03834ebd7f964c96484eb5c3e1f491ee865c3cacaa

Request headers

:path
/upload/user_15/files/186/did-you-know-that-a-gumiho-nine-tailed-fox-is-considered-as-a-scary-monster-that-eats-a-person-s-body-parts%20(1)1.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Tue, 03 Nov 2020 01:30:10 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"d7de-5b329cdbecf41"
content-length
55262
content-type
image/jpeg
did-you-know-that-a-gumiho-nine-tailed-fox-is-considered-as-a-scary-monster-that-eats-a-person-s-body-parts%20(1)2.jpg
popcornfor2.com/upload/user_15/files/186/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/user_15/files/186/did-you-know-that-a-gumiho-nine-tailed-fox-is-considered-as-a-scary-monster-that-eats-a-person-s-body-parts%20(1)2.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
886eb2d8dd4858d03512a06cfc6ada3664af3d00e4bf32b80e5aab3d5b903eda

Request headers

:path
/upload/user_15/files/186/did-you-know-that-a-gumiho-nine-tailed-fox-is-considered-as-a-scary-monster-that-eats-a-person-s-body-parts%20(1)2.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Tue, 03 Nov 2020 01:30:45 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"daa5-5b329cfda382a"
content-length
55973
content-type
image/jpeg
did-you-know-that-a-gumiho-nine-tailed-fox-is-considered-as-a-scary-monster-that-eats-a-person-s-body-parts%20(1)3.jpg
popcornfor2.com/upload/user_15/files/186/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/user_15/files/186/did-you-know-that-a-gumiho-nine-tailed-fox-is-considered-as-a-scary-monster-that-eats-a-person-s-body-parts%20(1)3.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
daf5e62d38c305304e7f4c1c220cfd611994ed41282b6c001bba07c8c95989b2

Request headers

:path
/upload/user_15/files/186/did-you-know-that-a-gumiho-nine-tailed-fox-is-considered-as-a-scary-monster-that-eats-a-person-s-body-parts%20(1)3.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Tue, 03 Nov 2020 01:31:21 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"1983e-5b329d1fce470"
content-length
104510
content-type
image/jpeg
did-you-know-that-a-gumiho-nine-tailed-fox-is-considered-as-a-scary-monster-that-eats-a-person-s-body-parts%20(1)4.jpg
popcornfor2.com/upload/user_15/files/186/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/user_15/files/186/did-you-know-that-a-gumiho-nine-tailed-fox-is-considered-as-a-scary-monster-that-eats-a-person-s-body-parts%20(1)4.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
fa64746adfcaff960f137fdb035f6fba9d2ec695e31265a7dfff57d72811b10c

Request headers

:path
/upload/user_15/files/186/did-you-know-that-a-gumiho-nine-tailed-fox-is-considered-as-a-scary-monster-that-eats-a-person-s-body-parts%20(1)4.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Tue, 03 Nov 2020 01:31:58 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"ce83-5b329d42925d1"
content-length
52867
content-type
image/jpeg
show_ads.js
pagead2.googlesyndication.com/pagead/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a41de748d1a4eb56759f0baaf6abed3ee21ec181db4c44f07d0b1253864cea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33037
x-xss-protection
0
server
cafe
etag
9787620895297139316
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:04:51 GMT
news-thumb-5365.png
popcornfor2.com/upload/6/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/6/news-thumb-5365.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
98614c6feb29562e328f6367244359681aae10928b9e4e986905caf0af2e6deb

Request headers

:path
/upload/6/news-thumb-5365.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Sat, 13 Oct 2012 10:41:34 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"14631-4cbee72b59380"
content-length
83505
content-type
image/png
news-thumb-15123.jpg
popcornfor2.com/upload/16/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/16/news-thumb-15123.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
754bbd09cc7a950a98690b40f3b60ef8250986f2f1b1d5d2bde0094fc9b202b7

Request headers

:path
/upload/16/news-thumb-15123.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Tue, 09 Oct 2012 05:34:53 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"1bc6-4cb99b28f1940"
content-length
7110
content-type
image/jpeg
news-thumb-20531.jpg
popcornfor2.com/upload/21/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/21/news-thumb-20531.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
1f82f5486330c383dd855a7374c611126a26b60364d99bf2a9a36ef8324b1cc5

Request headers

:path
/upload/21/news-thumb-20531.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Thu, 06 Dec 2012 05:24:49 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"3223-4d028515a8a40"
content-length
12835
content-type
image/jpeg
news-thumb-21587.jpg
popcornfor2.com/upload/22/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/22/news-thumb-21587.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
9e787e913bedcf9456405b99ee2afd397a9387b056ad3096c99b35f0863384a5

Request headers

:path
/upload/22/news-thumb-21587.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Tue, 18 Dec 2012 07:04:22 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"2716-4d11b1b77c980"
content-length
10006
content-type
image/jpeg
news-thumb-29538.jpg
popcornfor2.com/upload/30/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/30/news-thumb-29538.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
548f093619c9a18a373128119b05211ae778561c894cb6d7340724e66ff84a0a

Request headers

:path
/upload/30/news-thumb-29538.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Mon, 18 Mar 2013 05:59:28 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"1d9b-4d82cb115d000"
content-length
7579
content-type
image/jpeg
news-thumb-32689.jpg
popcornfor2.com/upload/33/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/33/news-thumb-32689.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
7df29d096a4e131b99a46fd8516a95035f8588c5833ef86ebc3ea0d632d3c362

Request headers

:path
/upload/33/news-thumb-32689.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Sat, 27 Apr 2013 07:24:20 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"23c8-4db528a3e9100"
content-length
9160
content-type
image/jpeg
news-thumb-37491.jpg
popcornfor2.com/upload/38/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/38/news-thumb-37491.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
be31abd1ee0f3d0e3bef32d98c53c57a758cede23df23fc3f7ae53332023fe2d

Request headers

:path
/upload/38/news-thumb-37491.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Sat, 22 Jun 2013 07:52:14 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"26b0-4dfb97522c780"
content-length
9904
content-type
image/jpeg
news-thumb-46649.jpg
popcornfor2.com/upload/47/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/47/news-thumb-46649.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
4323d926e5e77ed2ba7ad04722c7d3e882d2dba9d211fb87750ae6853154a7d8

Request headers

:path
/upload/47/news-thumb-46649.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Fri, 01 Nov 2013 09:30:28 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"2dbe-4ea1a377f9500"
content-length
11710
content-type
image/jpeg
adop_collapse_1.1.8.min.js
compasscdn.adop.cc/js/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compasscdn.adop.cc/js/adop_collapse_1.1.8.min.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-112.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23bafdfbbc6fac24847fcd5be286e85a8984a993ec24e8d23404f88f4becdd23

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 19:54:17 GMT
Via
1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
Last-Modified
Tue, 02 Mar 2021 05:53:36 GMT
Server
AmazonS3
Age
82958
ETag
"4ed4329162eb032061e9e4f37164c83b"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
5481
X-Amz-Cf-Id
TZPJOTCiT_U0rP8DwjIA-CfCyPNMSFR1tkw2LtBxy4HO8mRb4dsnJg==
adopJ.js
compass.adop.cc/assets/js/adop/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-68.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:49 GMT
content-encoding
gzip
last-modified
Tue, 11 May 2021 09:31:17 GMT
server
nginx
age
2
etag
W/"609a4ee5-d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
max-age=600
x-amz-cf-pop
FRA50-C1
content-length
1921
x-amz-cf-id
qUjAw9jJjfjX9wp-HVf_LIOls8A6jwZweXRasEGzv3ZFia9K4sMzzg==
expires
Thu, 03 Jun 2021 11:14:49 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78484aa368605f4d60b41ccc082c8be54ecd8033add9d708a15666c1cec58e6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48430
x-xss-protection
0
server
cafe
etag
4244554818738164514
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:04:51 GMT
news-thumb-118007.jpg
popcornfor2.com/upload/119/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/119/news-thumb-118007.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
98b79c969c618513a228a7ae2379703be8044e0cefa7a7252f7052754ddfda58

Request headers

:path
/upload/119/news-thumb-118007.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Thu, 03 Jun 2021 02:03:42 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"33ce-5c3d2fc064c0a"
content-length
13262
content-type
image/jpeg
news-thumb-118008.jpg
popcornfor2.com/upload/119/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/119/news-thumb-118008.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
f606a66da878c391e755c803301e2a2191a60d69f1bec66fe95dc4bc8b540f43

Request headers

:path
/upload/119/news-thumb-118008.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Thu, 03 Jun 2021 04:52:24 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"24c1-5c3d5575745d3"
content-length
9409
content-type
image/jpeg
news-thumb-118006.jpg
popcornfor2.com/upload/119/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/119/news-thumb-118006.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
a167afc461bc3d29eae4005e5f5dad70990a506737015724b2b8999b856a635a

Request headers

:path
/upload/119/news-thumb-118006.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 02 Jun 2021 12:31:46 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"20a2-5c3c7a459e87d"
content-length
8354
content-type
image/jpeg
news-thumb-118011.jpeg
popcornfor2.com/upload/119/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/119/news-thumb-118011.jpeg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
035831fd0e1882f238147cb75cc6807701719aa732cbdc764218589dc910d283

Request headers

:path
/upload/119/news-thumb-118011.jpeg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Thu, 03 Jun 2021 09:00:45 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"2d0b-5c3d8cf803ee9"
content-length
11531
content-type
image/jpeg
news-thumb-118010.jpg
popcornfor2.com/upload/119/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/119/news-thumb-118010.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
e40b8fff12df2d5aa8ebc515302934d8b4ee4fa913fcf562729305c09be1fbed

Request headers

:path
/upload/119/news-thumb-118010.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Thu, 03 Jun 2021 06:38:56 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"2694-5c3d6d454f9fd"
content-length
9876
content-type
image/jpeg
b_poppularnews.gif
popcornfor2.com/images/ 		561 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/b_poppularnews.gif
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
a3570e6a2be5521b069b3ef85b708ef89cd3d2cb3bfcfdbd0b24a99676625b23

Request headers

:path
/images/b_poppularnews.gif
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:06 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"231-50a63941e1dd5"
content-length
561
content-type
image/gif
news-thumb-118014.jpg
popcornfor2.com/upload/119/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/119/news-thumb-118014.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
2354542a0d30f6a015f176904e0bfb7c6999ae88862f21f5204dad5cc88b8836

Request headers

:path
/upload/119/news-thumb-118014.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Thu, 03 Jun 2021 10:53:15 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"19c4-5c3da61e0576e"
content-length
6596
content-type
image/jpeg
news-thumb-118013.jpg
popcornfor2.com/upload/119/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/119/news-thumb-118013.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
6bfb44e0a240c1d36c22801ef45084f4502c1eca46ef844a486184ae85e57e92

Request headers

:path
/upload/119/news-thumb-118013.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Thu, 03 Jun 2021 10:46:42 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"2cc8-5c3da4a712fc5"
content-length
11464
content-type
image/jpeg
news-thumb-118012.jpg
popcornfor2.com/upload/119/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/upload/119/news-thumb-118012.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
67fff3ed7676cbf8696ec06fb6449f2cecb2f6dcfb3967e65381d09a7d7b09ed

Request headers

:path
/upload/119/news-thumb-118012.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Thu, 03 Jun 2021 09:00:49 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"1b4d-5c3d8cfbe0724"
content-length
6989
content-type
image/jpeg
b_updatenews.gif
popcornfor2.com/images/ 		549 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/b_updatenews.gif
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
6638c0a7d9322f8e8959abd8f54a8b1da2fea2aaf9703553fcd788e4d2a6284f

Request headers

:path
/images/b_updatenews.gif
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/content/-news-116414
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/content/-news-116414
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:06 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"225-50a639423f9d0"
content-length
549
content-type
image/gif
css
fonts.googleapis.com/ 		1 KB
534 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Kanit
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/css/style.css?1112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
776de058825ec91e4f42eb17bb00b3ea609b835c0ce1eba8e551fd5e942f7b16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:39:19 GMT
server
ESF
date
Thu, 03 Jun 2021 11:04:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 11:04:50 GMT
gapi.js
me.jsfuz.com/p/j/ 		0
664 B 		Script
General
Check archive.org
Download Go to
Full URL
https://me.jsfuz.com/p/j/gapi.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:2597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
cf-request-id
0a732536c5000097a2cb986000000001
pragma
no-cache
server
cloudflare
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wgCUNdiH374SnW0JO7T%2FaN9ijyUgnAYEGpRe8yHj5msiYjUh%2BkyJ9sEJXbLE6P2WFnxQEiVxhJ9135qNjCjgs8L16rOIh3x3Igk1inttOZEeNmK9aCQCxL4yhKFX0SaS28PvJEHO"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
6598716adbe297a2-FRA
expires
-1
loader.js
cdn.taboola.com/libtrc/popcornfor2/ 		156 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/popcornfor2/loader.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66aec8b722e7bcf87c9f7c3eb5bf174a3cda78ec4e1fe80121815564745d4ad6

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ZJAwcFGWAhlYj.u8AaXlTrxYiZnQPSiR
content-encoding
gzip
etag
"acacd77514b0fd044d4cb39ecd36a2b2"
age
0
x-cache
HIT
content-length
23166
x-amz-id-2
rsdW1tipuX23dYvCK8f1geNP09zZ1FfM3bYVsTdVGMl07xuqctU+LszgH8wIrPMJf1NuYga9sPA=
x-served-by
cache-fra19181-FRA
last-modified
Wed, 02 Jun 2021 08:57:31 GMT
server
AmazonS3
x-timer
S1622718292.653635,VS0,VE103
date
Thu, 03 Jun 2021 11:04:51 GMT
vary
Accept-Encoding
x-amz-request-id
A0H8QR6JFKDHM1Q7
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
33
x-cache-hits
1
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1331/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
08c7f7a74db8d5c95b02d7800149a7e9f0a45e85a4b5180ffda161b4854e9568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"891 / 620 of 1000 / last-modified: 1622713237"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21317
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:51 GMT
prebid.js
anymind360.com/js/ 		358 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/prebid.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/1331/ats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5ccc3e785cd8e9b3f95a721637dd14595208dc56b4db19b788dc2ddc0262ede5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
content-encoding
gzip
age
86628
x-guploader-uploadid
ABg5-UwFuVn9RqRHEmU0g1nOYfHEnWFOKW6MAD_r8ZM4CZVQ5vKTHJwpynYT7QoLeCIW1LlhpiYlwKcY8GR559GbNQ
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
strict-transport-security
max-age=300
content-length
113559
x-served-by
cache-tyo11935-TYO, cache-hhn4021-HHN
access-control-allow-origin
*
expires
Wed, 02 Jun 2021 11:01:02 GMT
last-modified
Mon, 17 May 2021 06:14:58 GMT
server
UploadServer
x-timer
S1622718292.628179,VS0,VE0
etag
"524bc627fe4d28b82374d8b9428ccbfa"
vary
Accept-Encoding
x-goog-hash
crc32c=v22Bpg==, md5=UkvGJ/5NKLgjdNi5QozL+g==
x-goog-generation
1621232098868361
via
1.1 varnish, 1.1 varnish
access-control-expose-headers
Content-Type
cache-control
max-age=43200
x-goog-stored-content-length
113559
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
7, 237
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3ba5369627fc324f2d2c47f44c8da30769d2a3ccbe8110b9bd5eec9585e42a09
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24155
x-fb-rlafr
0
pragma
public
x-fb-debug
E4gKn+RCFgLvDCK6dfsBXPMC8tvOXYTWfPlQFW9COejzWTYocl8icBDV0oy+Jep47mE8G1q4PsED9LCk4GU3eg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 03 Jun 2021 11:04:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
bg.jpg
popcornfor2.com/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/bg.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/css/style.css?1112
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
60acf9a0f7c6469e002b31d6668c7b2b912998782e6a43c99cc89b1ebae687e7

Request headers

:path
/images/bg.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/css/style.css?1112
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/css/style.css?1112
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:04 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"1dcc-50a6393f9b5a3"
content-length
7628
content-type
image/jpeg
header-bg.png
popcornfor2.com/images/v2/ 		252 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/v2/header-bg.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/css/style.css?1112
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
165f7dfc0d4608d3b66c6967fbe6fcb58c3e756e7ade457b46be5d2acabf2eb3

Request headers

:path
/images/v2/header-bg.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/css/style.css?1112
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/css/style.css?1112
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:24 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"fc-50a6395319479"
content-length
252
content-type
image/png
c0003585.js
hits1.truehits.net/data/ 		0
0
2140179576293699
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2140179576293699?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
68684d249ea9077d00190e5fb8026bb328e57a0584487a84925f04388ee6c4d8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
wFAPBR2EB41U6xxAaqKbRxFSb0oifhxvUYkBOV/CzcEHucau1f0N+V4Oex8B6btzY8UnVXqfzS6NkwtQ7sZ5xQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 03 Jun 2021 11:04:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
main-menu-bg.png
popcornfor2.com/images/v2/ 		197 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/v2/main-menu-bg.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/css/style.css?1112
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
888a640d12a3841df0061289d6488bb3a4fda96edf0cd14c08ad92d4bf71b98c

Request headers

:path
/images/v2/main-menu-bg.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/css/style.css?1112
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/css/style.css?1112
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:25 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"c5-50a639540b385"
content-length
197
content-type
image/png
arrow-down.png
popcornfor2.com/images/v2/ 		164 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/v2/arrow-down.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/css/style.css?1112
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
9aaf38b063992a4ca096fbf98cafa39819aa68da899e8e6c0345d6a576dd8b44

Request headers

:path
/images/v2/arrow-down.png
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/css/style.css?1112
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/css/style.css?1112
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:24 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"a4-50a63952e9eac"
content-length
164
content-type
image/png
nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v7/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v7/nKKZ-Go6G5tXcraVGwA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kanit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d522ceba20f12d2594bca7ab06bc6cc877e8ee1c5d94c2ae3c3af0d90c38ccc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://popcornfor2.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 05:18:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:14:17 GMT
server
sffe
age
107197
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19040
x-xss-protection
0
expires
Thu, 02 Jun 2022 05:18:14 GMT
nKKZ-Go6G5tXcraBGwCYdA.woff2
fonts.gstatic.com/s/kanit/v7/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v7/nKKZ-Go6G5tXcraBGwCYdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kanit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
185c8f0ba5c84bb93c5ce2c23f353a9f5db8d4b7cdb4a03d816867c2a3871ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://popcornfor2.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 03:30:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:14:13 GMT
server
sffe
age
200062
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13252
x-xss-protection
0
expires
Wed, 01 Jun 2022 03:30:29 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpopcornfor2.com%2F&domain=popcornfor2.com&cw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://popcornfor2.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://popcornfor2.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1374
date
Thu, 03 Jun 2021 11:04:50 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpopcornfor2.com%2F&domain=popcornfor2.com&cw=1
  • https://mug.criteo.com/sid?cpp=swC7H3xsRFJzL2YvNVhGeGpZRUJUcnJxdGZJNy81K0NXZkNRY0ZDY3p0ZExoK0FzeU9qMEZnNnlGYVRlSm1kN2tGeUxNcDd5dWpCUFErOWhQUWg5SUVsZ2JYVjA3SGQ3TVNUQmJveFlHbUl1R2phU0RUMFhxRDlzTDdZMG...
347 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=swC7H3xsRFJzL2YvNVhGeGpZRUJUcnJxdGZJNy81K0NXZkNRY0ZDY3p0ZExoK0FzeU9qMEZnNnlGYVRlSm1kN2tGeUxNcDd5dWpCUFErOWhQUWg5SUVsZ2JYVjA3SGQ3TVNUQmJveFlHbUl1R2phU0RUMFhxRDlzTDdZMGp3SVpJbVpOUkg3Tk9EaVRHVGJOWDF6VHNrSG8rL2RYeFQ3WnpoT1RlTWd3TkFFcFRwVnJ4cE15TDAyMjlkRnpxUXlGbnFXVDFWbWNycmUvdEgzYXFDdG1qWmx1RFZDWEN3Z2dDSUpqejNCOVdnRU43RGFnPXw&cppv=2
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7f4203eee6fbb5f9194eee6955bfc91cc328154c82f1be75a459e5d2a6200ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 03 Jun 2021 11:04:51 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2673
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 03 Jun 2021 11:04:51 GMT
location
https://mug.criteo.com/sid?cpp=swC7H3xsRFJzL2YvNVhGeGpZRUJUcnJxdGZJNy81K0NXZkNRY0ZDY3p0ZExoK0FzeU9qMEZnNnlGYVRlSm1kN2tGeUxNcDd5dWpCUFErOWhQUWg5SUVsZ2JYVjA3SGQ3TVNUQmJveFlHbUl1R2phU0RUMFhxRDlzTDdZMGp3SVpJbVpOUkg3Tk9EaVRHVGJOWDF6VHNrSG8rL2RYeFQ3WnpoT1RlTWd3TkFFcFRwVnJ4cE15TDAyMjlkRnpxUXlGbnFXVDFWbWNycmUvdEgzYXFDdG1qWmx1RFZDWEN3Z2dDSUpqejNCOVdnRU43RGFnPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1689
content-length
482
expires
0
cdb
bidder.criteo.com/ 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.38.0&cb=25778730628
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://popcornfor2.com
date
Thu, 03 Jun 2021 11:04:51 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:51 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:51 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:51 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:51 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:51 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:50 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:51 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
arj
adasia-d.openx.net/w/1.0/ 		173 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adasia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3adeec66-2df1-4c38-8919-c84681e8dd23%2C15c23ed8-634d-45e4-978c-0fd3d7cfac70%2Cd54e0e00-cf05-4069-b2e3-5976c0dbff9e%2C5ee9075a-8fdc-4fbb-82bd-ee60de100d3c&nocache=1622718291696&schain=1.0%2C1!any-digital.com%2C1331%2C1%2C%2C%2C&aus=728x90%7C300x250%2C336x280%7C300x250%2C336x280%7C728x90%2C970x90&divIds=ats-insert_ads-0%2Cats-insert_ads-2%2Cats-insert_ads-3%2Cats-overlay_bottom-5&auid=544046283%2C544046284%2C544046285%2C544046289
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
c353d2a6da11f5a6bbf11ee81586d1bf2298c024f67d14598724c0028ba6cb63

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:51 GMT
content-encoding
gzip
server
OXGW/16.208.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://popcornfor2.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://popcornfor2.com
date
Thu, 03 Jun 2021 11:04:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		53 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:51 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid
bc6dbe64-5106-4668-9bf3-a9416869a2fd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://popcornfor2.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=474669&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2229553f783e4cb77%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%224.38.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22any-digital.com%22%2C%22sid%22%3A%221331%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2230f71586b9dc3e3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474669%22%2C%22sid%22%3A%2221732824958%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2231af4cf01accbf6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474669%22%2C%22sid%22%3A%2222217962211%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232d379ed16416f6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474669%22%2C%22sid%22%3A%2222217962211%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22336787fe3765ba2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474669%22%2C%22sid%22%3A%2222218331257%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22345b8dcddee7093%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474669%22%2C%22sid%22%3A%2222218331257%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22359468f350c5bd5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474669%22%2C%22sid%22%3A%2222347107561%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22367d7d8b6531a47%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474669%22%2C%22sid%22%3A%2222347107561%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c459c5fca5d46b8e4743b1351199db7d6daa118a8518990b69ea58decd736796

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:51 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[89.249.64.171], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://popcornfor2.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Thu, 03 Jun 2021 11:04:51 GMT
pubads_impl_2021052601.js
securepubads.g.doubleclick.net/gpt/ 		311 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 08:37:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111649
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:51 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2140179576293699&ev=PageView&dl=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&rl=&if=false&ts=1622718291727&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1622718291725.825004086&it=1622718291639&coo=false&exp=l0&rqm=GET
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 03 Jun 2021 11:04:51 GMT
impl.20210602-6-RELEASE.js
cdn.taboola.com/libtrc/ 		493 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210602-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/popcornfor2/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6ff59b8fff6124e1fa043b9d72390d6030931c77a7a11ede37e06815a0b2a312

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5hD40i2LS86c3Q6c5pQXQx4sldESqsRs
content-encoding
br
etag
"871e36996f1c7c6292de9cca6887684e"
age
9043
x-cache
HIT
content-length
115725
x-amz-id-2
VfvAbg4lqtLEs0NOtd12ZGW/3dcWV3ZJWROldt46E+5Q+j9ZIbonaR08upykkoTDZQt+6N6DaRI=
x-served-by
cache-fra19181-FRA
last-modified
Wed, 02 Jun 2021 08:30:23 GMT
server
AmazonS3-br
x-timer
S1622718292.788366,VS0,VE0
date
Thu, 03 Jun 2021 11:04:51 GMT
vary
Accept-Encoding
x-amz-request-id
23QDVTC4BVPTXCYN
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
92
x-cache-hits
26204
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/popcornfor2/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-39.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:36:45 GMT
via
1.1 0335d8a6e5dbedaa3f85a6ff68c7805a.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1686
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-length
1469
x-amz-cf-id
R-A9NDIx0yY0_bJ-baGdYqrIEYHfgTzaKxQX__MI5rXT7vw0ug-66w==
index.php
www.viu.com/ott/misc/widget/ Frame B312 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-195.cdg52.r.cloudfront.net
Software
nginx /
Resource Hash
4e1dce6e69335b8f3206170ae222b3ec19ddbdff296d357b4a5b4ff24d4eacb0

Request headers

:method
GET
:authority
www.viu.com
:scheme
https
:path
/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1893
cache-control
public,max-age=0,s-maxage=0,no-cache,must-revalidate no-cache="set-cookie"
content-encoding
gzip
date
Thu, 03 Jun 2021 11:04:53 GMT
server
nginx
set-cookie
AWSELB=75B387110CD2DACD2B931B0C6B1C2E30C411DF3470D4875BB1D7C9272CF2BD84D0E649CD0CDFC4C35636B0F1A2595CBC76A6B980358B927393E40D563DA474A62E1950861D;PATH=/;MAX-AGE=900
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
aRNn-V5iboZJJdGIELjwzm0CUBcjG11h13DZ_n5cgveKLe_c7xnddw==
bgright.jpg
popcornfor2.com/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/bgright.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/css/style.css?1112
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
95817c67634ad129f8e9c425bbdf1b673e14ca3651659cb818fcf978e25ec224

Request headers

:path
/images/bgright.jpg
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.1.1622718291725.825004086
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/css/style.css?1112
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/css/style.css?1112
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:04 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"1dd9-50a6393fea73f"
content-length
7641
content-type
image/jpeg
linedot.gif
popcornfor2.com/images/ 		158 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popcornfor2.com/images/linedot.gif
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/css/style.css?1112
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.162.79.112 , Thailand, ASN23884 (PROENNET-AS Proen Corp Public Company Limited., TH),
Reverse DNS
ppp-202.162.79.112.revip.proen.co.th
Software
nginx/1.18.0 /
Resource Hash
4a649f32038a3d23de6c5d50b6362d52ea9b78261155656ec55dc5b0d51679f8

Request headers

:path
/images/linedot.gif
pragma
no-cache
cookie
PHPSESSID=ueqkk3mhjci7orjeoc51l90i47; ats_referrer_history=%5B%22%22%5D; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.1.1622718291725.825004086
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
popcornfor2.com
referer
https://popcornfor2.com/css/style.css?1112
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://popcornfor2.com/css/style.css?1112
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
last-modified
Wed, 17 Dec 2014 06:28:11 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"9e-50a639463e8cc"
content-length
158
content-type
image/gif
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/ 		233 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5908398692086138&plah=popcornfor2.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53c1737bf97ae4d686956bf2c7caff015329c9aa554ed0ebfc24893dfbe2fddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87751
x-xss-protection
0
server
cafe
etag
1549945764410104263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:04:51 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=swC7H3xsRFJzL2YvNVhGeGpZRUJUcnJxdGZJNy81K0NXZkNRY0ZDY3p0ZExoK0FzeU9qMEZnNnlGYVRlSm1kN2tGeUxNcDd5dWpCUFErOWhQUWg5SUVsZ2JYVjA3SGQ3TVNUQmJveFlHbUl1R2phU0RUMFhxRDlzTDdZMGp3SVpJbVpOUkg3Tk9EaVRHVGJOWDF6VHNrSG8rL2RYeFQ3WnpoT1RlTWd3TkFFcFRwVnJ4cE15TDAyMjlkRnpxUXlGbnFXVDFWbWNycmUvdEgzYXFDdG1qWmx1RFZDWEN3Z2dDSUpqejNCOVdnRU43RGFnPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1015
date
Thu, 03 Jun 2021 11:04:51 GMT
content-encoding
gzip
vary
Accept-Encoding
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=popcornfor2.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=popcornfor2.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=871901546580247&correlator=2258582288644075&output=ldjh&impl=fifs&eid=31060790%2C31061224%2C31060991%2C44744016&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210603&iu_parts=21622890900%2CTH_popcornfor2.com_pc_allsite_top_970x90%2C970x250%2C728x90%2CTH_popcornfor2.com_pc_article_mid1_300x250%2C336x280%2CTH_popcornfor2.com_pc_article_mid2_300x250%2CTH_popcornfor2.com_pc_allsite_anchor_sticky_728x90%2C970x90&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2C%2F0%2F4%2F%2F5%2C%2F0%2F6%2F%2F5%2C%2F0%2F7%2F%2F8&prev_iu_szs=728x90%2C336x280%7C300x250%2C336x280%7C300x250%2C970x90%7C728x90&eri=1&cust_params=url%3D%252Fcontent%252F-news-116414%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&lmt=1622718291&dt=1622718291967&dlt=1622718290626&idt=1312&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C-9%2C-9%2C-9&adys=147%2C-9%2C-9%2C-9&adks=2981605860%2C3165941956%2C515547195%2C1246830150&ucis=1%7C2%7C3%7C4&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1%7C0x-1%7C0x-1%7C0x-1&msz=728x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=false&fws=128%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0&btvi=0%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
9ec07790a53b3f53ed2839b3da8d9a1933b5d1d9097eed67ffea9adbfab7c7f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4423
x-xss-protection
0
google-lineitem-id
-2,-2,-2,5348734512
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,138308776040
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1878cff205e3eb15b35fd683bab7f750.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://1878cff205e3eb15b35fd683bab7f750.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/ Frame FF90 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210525/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 03 Jun 2021 01:21:09 GMT
expires
Thu, 17 Jun 2021 01:21:09 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
age
35023
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
as.innity.com/synd/ 		38 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://as.innity.com/synd/?cb=1622718292095&ver=1&pub=d814f4e3dcf9e6f473e213232b9ba115&zone=91253&output=js&flash=0&url=popcornfor2.com&width=*&height=*&vpw=1600&vph=1200&auction=38929be-98ab76c
Requested by
Host: cdn.innity.net
URL: https://cdn.innity.net/admanager.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.141 Singapore, Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
8d.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
171f0468c50e393e4de68d8fac24e677412d9080d9ae1cfd710cbf67e53995d8

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:52 GMT
Last-Modified
Thu, 03 Jun 2021 11:04:52 GMT
Server
Apache
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Type
text/javascript; charset=utf-8
Content-Length
38
Expires
Sat, 03 Sep 1983 02:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1622718292111&ns_c=UTF-8&cv=3.5&c8=%E0%B8%81%E0%B8%B9%E0%B8%A1%E0%B8%B4%E0%B9%82%E0%B8%AE%20(Gumiho)%20%E0%B8%84%E0%B8%B7%E0%B8%AD%E0%...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622718292111&ns_c=UTF-8&cv=3.5&c8=%E0%B8%81%E0%B8%B9%E0%B8%A1%E0%B8%B4%E0%B9%82%E0%B8%AE%20(Gumiho)%20%E0%B8%84%E0%B8%B7%E0%B8%AD%E0...
64 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622718292111&ns_c=UTF-8&cv=3.5&c8=%E0%B8%81%E0%B8%B9%E0%B8%A1%E0%B8%B4%E0%B9%82%E0%B8%AE%20(Gumiho)%20%E0%B8%84%E0%B8%B7%E0%B8%AD%E0%B8%AD%E0%B8%B0%E0%B9%84%E0%B8%A3%3F%20%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B8%84%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%B2%E0%B8%AB%E0%B8%A5%E0%B8%B5%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B8%95%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%81%E0%B8%A5%E0%B8%B1%E0%B8%A7%3F&c7=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&c9=
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-39.cdg52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:52 GMT
via
1.1 0335d8a6e5dbedaa3f85a6ff68c7805a.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
3D5tqXFhECYOQFk1CuX7dXOhD6_x7t0tw1xO4m8CdQQGwWA2rOVPnQ==

Redirect headers

date
Thu, 03 Jun 2021 11:04:52 GMT
via
1.1 0335d8a6e5dbedaa3f85a6ff68c7805a.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622718292111&ns_c=UTF-8&cv=3.5&c8=%E0%B8%81%E0%B8%B9%E0%B8%A1%E0%B8%B4%E0%B9%82%E0%B8%AE%20(Gumiho)%20%E0%B8%84%E0%B8%B7%E0%B8%AD%E0%B8%AD%E0%B8%B0%E0%B9%84%E0%B8%A3%3F%20%E0%B8%97%E0%B8%B3%E0%B9%84%E0%B8%A1%E0%B8%84%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%B2%E0%B8%AB%E0%B8%A5%E0%B8%B5%E0%B8%96%E0%B8%B6%E0%B8%87%E0%B8%95%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%81%E0%B8%A5%E0%B8%B1%E0%B8%A7%3F&c7=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&c9=
content-length
530
x-amz-cf-id
UW9PuetqKkUeCpO4rRqcckSc5asIzGxKg7_HgOGVrQigy3FijNHY8w==
470e2e7c-1d80-493f-ac71-4eda44151816
compass.adop.cc/RE/ Frame C162 		119 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/RE/470e2e7c-1d80-493f-ac71-4eda44151816?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=470e2e7c-1d80-493f-ac71-4eda44151816&type=re&loc=https%253A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&rnd=&percentage=false&size_width=336&size_height=280&
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-68.fra50.r.cloudfront.net
Software
nginx / PHP/7.4.15
Resource Hash
d4c33669a93a5b7e4538dd70f448bebe04d55adf5f628a1a617afdf2978ae2aa

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:52 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA50-C1
x-powered-by
PHP/7.4.15
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public, max-age=300
content-type
text/html; charset=UTF-8
content-length
131
x-amz-cf-id
0hBZfSZCf1ArcQYiGWS3lF5gEAuOTiiJA49O9PRPC8PtY4PQGUP4Ew==
cookie.js
partner.googleadservices.com/gampad/ 		205 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=popcornfor2.com&callback=_gfp_s_&client=ca-pub-5908398692086138
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5908398692086138&plah=popcornfor2.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
85c18891eb809f9bb107a23126774655dc39439ddff4af52ed39df7fb18ac72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9ACB 		103 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5908398692086138&plah=popcornfor2.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fedcb94b145f1e6bebc50de849d896e78e6bde1f15e3a57c092d112793a1d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-expose-headers
x-google-amp-ad-validated-version
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 03 Jun 2021 11:04:52 GMT
server
cafe
content-length
14217
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 03-Jun-2021 11:19:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Jun 2021 11:04:52 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5908398692086138&plah=popcornfor2.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:52 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622656037121142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28114
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:52 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=popcornfor2.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5908398692086138&plah=popcornfor2.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=popcornfor2.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5908398692086138&plah=popcornfor2.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FCDF 		72 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5908398692086138&plah=popcornfor2.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2c023fa7c31344c4a5e0ba92359a9c131a006e7ee9eeedb4a87423fafbec375
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 03 Jun 2021 11:04:52 GMT
server
cafe
content-length
25327
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 03-Jun-2021 11:19:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Jun 2021 11:04:52 GMT
cache-control
private
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryGofF15AP4e5NppFR

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 03 Jun 2021 11:04:52 GMT
content-type
text/plain
access-control-allow-origin
https://popcornfor2.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
json
trc.taboola.com/popcornfor2/trc/3/ 		40 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/popcornfor2/trc/3/json?tim=13%3A04%3A52.628&lti=deflated&data=%7B%22id%22%3A831%2C%22ii%22%3A%22%2Fcontent%2F%25e0%25b8%2581%25e0%25b8%25b9%25e0%25b8%25a1%25e0%25b8%25b4%25e0%25b9%2582%25e0%25b8%25ae-gumiho-%25e0%25b8%2584%25e0%25b8%25b7%25e0%25b8%25ad%25e0%25b8%25ad%25e0%25b8%25b0%25e0%25b9%2584%25e0%25b8%25a3-%25e0%25b8%2597%25e0%25b8%25b3%25e0%25b9%2584%25e0%25b8%25a1%25e0%25b8%2584%25e0%25b8%2599%25e0%25b9%2580%25e0%25b8%2581%25e0%25b8%25b2%25e0%25b8%25ab%25e0%25b8%25a5%25e0%25b8%25b5%25e0%25b8%2596%25e0%25b8%25b6%25e0%25b8%2587%25e0%25b8%2595%25e0%25b9%2589%25e0%25b8%25ad%25e0%25b8%2587%25e0%25b8%2581%25e0%25b8%25a5%25e0%25b8%25b1%25e0%25b8%25a7-news-116414%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1622624211765%2C%22vi%22%3A1622718292626%2C%22cv%22%3A%2220210602-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F%25E0%25B8%2581%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B9%2582%25E0%25B8%25AE-gumiho-%25E0%25B8%2584%25E0%25B8%25B7%25E0%25B8%25AD%25E0%25B8%25AD%25E0%25B8%25B0%25E0%25B9%2584%25E0%25B8%25A3-%25E0%25B8%2597%25E0%25B8%25B3%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B8%2584%25E0%25B8%2599%25E0%25B9%2580%25E0%25B8%2581%25E0%25B8%25B2%25E0%25B8%25AB%25E0%25B8%25A5%25E0%25B8%25B5%25E0%25B8%2596%25E0%25B8%25B6%25E0%25B8%2587%25E0%25B8%2595%25E0%25B9%2589%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%2581%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%25A7-news-116414%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4933%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A4932.90625%2C%22mw%22%3A650%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210602-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8febf71611604c367ef5865b9b4bbe037410ec9e62ffbc74ac1471e62ff2be07

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
227
date
Thu, 03 Jun 2021 11:04:52 GMT
content-encoding
gzip
server
nginx
x-timer
S1622718293.647800,VS0,VE227
x-served-by
cache-hhn11522-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://popcornfor2.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
css
fonts.googleapis.com/ Frame FCDF 		4 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:28:50 GMT
server
ESF
date
Thu, 03 Jun 2021 11:04:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 11:04:52 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame FCDF 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:59:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 10:59:44 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame FCDF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
13581262519725736155
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 10:59:10 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame FCDF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:01:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 11:01:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FCDF 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:52 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622656031336809"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37735
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame FCDF 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 11:01:14 GMT
3b821d177d35ff0343c5a517c12ac1c9.js
www.gstatic.com/mysidia/ Frame FCDF 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3b821d177d35ff0343c5a517c12ac1c9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 21:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10549
x-xss-protection
0
last-modified
Thu, 27 May 2021 01:51:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 29 Aug 2021 21:40:43 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/12709731454779991457/ Frame FCDF 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12709731454779991457/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1e8bf91184d1d6e8b046a770e7b654df71423ed038267b365fbe2162c0f50eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 18:33:50 GMT
x-content-type-options
nosniff
age
59462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37259
x-xss-protection
0
last-modified
Mon, 16 Nov 2020 09:17:48 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 18:33:50 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/3749820038452950865/ Frame FCDF 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3749820038452950865/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d56b91115caaca1e6774ecaa48c9fc40be6d9f2ed6ebb46b7f11f182a543189b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 04:33:15 GMT
x-content-type-options
nosniff
age
109897
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6908
x-xss-protection
0
last-modified
Mon, 16 Nov 2020 09:16:34 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 04:33:15 GMT
truncated
/ Frame FCDF 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
googleads.g.doubleclick.net/pagead/ Frame FCDF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CoJRvVLe4YM7yDOyW1fAP57SbkAOy4LPrYpyjm7XvDIHv9qKmDxABIPeklBVglQKgAcz1rvwByAEJqQK_dzlWJD9hPqgDAcgDywSqBN4BT9C5NvcFVBgEEoNvqYT5pOgtioPUyOqyEpB_yVu846SsWh7eEA3DM-dl9AsgvGXEU7urnWEq7Z7oH2TcBBby8jmDWPIkPoQ-ctwNJ7R8SbHWuYmJ6XbGQ06bqn0mDPm3WDDivLsQ7MDEs4EOvEs2GtdkXoUvOdOxhgbSegb03-4Yi1UdSDbv9LoHcBZg23HtCJ_eWdL4ehahSU7egxliNNSMiKaEZS7GUl288g5YqQcWFqg2KohXYyU8R57gjAUcTUxY7L_ZHknUbzCriA48gQQS7v3nKDIoDVR2Q7tMwATkxeCqqQOgBi6AB5yK0YMCqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEKqFAdIICQiA4YAQEAEYH4AKAcgLAdgTA4gUAdAVAZgWAYAXAbIXGgoYCAASFHB1Yi01OTA4Mzk4NjkyMDg2MTM4&sigh=Phbj7uukIPo&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 03 Jun 2021 11:04:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:52 GMT
truncated
/ Frame FCDF 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd1c811271f1cb23decdb96cc5a350343eadc09df545417a10db1338507049da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FCDF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:33:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
181878
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:33:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FCDF 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:49:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
130505
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Wed, 01 Jun 2022 22:49:47 GMT
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame CD8B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 06:35:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 06:35:09 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012105242203000/ Frame 2F26 		191 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b90f60459b17f2ddf447768e249c21c662e70bde6148deff13643982f93f9a6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
124220
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55246
x-xss-protection
0
server
sffe
date
Wed, 02 Jun 2021 00:34:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e9907e100ee706e0"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 00:34:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012105242203000/v0/ Frame 2F26 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105242203000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
124222
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4568
x-xss-protection
0
server
sffe
date
Wed, 02 Jun 2021 00:34:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b435c2fa80137a0e"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 00:34:30 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012105242203000/v0/ Frame 2F26 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105242203000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
124222
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27371
x-xss-protection
0
server
sffe
date
Wed, 02 Jun 2021 00:34:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6687a81702b10306"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 00:34:30 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012105242203000/v0/ Frame 2F26 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105242203000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c5563da3d1d8ffdd50815ecffd1c8549c4c8828429322f53effb7fe69814a0d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
154911
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16346
x-xss-protection
0
server
sffe
date
Tue, 01 Jun 2021 16:03:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"60764f3de0d417cf"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 16:03:01 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012105242203000/v0/ Frame 2F26 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105242203000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
124222
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1521
x-xss-protection
0
server
sffe
date
Wed, 02 Jun 2021 00:34:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5a9e085610d63d0a"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 00:34:30 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012105242203000/v0/ Frame 2F26 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105242203000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
124222
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13132
x-xss-protection
0
server
sffe
date
Wed, 02 Jun 2021 00:34:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1bd5431ac5ac76b7"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 00:34:30 GMT
truncated
/ Frame 2F26 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f9b64c2311af650b05e7c76458d2a9b4feecc2c6df4101229b9b69af862e179

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
banner.png
tpc.googlesyndication.com/sadbundle/17620207512086270363/img/ Frame 2F26 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17620207512086270363/img/banner.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90de19ec920fb510d111757bc7b3195aa4993ce277c81a425bfcb8cf2db61cef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 04:11:37 GMT
x-content-type-options
nosniff
age
24795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27722
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 01:25:46 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jun 2022 04:11:37 GMT
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2F26 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 21:49:58 GMT
x-content-type-options
nosniff
server
cafe
age
47694
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
expires
Thu, 03 Jun 2021 21:49:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2F26 		344 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 06:55:38 GMT
x-content-type-options
nosniff
server
cafe
age
14954
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 04 Jun 2021 06:55:38 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2F26 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cog5QVLe4YOHtDJGz1fAP64WKgAXJstT_YoyI-oWEDZaCzYWIFhABIPeklBVglQKgAcyZnfgCyAEJqQIDADSgYm-0PqgDAcgDCKoE1gFP0JyN8F1pA3jQeGc9vYL4uG_rgNvII6_Nip856sqCSgNFX1G9pNfK1xw6Kwr4QFeNO9xwmjOGPeEF28NCZopob26-lT3KZMTOtaRppDsg-AnkdrarnK9gH_7dC5m1ENnCuyNTCf0oBfHshSut0ykn_16h7s8We0annh5i_YfFDoc1dSTThJZsqXx0AJk5KkVy2K2BaX4doJVEIMWLePMQBvOtjhgMQ63ZN5UhLylJ2cRLln3LRaVSHukZKaNc4JAgdFuVQr-Uqp4zB1yOFfLV2cUuIXv_wAS_tL_bogOSBQQIBBgBkgUECAUYBKAGLoAHs8SamAGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwMQ2UfSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNTkwODM5ODY5MjA4NjEzOA&sigh=OVboHjUaUwM&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 03 Jun 2021 11:04:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:52 GMT
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
view
securepubads.g.doubleclick.net/pcs/ Frame 3889 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssce2cmWS1pS8xvQkpInfqbGRnLIB38T6V6EDJ_ITEpGDrXxy9vj6esUv8iBVm4xEBs-Pv2pMmBqxhZeXttiJpk76diYULqIBlWdQn5OnjOU8HoAcBOThTklaNv3jqHlmCJLvq8EnkWm-0rDoEg6hhvyZjjo3K-jYDuY3t81LHMogR4PS-Hr3yR0MyqEpB182voSdEJHqpi-qNIFB5wmPVOuvdIzm9BMc7WK9CC9ZUJTvMXlJNa78gDbzuuuIxMriP370IcW0La6xMhuKcaCWD7jg7JMhZkXerJmWNYylHm1gFoxYk0MxiK3S-5b5sPBw_qzdqhYYGHN5x7sbU14A_5iTc61Pegk4GT6O6xEwPh&sai=AMfl-YS6MpJPCUz4bxrLTeMTP8Zhz50BeEGVoLh6TOd88EyuWwKJ5GHEMq3_P1EkmZbztE6eIm_eV2ME0h46xo__JuxpWCQx1mBfAvW0Ceuh2vYhTfokB_v3gbhX30OUlRg&sig=Cg0ArKJSzGYbz8dJC5gUEAE&urlfix=1&adurl=
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tfav_adl_152.js
as.adlooxtracking.com/ads/js/ Frame 3889 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as.adlooxtracking.com/ads/js/tfav_adl_152.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.99.121.205 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
as04.adlooxtracking.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1e6a8de32f3549cbc9f1c37130992e3505b087fd5050de4a4378ebb86712e165

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 11:04:53 GMT
Last-Modified
Thu, 20 May 2021 08:58:24 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60a624b0-a492"
Content-Type
application/javascript
Cache-Control
no-cache, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42130
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3889 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:52 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622656031336809"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37735
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:52 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012105242203000/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012105242203000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5908398692086138&plah=popcornfor2.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
535f4f6fd95e5a58074e7ea4ecae7fe8f3d40fb3725ab65a7ab59781f147d318
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
134268
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7444
x-xss-protection
0
server
sffe
date
Tue, 01 Jun 2021 21:47:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"99fda26f3f45999e"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 21:47:04 GMT
2d982c6f-d025-4935-b59d-f601cf322314
compass.adop.cc/RC/ Frame C162 		944 B
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/RC/2d982c6f-d025-4935-b59d-f601cf322314
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/470e2e7c-1d80-493f-ac71-4eda44151816?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=470e2e7c-1d80-493f-ac71-4eda44151816&type=re&loc=https%253A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&rnd=&percentage=false&size_width=336&size_height=280&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-68.fra50.r.cloudfront.net
Software
nginx / PHP/7.4.15
Resource Hash
019a98e9ab6e7b814814f46f34f9e5db241685488dc2d37cef5e214c2f4048b1

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA50-C1
x-powered-by
PHP/7.4.15
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public, max-age=300
content-length
522
x-amz-cf-id
t4NvP_GYK_fxtbaJG9L9mros5Kk9DE8rGAohbeT-NliVX7d910O99w==
tfa-eid.20210602-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210602-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/popcornfor2/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9471fc2b390647abb187e157a67f6e89d72b0a227c5f1155d793da1bfa82f8dd

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
oxooT3vuRm59xYPMgIBDQhsTQYiex3vs
content-encoding
gzip
etag
"396cc798407e05f02eb25afb9287ace7"
age
97
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4867
x-amz-id-2
w0FExCXulKZKeQfLfZ7jUBfx5nr93NeVl0t/XvPaTaksvZ6L8wvtVE+qD0nTx9/0NNLOAwER+JM=
x-served-by
cache-fra19181-FRA
last-modified
Wed, 02 Jun 2021 08:39:43 GMT
server
AmazonS3
x-timer
S1622718293.896055,VS0,VE0
date
Thu, 03 Jun 2021 11:04:52 GMT
vary
Accept-Encoding
x-amz-request-id
614FMRHFY5AJ3DMB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
92
x-cache-hits
304
sha256.20210602-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210602-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/popcornfor2/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b49dfc9938cda2c13d74642213c8cefbb67d61d17aebe29cd0a8b2659169aa77

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6P5xo3QY_Q183J5ZR069Sf8LwHbF4jpz
content-encoding
gzip
etag
"b6ff63dc709d83777aa4ea9a76c0b1af"
age
84
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2595
x-amz-id-2
n6QOxPQpfmbzG0wLMzOE4GA6e+5RtVNbaomzAD3eAqL5r/t5H1hZZQcbX4sII8IkyZHXbu3txAc=
x-served-by
cache-fra19181-FRA
last-modified
Wed, 02 Jun 2021 08:39:55 GMT
server
AmazonS3
x-timer
S1622718293.896078,VS0,VE0
date
Thu, 03 Jun 2021 11:04:52 GMT
vary
Accept-Encoding
x-amz-request-id
Q6534C5EXMVM9PZH
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
92
x-cache-hits
259
tb
15.taboola.com/ 		39 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=popcornfor2&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F%25E0%25B8%2581%25E0%25B8%25B9%25E0%25B8%25A1%25E0%25B8%25B4%25E0%25B9%2582%25E0%25B8%25AE-gumiho-%25E0%25B8%2584%25E0%25B8%25B7%25E0%25B8%25AD%25E0%25B8%25AD%25E0%25B8%25B0%25E0%25B9%2584%25E0%25B8%25A3-%25E0%25B8%2597%25E0%25B8%25B3%25E0%25B9%2584%25E0%25B8%25A1%25E0%25B8%2584%25E0%25B8%2599%25E0%25B9%2580%25E0%25B8%2581%25E0%25B8%25B2%25E0%25B8%25AB%25E0%25B8%25A5%25E0%25B8%25B5%25E0%25B8%2596%25E0%25B8%25B6%25E0%25B8%2587%25E0%25B8%2595%25E0%25B9%2589%25E0%25B8%25AD%25E0%25B8%2587%25E0%25B8%2581%25E0%25B8%25A5%25E0%25B8%25B1%25E0%25B8%25A7-news-116414&encoded=1&uid=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1622718292896&tagid=&cntry=DE&platform=1&sesid=13ebe40203154501e5bd75c87cf389d6&itemid=/content/%e0%b8%81%e0%b8%b9%e0%b8%a1%e0%b8%b4%e0%b9%82%e0%b8%ae-gumiho-%e0%b8%84%e0%b8%b7%e0%b8%ad%e0%b8%ad%e0%b8%b0%e0%b9%84%e0%b8%a3-%e0%b8%97%e0%b8%b3%e0%b9%84%e0%b8%a1%e0%b8%84%e0%b8%99%e0%b9%80%e0%b8%81%e0%b8%b2%e0%b8%ab%e0%b8%a5%e0%b8%b5%e0%b8%96%e0%b8%b6%e0%b8%87%e0%b8%95%e0%b9%89%e0%b8%ad%e0%b8%87%e0%b8%81%e0%b8%a5%e0%b8%b1%e0%b8%a7-news-116414&viewid=1622718292626&geolat=&geoing=&deviceifa=&appid=&sd=v2_13ebe40203154501e5bd75c87cf389d6_f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4_1622718292_1622718292_CNawjgYQ2aVSGJLFsIydLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B&ri=c9cd887d3add1d2dcba223a10817e77e&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1348313&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BE&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210602-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eb0f4d827457fe98bf53b2f15bab971abf6b38a4cfc8c12bcb0c8e3d672a70c7

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 03 Jun 2021 11:04:52 GMT
content-encoding
gzip
access-control-allow-origin
https://popcornfor2.com
machineid
1447
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn11522-HHN
pragma
no-cache
server
nginx
x-timer
S1622718293.899102,VS0,VE28
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20210602-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20210602-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/popcornfor2/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1759e37e41c88b92d65a9e3fe0d1b4451703083fce97835e8b39281bff84abc

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
wqOD5DCzQ319USwPhkwhXfPiHI.89C3s
content-encoding
gzip
etag
"16a4ad7e9264591166590cdb9d725dbb"
age
58
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1269
x-amz-id-2
sazobnAcqEyWbZ+SUBq/VnWgNaJUcHc0Co4mv4g8OlzqRruU6034SsH1ubED4rQ8rdlfQfWKqgs=
x-served-by
cache-fra19181-FRA
last-modified
Wed, 02 Jun 2021 08:40:15 GMT
server
AmazonS3
x-timer
S1622718293.898733,VS0,VE0
date
Thu, 03 Jun 2021 11:04:52 GMT
vary
Accept-Encoding
x-amz-request-id
X6F44N34G1D708C1
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
92
x-cache-hits
116
userx.20210602-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210602-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/popcornfor2/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3bd0e94be6cf427db82c6933bf6a3db4653da1dc1f489b9ad8ad08442979ff4

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
TXTqElumz_6X2Q0oRSqmyjqQnT1xSOHw
content-encoding
gzip
etag
"87865b738ab8f13253037388c07c7991"
age
19
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7963
x-amz-id-2
NEn0BLZsLziuhCnPCtrhkAgbnHYZ2UGJPwmwq2cfGprInKPKwn0mMPxsqa+bNT85PBv4bLrG7HM=
x-served-by
cache-fra19181-FRA
last-modified
Wed, 02 Jun 2021 08:39:31 GMT
server
AmazonS3
x-timer
S1622718293.910310,VS0,VE0
date
Thu, 03 Jun 2021 11:04:52 GMT
vary
Accept-Encoding
x-amz-request-id
SF7E2C1S9E6Q1VV1
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
92
x-cache-hits
28
explore-more.20210602-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20210602-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/popcornfor2/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
647c92f76fc64af6c6e3a53076511116ad0063377df632389a1d659c7c749513

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
lqWrv7BoWAEC91f5AbXbtrDOlxqqDMz3
content-encoding
gzip
etag
"0dd47cf04a2709c5d3ff714c1cb3b4b9"
age
45
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6761
x-amz-id-2
HzYj/4CIa8B4vrlukHqGOIoiaURnXdrkMvUZPl1PtT2Z6JLwZ0hQ5bZsrqWtH6UhTJF/Ijh1/HQ=
x-served-by
cache-fra19181-FRA
last-modified
Wed, 02 Jun 2021 08:40:18 GMT
server
AmazonS3
x-timer
S1622718293.917870,VS0,VE0
date
Thu, 03 Jun 2021 11:04:52 GMT
vary
Accept-Encoding
x-amz-request-id
FZ751WS8SBYCQ4C8
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
92
x-cache-hits
48
debug
trc-events.taboola.com/popcornfor2/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/popcornfor2/log/2/debug?tim=13%3A04%3A52.900&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&id=7714&cv=20210602-6-RELEASE&lt=deflated&pct=1
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12520
debug
trc-events.taboola.com/popcornfor2/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/popcornfor2/log/2/debug?tim=13%3A04%3A52.901&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&id=2340&cv=20210602-6-RELEASE&lt=deflated&pct=1
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12520
postview.gif
portal.blau.de/nws/img/
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117667V1225131106M&subid=tabnat_Pros_Desk_Generic_view
  • https://www.lead-alliance.net/tpv.php?t=117667V1225131106M&subid=tabnat_Pros_Desk_Generic_view
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117667&s_id=2021060313045351050634719X117667V1225131106MStabnat_Pros_Desk_Generic_view
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20210603130453510506347...
43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021060313045351050634719X117667V1225131106MStabnat_Pros_Desk_Generic_view&wfid=117667
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.236 Giessen, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.blau.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 11:04:53 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 03 Jun 2021 11:04:53 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117667_-HTLP&utm_term=AFF_la_117667_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021060313045351050634719X117667V1225131106MStabnat_Pros_Desk_Generic_view&wfid=117667
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2F26 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/th.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 02 Jun 2021 21:49:58 GMT
x-content-type-options
nosniff
server
cafe
age
47694
etag
12800268860518071124
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3306
x-xss-protection
0
expires
Thu, 03 Jun 2021 21:49:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2F26 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 06:55:38 GMT
x-content-type-options
nosniff
server
cafe
age
14954
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 04 Jun 2021 06:55:38 GMT
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
33
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
gu1BlDYz488MjezW5HVC4KOjfSEP5CnyrhFZk64mYkWUSsAKfgPXe/TsDJRtRMSkKP5wxB5plv8=
x-served-by
cache-fra19181-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1622718293.950063,VS0,VE0
date
Thu, 03 Jun 2021 11:04:52 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
MRC96A1AQ9NWKA57
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
92
x-cache-hits
32
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.4.3/ 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.4.3/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210602-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97725b58061a739b37771c81bec6532aeaf5362f4d96cd9fbd5447fdd081396b

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:52 GMT
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront), 1.1 varnish
age
1648908
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
28069
x-served-by
cache-hhn11522-HHN
last-modified
Sat, 15 May 2021 09:01:53 GMT
server
AmazonS3
x-timer
S1622718293.991899,VS0,VE0
etag
"fcb5bc7c7995847e4677426fd754a620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
3l65rmFPhlvpEVPJ0BdIxZIZ8t7GlTsaLMQd9QrTxzw1-mEDSb2TsA==
x-cache-hits
711780
abtests
trc.taboola.com/popcornfor2/log/3/ 		0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/popcornfor2/log/3/abtests?route=AM:AM:V&lti=deflated&ri=c9cd887d3add1d2dcba223a10817e77e&sd=v2_13ebe40203154501e5bd75c87cf389d6_f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4_1622718292_1622718292_CNawjgYQ2aVSGJLFsIydLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGixr-m1yv33zq0B&ui=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&pi=/content/%25e0%25b8%2581%25e0%25b8%25b9%25e0%25b8%25a1%25e0%25b8%25b4%25e0%25b9%2582%25e0%25b8%25ae-gumiho-%25e0%25b8%2584%25e0%25b8%25b7%25e0%25b8%25ad%25e0%25b8%25ad%25e0%25b8%25b0%25e0%25b9%2584%25e0%25b8%25a3-%25e0%25b8%2597%25e0%25b8%25b3%25e0%25b9%2584%25e0%25b8%25a1%25e0%25b8%2584%25e0%25b8%2599%25e0%25b9%2580%25e0%25b8%2581%25e0%25b8%25b2%25e0%25b8%25ab%25e0%25b8%25a5%25e0%25b8%25b5%25e0%25b8%2596%25e0%25b8%25b6%25e0%25b8%2587%25e0%25b8%2595%25e0%25b9%2589%25e0%25b8%25ad%25e0%25b8%2587%25e0%25b8%2581%25e0%25b8%25a5%25e0%25b8%25b1%25e0%25b8%25a7-news-116414&wi=-658012347203621021&pt=text&vi=1622718292626&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1622718292996%7D&tim=13%3A04%3A52.996&id=9869&llvl=1&cv=20210602-6-RELEASE&
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish
server
nginx
x-timer
S1622718293.006415,VS0,VE9
x-served-by
cache-hhn11522-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
tbp
15.taboola.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210602-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e5484fbbe506423ad15726336d41c75108b9b388854405236faef3afcc519fa

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
access-control-allow-origin
https://popcornfor2.com
machineid
1449
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11522-HHN
pragma
no-cache
server
nginx
x-timer
S1622718293.013183,VS0,VE22
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
3ab391bffe687a8ed5994d1737f176b2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ab391bffe687a8ed5994d1737f176b2.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1599804249239a7bf676ebc2565940e897243cb329350f6b35ed7e52a6e07b83

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
4224750
edge-cache-tag
612850636649693891647379155522222641667,356737923103245843458775926512817796149,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Thu, 06 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ab391bffe687a8ed5994d1737f176b2.jpg
content-length
17042
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Mon, 05 Apr 2021 06:41:39 GMT
server
nginx
x-timer
S1622718293.013966,VS0,VE0
etag
"1255f6247b228fa59ca386c38727bafe"
x-served-by
cache-wdc5573-WDC, cache-dca17754-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 27
ab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ncpkx.com/content/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ncpkx.com/content/ab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4055bac4d32f26d4e50efaad16ac10588b3ed75d4e77c86e22ca9affd9821857

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
2059638
edge-cache-tag
292649375176019712693491926249949008127,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
43
expiration
expiry-date="Sun, 16 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ncpkx.com/content/ab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg
content-length
7686
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 15 Apr 2021 00:36:35 GMT
server
nginx
x-timer
S1622718293.013970,VS0,VE0
etag
"3f10591cb9c09c87bbef74a8921093a5"
x-served-by
cache-wdc5529-WDC, cache-dca17735-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3
82fca7c41b83cc517cac87d38a1f8c1c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/82fca7c41b83cc517cac87d38a1f8c1c.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1a44b18d90209a2f3ab8468f036dfb1e50644e1edff0c5c81b78c84415944a46

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
3513890
edge-cache-tag
316413673410708866054948270280824869725,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
38
expiration
expiry-date="Mon, 26 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/82fca7c41b83cc517cac87d38a1f8c1c.png
content-length
12932
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Fri, 26 Mar 2021 10:26:39 GMT
server
nginx
x-timer
S1622718293.013899,VS0,VE0
etag
"e844107eff0c39268513f94f10eaa6a5"
x-served-by
cache-wdc5527-WDC, cache-dca17766-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 17
d26c968335d2ec49fd0f8d5ee0757539.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d26c968335d2ec49fd0f8d5ee0757539.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fec66f10a0feefafcfbbbb988173e7a6024c6ecdc6b882c4eb6ed30f1c544351

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
1944128
edge-cache-tag
623400054617957289036236132898111554428,356737923103245843458775926512817796149,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_390%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d26c968335d2ec49fd0f8d5ee0757539.jpg
content-length
66488
x-request-id
3ba7a43ac5e10454a790eb04b08a0ac7
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 11 May 2021 17:53:38 GMT
server
nginx
x-timer
S1622718293.013782,VS0,VE0
etag
"a065f9cac1f2be8bf5dae779fcc69616"
x-served-by
cache-wdc5539-WDC, cache-dca17776-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 21
1c2da96580d88f56c23d28ca68d819c8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c2da96580d88f56c23d28ca68d819c8.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9c6266a78d33a7222598a29b83c9656d04edc480e5544281a4992bc278378035

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
1732523
edge-cache-tag
349204141988350014822346084807753263403,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
98
x-envoy-upstream-service-time
37
expiration
expiry-date="Sun, 30 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c2da96580d88f56c23d28ca68d819c8.jpg
content-length
17564
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Thu, 29 Apr 2021 13:38:11 GMT
server
nginx
x-timer
S1622718293.013973,VS0,VE1
etag
"903b5a29090b86d73681b07f23ba0d65"
x-served-by
cache-wdc5559-WDC, cache-dca17755-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
c388f67ebe8a2732ebed88b2419da7bc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c388f67ebe8a2732ebed88b2419da7bc.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
64f8efccc1f92d618b9c28fb149115e80e0b11e6120c15af2a397c34989ce395

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
1209236
edge-cache-tag
318270056734806123079317470781134532838,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
22
expiration
expiry-date="Sat, 05 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c388f67ebe8a2732ebed88b2419da7bc.jpg
content-length
4564
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Wed, 05 May 2021 11:19:30 GMT
server
nginx
x-timer
S1622718293.014919,VS0,VE0
etag
"9fcbc6a3fbde1a5534d51f3ba5e9b459"
x-served-by
cache-wdc5537-WDC, cache-dca17744-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 75
news-full-111345.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.popcornfor2.com/upload/112/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.popcornfor2.com/upload/112/news-full-111345.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
25473141c9a530212a37c0de6e521d14df4b39b17eb8a376b776843e9c4a6e03

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
2260724
edge-cache-tag
577512902151887248666688640633761361304,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
185
expiration
expiry-date="Sun, 16 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.popcornfor2.com/upload/112/news-full-111345.jpg
content-length
41764
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 15 Apr 2021 23:58:06 GMT
server
nginx
x-timer
S1622718293.031371,VS0,VE1
etag
"26442fbf70ecde0710e28474147a782b"
x-served-by
cache-wdc5566-WDC, cache-dca17764-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
news-full-117656.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//popcornfor2.com/upload/118/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//popcornfor2.com/upload/118/news-full-117656.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bfda53b675c4babacc545df4e60b99004a8bfec1e0485373a1444d7514b29de6

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1057
date
Thu, 03 Jun 2021 11:04:54 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
347532272978270514793157542924266764424,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
962
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//popcornfor2.com/upload/118/news-full-117656.jpg
content-length
20010
x-request-id
be0a6277ca156f04c7357c3f7fdb8c27
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Thu, 20 May 2021 09:36:11 GMT
server
nginx
x-timer
S1622718293.031472,VS0,VE1057
etag
"7a94635a0afd353f42213e33025d1d88"
x-served-by
cache-wdc5537-WDC, cache-dca17721-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
news-full-116665.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//popcornfor2.com/upload/117/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//popcornfor2.com/upload/117/news-full-116665.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
446cc73e92229bee4f3f41fa39bf74caa55ff040eb59d07a4799e2eea3944eed

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
1489930
edge-cache-tag
441651442257274926483827779718832265984,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
153
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//popcornfor2.com/upload/117/news-full-116665.jpg
content-length
35528
x-request-id
00b4fac178d842b66340896d64b7fe19
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sun, 09 May 2021 22:52:50 GMT
server
nginx
x-timer
S1622718293.031810,VS0,VE1
etag
"fa2b3f8f8031d0f186c809ddaa82760e"
x-served-by
cache-wdc5550-WDC, cache-dca17759-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1
news-full-108394.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.popcornfor2.com/upload/109/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.popcornfor2.com/upload/109/news-full-108394.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
596941d0a70f914b1234db9e21d87983ed14ceb8c6cf4d9c6024f3ec2d99f900

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
332
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
543061009454339174951995853359440991352,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
217
expiration
expiry-date="Sat, 12 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.popcornfor2.com/upload/109/news-full-108394.jpg
content-length
19534
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Wed, 12 May 2021 07:00:05 GMT
server
nginx
x-timer
S1622718293.034949,VS0,VE332
etag
"40fd58d9458f69fb88e43082d34bbe8c"
x-served-by
cache-wdc5578-WDC, cache-dca17723-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
news-full-116840.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//popcornfor2.com/upload/117/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//popcornfor2.com/upload/117/news-full-116840.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
48bef3c117473be5695f7c4c42342c18d14622e23c420e20d8c5ec6982fe1153

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
179
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
1893203
edge-cache-tag
480211801526478926617561227128726013788,388671775900320025315642327208943500211,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
60
x-cache
HIT, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//popcornfor2.com/upload/117/news-full-116840.jpg
content-length
25140
x-request-id
977e81faaea35c49dd5980470148bd04
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sun, 02 May 2021 15:18:47 GMT
server
nginx
x-timer
S1622718293.038061,VS0,VE179
etag
"b572fb2f484df85abbc43b08e70e393b"
x-served-by
cache-wdc5553-WDC, cache-dca17766-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0
news-full-115702.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.popcornfor2.com/upload/116/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.popcornfor2.com/upload/116/news-full-115702.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a94e3ed070985127960fd364ab910a948c9534f881176f4116483efdebd33b5

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
2455801
edge-cache-tag
324643766903227217228896899542575732535,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
73
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.popcornfor2.com/upload/116/news-full-115702.jpg
content-length
19118
x-request-id
b2f10aa6d154f4261ebb485633438aad
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Thu, 29 Apr 2021 14:05:36 GMT
server
nginx
x-timer
S1622718293.038274,VS0,VE1
etag
"a28825f782e9a4dd56d9e83b4b804c26"
x-served-by
cache-wdc5536-WDC, cache-dca12920-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
news-full-117562.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.popcornfor2.com/upload/118/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.popcornfor2.com/upload/118/news-full-117562.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bb4dc74bdeb98921069d998b4ae43f5978bea7f91b26b16c87d29277891feb7d

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
1844527
edge-cache-tag
571488593770917320683642978825822309201,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
56
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.popcornfor2.com/upload/118/news-full-117562.jpg
content-length
10792
x-request-id
12a9be44497d01b3ae78489cd416edb1
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 06 May 2021 06:54:09 GMT
server
nginx
x-timer
S1622718293.042809,VS0,VE1
etag
"7e6b6ff041f2464551864fe850e2a731"
x-served-by
cache-wdc5559-WDC, cache-dca12927-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
tbp
15.taboola.com/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210602-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c0d25e811ae93b7cc04b1e2f712c5e6a969aa5770f241bb949d65dc4b8230b10

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
access-control-allow-origin
https://popcornfor2.com
machineid
1401
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11522-HHN
pragma
no-cache
server
nginx
x-timer
S1622718293.015563,VS0,VE24
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
3ab391bffe687a8ed5994d1737f176b2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ab391bffe687a8ed5994d1737f176b2.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2941c654d4fc90da0915020902f64f74bec1b841a2bc0d930665ebb1a58e49ee

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
2226518
edge-cache-tag
612850636649693891647379155522222641667,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Mon, 07 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3ab391bffe687a8ed5994d1737f176b2.jpg
content-length
14616
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 07 May 2021 04:42:56 GMT
server
nginx
x-timer
S1622718293.044100,VS0,VE0
etag
"89a0114f14682f406161fdca3cb2d3cc"
x-served-by
cache-wdc5570-WDC, cache-dca17768-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 75
d26c968335d2ec49fd0f8d5ee0757539.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d26c968335d2ec49fd0f8d5ee0757539.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
30fe573ed1de35f4e8479942f3d7ed0864489dea01216ca50473f7a6acaedc17

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
1943278
edge-cache-tag
623400054617957289036236132898111554428,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d26c968335d2ec49fd0f8d5ee0757539.jpg
content-length
90666
x-request-id
a519794afeba146f87498c6a6acec8fa
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Tue, 11 May 2021 17:53:38 GMT
server
nginx
x-timer
S1622718293.052604,VS0,VE0
etag
"506f9c53e78d3d9b290976493e9b603e"
x-served-by
cache-wdc5568-WDC, cache-dca17750-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 34
ab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ncpkx.com/content/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ncpkx.com/content/ab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b12be2bd8befee1064b293236eea529c4e2e49b0d87b16081a0f0b5ea5e59f44

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
1808125
edge-cache-tag
292649375176019712693491926249949008127,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
86
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ncpkx.com/content/ab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg
content-length
19828
x-request-id
274e3cd6941285cf8f43624ca388fdba
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Sun, 09 May 2021 21:38:06 GMT
server
nginx
x-timer
S1622718293.055484,VS0,VE1
etag
"3eb67485a11e0f08e5720da587a09e75"
x-served-by
cache-wdc5559-WDC, cache-dca17780-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
news-full-117653.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//popcornfor2.com/upload/118/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//popcornfor2.com/upload/118/news-full-117653.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe215aa5b96ce22327be6d4d81c361f1136de9e24391fd3f2387eb24ba4746e8

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
122
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
446927
edge-cache-tag
370520726079695156921553964741065441134,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
98
x-envoy-upstream-service-time
27
x-cache
HIT, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//popcornfor2.com/upload/118/news-full-117653.jpg
content-length
6508
x-request-id
8172bebbfb798c30612f647c895ee4b5
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Thu, 20 May 2021 08:26:01 GMT
server
nginx
x-timer
S1622718293.055646,VS0,VE122
etag
"bdde1e7710cbb5f6db1827c369a124d1"
x-served-by
cache-wdc5531-WDC, cache-dca17770-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0
82fca7c41b83cc517cac87d38a1f8c1c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/82fca7c41b83cc517cac87d38a1f8c1c.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f29df7081519f60c495e46528a5bb0649910a86efaf66afe358c2706e90d02aa

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
1086186
edge-cache-tag
316413673410708866054948270280824869725,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
45
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/82fca7c41b83cc517cac87d38a1f8c1c.png
content-length
13682
x-request-id
3b236b5305debb816e30a7702cbb4c3e
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Fri, 23 Apr 2021 14:17:28 GMT
server
nginx
x-timer
S1622718293.064187,VS0,VE1
etag
"b2f6f421628fb994aef811a23b90373e"
x-served-by
cache-wdc5523-WDC, cache-dca17751-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
1c2da96580d88f56c23d28ca68d819c8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c2da96580d88f56c23d28ca68d819c8.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2bf72f5a2f96936ad9810f3149d81478157cde9a44cc73e9df90f3d2553d8dcb

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
3278485
edge-cache-tag
349204141988350014822346084807753263403,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Sun, 09 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c2da96580d88f56c23d28ca68d819c8.jpg
content-length
15566
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Thu, 08 Apr 2021 09:01:07 GMT
server
nginx
x-timer
S1622718293.064556,VS0,VE1
etag
"7a166a3fcc401ff57e28e1c01dacbd02"
x-served-by
cache-wdc5565-WDC, cache-dca17726-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
news-full-108129.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.popcornfor2.com/upload/109/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.popcornfor2.com/upload/109/news-full-108129.jpg
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
72da9a2bdb97bec3bf2f6981252daf17fc79c751456664de66e8907697722e90

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
188
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
353166920969797522578039521493172146539,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
78
expiration
expiry-date="Thu, 10 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.popcornfor2.com/upload/109/news-full-108129.jpg
content-length
6410
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 10 May 2021 12:42:02 GMT
server
nginx
x-timer
S1622718293.073326,VS0,VE188
etag
"f8cdba6c213f0ee00776255d45b7028f"
x-served-by
cache-wdc5528-WDC, cache-dca17769-DCA, cache-hhn11522-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
debug
trc-events.taboola.com/popcornfor2/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/popcornfor2/log/2/debug?tim=13%3A04%3A53.032&type=warn&msg=TRC.TranslationsManager%20-%20language%20key%3A%20th%20not%20recognized%20for%20feature%20userx.&id=3345&cv=20210602-6-RELEASE&lt=deflated&pct=1
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12518
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210602-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront), 1.1 varnish
age
3289382
x-amz-meta-mtime
1580720676
x-cache
RefreshHit from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-hhn11522-HHN
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1622718293.056138,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
wmzh0cDjDIUcI3Wel4tio7NVrqgrg1rCz2Rz1knjAiGHpx_HwKnRPQ==
x-cache-hits
2821012
st
imprammp.taboola.com/ Frame EAF0 		0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=F960AA74BE502427121583821123&cicmp=1337627&cijs=1&dast=V7fw8CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHG8acDRYM3mjCYg0mo8lusZjMRqPhYDkbLiFhFovFaDJbDadgsIXP6e5uAwaaTofPda8X_A0fv-Vu81suc43f7ZcDAAAAwAMAUUs0xI5vQ3sEAAAAgATPyLUCRUDFv4XABQAAAAAGAIFYuAYAFIeBuCxnp90fAAAPBSAAAAIYIQA9A_YiAAAAACMAAAAAJAACiYUlAA53iyYAAAF50YwkEScAAAAHdTJP2yz_____MQB5700yABRpGzcGPQAPPgAPQgAAABdDlrwKX8hP811EBXlFjAAAAACy8oFWjyZ1QmVR9f___28FcAUAEJAXzUiyknVzUswaBgAAADC2QA-L32922DV-t8v-_________83-zwDQhKQ8cNOCrCj21HhGrhXWfgEBANjeDQDgLQAu5gDsAAAAAO7-____8wAAAMj2KNleq_HsUdb7DLbwOd3d9ZuwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHOJB1bl0Pq_OxwZcziWj5Vw2mit2i1UCAAAAAAAAAFjClHkTAAAAgNMgZrPJbrfixps9E8RarZY1AAAAALdu5AA!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cipid=7991117&ttype=0&cirid=F960AA74BE502427121583821123&cicmp=1337627&cijs=1&dast=V7fw8CFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHG8acDRYM3mjCYg0mo8lusZjMRqPhYDkbLiFhFovFaDJbDadgsIXP6e5uAwaaTofPda8X_A0fv-Vu81suc43f7ZcDAAAAwAMAUUs0xI5vQ3sEAAAAgATPyLUCRUDFv4XABQAAAAAGAIFYuAYAFIeBuCxnp90fAAAPBSAAAAIYIQA9A_YiAAAAACMAAAAAJAACiYUlAA53iyYAAAF50YwkEScAAAAHdTJP2yz_____MQB5700yABRpGzcGPQAPPgAPQgAAABdDlrwKX8hP811EBXlFjAAAAACy8oFWjyZ1QmVR9f___28FcAUAEJAXzUiyknVzUswaBgAAADC2QA-L32922DV-t8v-_________83-zwDQhKQ8cNOCrCj21HhGrhXWfgEBANjeDQDgLQAu5gDsAAAAAO7-____8wAAAMj2KNleq_HsUdb7DLbwOd3d9ZuwxWg1mWyWw9lyMRkMR8PRaH8CuBzgRAyWy8lkMdmtRqvRZrgbzQYLFIjBBCdkONpMVqPdajdZDiej0Wwz2SBFq1az0WYwXM0ms91uNRwMl6MRUrRmMZtMFrPRcrcZLCejwXAyHOJB1bl0Pq_OxwZcziWj5Vw2mit2i1UCAAAAAAAAAFjClHkTAAAAgNMgZrPJbrfixps9E8RarZY1AAAAALdu5AA!&excid=22&tst=1&docw=0&cs=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish
x-served-by
cache-hhn11522-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1622718293.073197,VS0,VE9
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/28_3_10/infra/ 		727 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish
age
2369127
x-amz-meta-mtime
1605697226
x-cache
HIT
x-amz-meta-ctime
1605697428
x-amz-meta-mode
33188
content-encoding
br
content-length
135037
x-amz-id-2
LMtwrmAQaHuYBtQ+aT8jzlGYm3W++AiA/X/Oa2YFaTAjAS8bk7G3hAyd72ezcHFWyI99o9mXm/E=
x-served-by
cache-hhn11522-HHN
accept-ranges
bytes
last-modified
Wed, 18 Nov 2020 11:03:50 GMT
server
AmazonS3-br
x-timer
S1622718293.070410,VS0,VE0
etag
"37b0b0415484e88063c945bde767ba70"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
X1TS47Z0CGR0ACY9
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
475381
cmOsUnit.css
vidstat.taboola.com/vpaid/units/28_3_10/assets/css/ 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/28_3_10/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish
age
817767
x-amz-meta-mtime
1605697226
x-cache
HIT
x-amz-meta-ctime
1605697397
x-amz-meta-mode
33188
content-encoding
br
content-length
6493
x-amz-id-2
sin4OqQLKZQNB5ffyyx/8q8TmGjdtCifygYVIghUNoO5fsn8Q6wUPc8HK3I0fZsVWl8PiRMS8Ig=
x-served-by
cache-hhn11522-HHN
accept-ranges
bytes
last-modified
Wed, 18 Nov 2020 11:03:19 GMT
server
AmazonS3-br
x-timer
S1622718293.070388,VS0,VE0
etag
"083925e970a05bed26a70ecbfde9c0ca"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
G7WNZJ429RRKGDQM
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
217203
st
imprammp.taboola.com/ Frame 1B33 		0
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=D4154E527189021201519657646&cicmp=1337627&cijs=1&dast=V7jyQCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGkRarEYr1mS3GC4Hk8ViORwNV7PRbLhZQsIsFovRZLYaTsFgC5_T3d0GDDSdDp_rXi_4Gz5-y93mt1zmGr_bLwcAAACABwCilmiIHd-G9ggAAAAACZ6RawWKgIp_C4ELAAAAAAwAArFwDQAoDgNxWc5Ouz8AAB4KQAAABDBCAHoG6EUAAAAARgAAAABIAAQSC0sAHO4WTQAAAvKiGUkGTgAAAA7qZJ62Wf7___9jAPLem2QAKNI2bgx6AB58AB6EAAAALoZ06LogM0ALWogKUosYAQAAAGTlA60eTeqEyqLq____3wrgCgAgIC-akcQk6-akmDUMAAAAYGyBHha_3-ywa_xul_3_________m_2fAaAJSXngpgVZUeyp8YxcK6z9AgIAsL0bAMBbAFzMAdgBAAAA3P3____nAQAAUOxRsr1W49mjrPcZbOFzurvrN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJTshwtJmsRrvVbrIcTkaj2WayQYpWrWajzWC4mk1mu91qOBguRyOkaM1iNpksZqPlbjNYTkaD4WQ4xIOqc-l8Xp2PDbicS0bLuWw0V-wWqwQAAAAAAAAAsIQp8yYAAAAAp0HMZpPdbsWNN3smiLVaLWsAAAAAbt3IAQ!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cipid=7991117&ttype=0&cirid=D4154E527189021201519657646&cicmp=1337627&cijs=1&dast=V7jyQCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGkRarEYr1mS3GC4Hk8ViORwNV7PRbLhZQsIsFovRZLYaTsFgC5_T3d0GDDSdDp_rXi_4Gz5-y93mt1zmGr_bLwcAAACABwCilmiIHd-G9ggAAAAACZ6RawWKgIp_C4ELAAAAAAwAArFwDQAoDgNxWc5Ouz8AAB4KQAAABDBCAHoG6EUAAAAARgAAAABIAAQSC0sAHO4WTQAAAvKiGUkGTgAAAA7qZJ62Wf7___9jAPLem2QAKNI2bgx6AB58AB6EAAAALoZ06LogM0ALWogKUosYAQAAAGTlA60eTeqEyqLq____3wrgCgAgIC-akcQk6-akmDUMAAAAYGyBHha_3-ywa_xul_3_________m_2fAaAJSXngpgVZUeyp8YxcK6z9AgIAsL0bAMBbAFzMAdgBAAAA3P3____nAQAAUOxRsr1W49mjrPcZbOFzurvrN2GL0Woy2SyHs-ViMhiOhqPR_gRwOcCJGCyXk8lisluNVqPNcDeaDRYoEIMJTshwtJmsRrvVbrIcTkaj2WayQYpWrWajzWC4mk1mu91qOBguRyOkaM1iNpksZqPlbjNYTkaD4WQ4xIOqc-l8Xp2PDbicS0bLuWw0V-wWqwQAAAAAAAAAsIQp8yYAAAAAp0HMZpPdbsWNN3smiLVaLWsAAAAAbt3IAQ!&excid=22&tst=1&docw=0&cs=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish
x-served-by
cache-hhn11522-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1622718293.073333,VS0,VE8
content-length
0
PMS.js
vidstat.taboola.com/PMS/2.2.1/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront), 1.1 varnish
age
1541924
x-amz-meta-mtime
1542789750
x-cache
Hit from cloudfront, HIT
x-amz-meta-mode
33188
content-encoding
gzip
content-length
15795
x-served-by
cache-hhn11522-HHN
last-modified
Wed, 21 Nov 2018 08:42:31 GMT
server
AmazonS3
x-timer
S1622718293.130182,VS0,VE0
etag
"57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
mgdkqzBw1GOTaYomORTPdr_tmhZGYZUuQQ4kYCsx2OfRHmOT3d-7qg==
x-cache-hits
485664
2d982c6f-d025-4935-b59d-f601cf322314
compass.adop.cc/RE/ Frame 158F 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/RE/2d982c6f-d025-4935-b59d-f601cf322314?loc=
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RC/2d982c6f-d025-4935-b59d-f601cf322314
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-68.fra50.r.cloudfront.net
Software
nginx / PHP/7.4.15
Resource Hash
e7cb666fdce72b534f769681c7d269b31b721f22897c1188c349631b2fadd508

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA50-C1
x-powered-by
PHP/7.4.15
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
public, max-age=300
content-type
text/html; charset=UTF-8
content-length
2055
x-amz-cf-id
SNrXWUTViT_bh7UDh1RMgugShcMMTmyQgpYsbsjUJYqSMLchXetDpA==
viu_logo_large.png
www.viu.com/ott/misc/widget/images/ Frame B312 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.viu.com/ott/misc/widget/images/viu_logo_large.png
Requested by
Host: www.viu.com
URL: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-195.cdg52.r.cloudfront.net
Software
nginx /
Resource Hash
009720b74cd6779498e3aa1f985734a59770bb3906ab15e15dae09508b6129ec

Request headers

Referer
https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:02:44 GMT
via
1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jul 2017 09:20:31 GMT
server
nginx
age
129
etag
"596dd2df-179a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
no-cache="set-cookie"
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
content-length
6042
x-amz-cf-id
yLHXOUhSH6N9XSllBZY_ctmfvBKryKIptnfSp15cmmUYYE6Mxf7w0A==
viuplayer.min.css
www.viu.com/ott/misc/widget/viuplayer/ Frame B312 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.viu.com/ott/misc/widget/viuplayer/viuplayer.min.css
Requested by
Host: www.viu.com
URL: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-195.cdg52.r.cloudfront.net
Software
nginx /
Resource Hash
ebd643fa0d5226695fd8c8c08e042ffb960f3c287c7abd60dfc21996877f9390

Request headers

Referer
https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
last-modified
Mon, 08 Oct 2018 06:59:22 GMT
server
nginx
x-amz-cf-pop
CDG52-P2
etag
W/"5bbb004a-5316"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
via
1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
cache-control
no-cache="set-cookie"
content-length
3909
x-amz-cf-id
xbh2V5QRWsKEJaA2rmKaHqX62U8i_1w_Fv91SaCRV7kjnNhK_o7Z_Q==
flowplayer_combined.css
www.viu.com/ott/misc/widget/css/ Frame B312 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.viu.com/ott/misc/widget/css/flowplayer_combined.css
Requested by
Host: www.viu.com
URL: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-195.cdg52.r.cloudfront.net
Software
nginx /
Resource Hash
e15eecb353d8723e3a7e8597a71060ca5e7887f7f42ff4d1e28a844352fb3f33

Request headers

Referer
https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
last-modified
Mon, 11 Jun 2018 03:05:41 GMT
server
nginx
x-amz-cf-pop
CDG52-P2
etag
W/"5b1de705-28f4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
via
1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
cache-control
no-cache="set-cookie"
content-length
2494
x-amz-cf-id
U7mwLugHZfKZQLTxOVZ7zJ0o_1OgPmbu03_2bxV487nte-c0FUmbNg==
widget.css
www.viu.com/ott/misc/widget/css/ Frame B312 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.viu.com/ott/misc/widget/css/widget.css
Requested by
Host: www.viu.com
URL: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-195.cdg52.r.cloudfront.net
Software
nginx /
Resource Hash
599a4fe9f6d46db80d5096c0c4d2f216d5f2a044e40a66fc1cd02c772cfb1025

Request headers

Referer
https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
last-modified
Mon, 11 Jun 2018 03:05:41 GMT
server
nginx
x-amz-cf-pop
CDG52-P2
etag
W/"5b1de705-1fc2"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
via
1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
cache-control
no-cache="set-cookie"
content-length
2236
x-amz-cf-id
GnEavmpwahjozCqWQ7aTDObK1GMtLM6eJYsXwfyBm4JzGOLbFnuPqw==
jquery-1.12.4.min.js
code.jquery.com/ Frame B312 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: www.viu.com
URL: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://www.viu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 17:18:54 GMT
server
nginx
etag
W/"573f46fe-17b8b"
vary
Accept-Encoding
x-hw
1622718293.dop233.fr8.t,1622718293.cds225.fr8.hn,1622718293.cds167.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33738
mobile-detect.min.js
cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.1/ Frame B312 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.1/mobile-detect.min.js
Requested by
Host: www.viu.com
URL: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773e5bbc4fb9297bc224eb406ea65168fe8d36586ff15b997e373943bbf0e643
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.viu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3553670
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12930
cf-request-id
0a73253cc600004ea39d275000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f25-8ed9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jxOAwHr89z3zxU2%2FcDZkZaLbCP%2FJGY5itWlMn9vJ%2Bi7WM2ctK85LBUZQSXU3fV6rdltAO%2F4meV4qbulj2aljP0Z0oy%2FP8CkMkDVJKFO8udePwJhrYNQGzVrVwQDppNMiXI%2FAWeUchmg2RT6UKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
659871746d434ea3-FRA
expires
Tue, 24 May 2022 11:04:53 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B312 		337 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.viu.com
URL: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be3b48dbe04f652fba8973decb94e84bf9e06fd3b0d0beddfe8859d11ccd7576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.viu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117995
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:53 GMT
viuplayer.min.js
www.viu.com/ott/misc/widget/viuplayer/ Frame B312 		501 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.viu.com/ott/misc/widget/viuplayer/viuplayer.min.js
Requested by
Host: www.viu.com
URL: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-195.cdg52.r.cloudfront.net
Software
nginx /
Resource Hash
206c572c9778e6bce862d1645129681d7d3f41fd669a9bb426111da817135de4

Request headers

Referer
https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
last-modified
Mon, 08 Oct 2018 06:59:22 GMT
server
nginx
x-amz-cf-pop
CDG52-P2
etag
W/"5bbb004a-7d396"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
cache-control
no-cache="set-cookie"
x-amz-cf-id
2tzBd090ABfRf_G4b9u9qBktv-wJDOAJyq1yNaHwz44GtpBxRAxu7g==
viuplayer.js
www.viu.com/ott/misc/widget/player_api/ Frame B312 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.viu.com/ott/misc/widget/player_api/viuplayer.js
Requested by
Host: www.viu.com
URL: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-195.cdg52.r.cloudfront.net
Software
nginx /
Resource Hash
ebe82920eef81e4bb40e4830db9ec575f255c65fe5a1e6a383795291d1f46d20

Request headers

Referer
https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
last-modified
Mon, 11 Jun 2018 03:05:41 GMT
server
nginx
x-amz-cf-pop
CDG52-P2
etag
W/"5b1de705-151c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
cache-control
no-cache="set-cookie"
content-length
1467
x-amz-cf-id
OOXOceydBLMACGwt9h9vmmXK6F9ciP8Ug5vHHm400oUfUN0FApWFhA==
URI.min.js
www.viu.com/ott/misc/widget/js/ Frame B312 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.viu.com/ott/misc/widget/js/URI.min.js
Requested by
Host: www.viu.com
URL: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-195.cdg52.r.cloudfront.net
Software
nginx /
Resource Hash
39259f689de4a4b42fe99ce88884ca2d525ccca82c0c7d99e7ab8f900bd24196

Request headers

Referer
https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2017 09:20:31 GMT
server
nginx
x-amz-cf-pop
CDG52-P2
etag
W/"596dd2df-b370"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
cache-control
no-cache="set-cookie"
content-length
14644
x-amz-cf-id
g6OdjS1l0-Q1y8n-3G5YTFScTI9foYjHO2yeatwaH_W1kjEHvEx7hQ==
config.js
www.viu.com/ott/misc/widget/js/ Frame B312 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.viu.com/ott/misc/widget/js/config.js
Requested by
Host: www.viu.com
URL: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-195.cdg52.r.cloudfront.net
Software
nginx /
Resource Hash
8db01293cefc880f4de07650664302948f95d070ece210c49673b9e758ad3f84

Request headers

Referer
https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
last-modified
Mon, 11 Jun 2018 03:05:41 GMT
server
nginx
x-amz-cf-pop
CDG52-P2
etag
W/"5b1de705-901"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
cache-control
no-cache="set-cookie"
content-length
754
x-amz-cf-id
eN1h8B8YYK3D6WG9HcfYCQODPzlNVmp2FOPSFqZPI1_Ow0wmeW-AEQ==
widget.min.js
www.viu.com/ott/misc/widget/js/ Frame B312 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.viu.com/ott/misc/widget/js/widget.min.js
Requested by
Host: www.viu.com
URL: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.163.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-163-195.cdg52.r.cloudfront.net
Software
nginx /
Resource Hash
3f51aaba9f9e007840a1fb8583c80647a2b678e679d86edd71c97bda3232360f

Request headers

Referer
https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
last-modified
Mon, 23 Jul 2018 06:59:17 GMT
server
nginx
x-amz-cf-pop
CDG52-P2
etag
W/"5b557cc5-462a"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
cache-control
no-cache="set-cookie"
content-length
4485
x-amz-cf-id
sRc_lH0Rt1EaJuMKRRqRQngR29qnMAFJ8enZb8KRbDuIKa6BC2BUoQ==
f110fba0-0e45-49b7-88d5-6bae8f6fbaec
https://popcornfor2.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://popcornfor2.com/f110fba0-0e45-49b7-88d5-6bae8f6fbaec
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
83f8842b-bbe3-47fd-9cba-fd705df57ffe
https://popcornfor2.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://popcornfor2.com/83f8842b-bbe3-47fd-9cba-fd705df57ffe
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
aabve2zy5choogs4rdna.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1619616801/ 		338 KB
338 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1619616801/aabve2zy5choogs4rdna.mp4
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a884a31ee3d75ffacefe46610674d968dd2623dd972a03eae13ed549bd0fad93

Request headers

Referer
https://popcornfor2.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
x1sQHMXsA24nz3OqiSJ8jjb1G1auaFkP
via
1.1 varnish
etag
"2dcc8642557c4c1e41e36578c8903966"
age
9
x-cache
HIT
Content-Range
bytes 0-345749/345750
x-amz-replication-status
COMPLETED
Content-Length
345750
x-amz-id-2
2uN/4XWg5dctGSOOXbaisfSGRWFUGYkYAfxsyYN6Pa4RTgrat+H80OJtF8QDF1BaEyr33sGcb90=
x-served-by
cache-hhn11522-HHN
last-modified
Wed, 28 Apr 2021 13:33:29 GMT
server
AmazonS3
x-timer
S1622718293.257487,VS0,VE1
date
Thu, 03 Jun 2021 11:04:53 GMT
x-amz-request-id
H7WRWZ1R8WKG0VBC
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
92
x-cache-hits
0
aabve2zy5choogs4rdna.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1619616801/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1619616801/aabve2zy5choogs4rdna.mp4
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://popcornfor2.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
x1sQHMXsA24nz3OqiSJ8jjb1G1auaFkP
via
1.1 varnish
etag
"2dcc8642557c4c1e41e36578c8903966"
age
9
x-cache
HIT
Content-Range
bytes 0-345749/345750
x-amz-replication-status
COMPLETED
Content-Length
345750
x-amz-id-2
2uN/4XWg5dctGSOOXbaisfSGRWFUGYkYAfxsyYN6Pa4RTgrat+H80OJtF8QDF1BaEyr33sGcb90=
x-served-by
cache-hhn11522-HHN
last-modified
Wed, 28 Apr 2021 13:33:29 GMT
server
AmazonS3
x-timer
S1622718293.259134,VS0,VE1
date
Thu, 03 Jun 2021 11:04:53 GMT
x-amz-request-id
H7WRWZ1R8WKG0VBC
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
92
x-cache-hits
0
st
imprammp.taboola.com/ Frame 09E9 		578 B
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66479105&crid=6166585&dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&cmcv=&pix=undefined&cb=1622718293314&uv=2978&tms=1622718293314&abt=adh5c-1_vA!ecf_vB!insc_vA!prbdsm6_vB!spa2_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9BBCAFD676198335252002118676&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
493bd64306dce98e46e22d903fdb73f1d6718e6c6ceb642feb32a6ddebf34bf1

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66479105&crid=6166585&dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&cmcv=&pix=undefined&cb=1622718293314&uv=2978&tms=1622718293314&abt=adh5c-1_vA!ecf_vB!insc_vA!prbdsm6_vB!spa2_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9BBCAFD676198335252002118676&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish
x-served-by
cache-hhn11522-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1622718293.316950,VS0,VE10
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame 9F3B 		578 B
663 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
493bd64306dce98e46e22d903fdb73f1d6718e6c6ceb642feb32a6ddebf34bf1

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 11:04:53 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3402
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6166585&noaop=3&sortOrderType=0&cb=1622718293318&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1235&pt=-1427083635&tz=120&viewable=true&ddast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2524215&dpubid=474985&abtst=adh5c-1_vA!ecf_vB!insc_vA!prbdsm6_vB!spa2_vA!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fpopcornfor2.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1994609ff106e2317c7654b37e8ea1189f64f256f09c14a8f5ef7b0fe113d566

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
access-control-allow-origin
https://popcornfor2.com
machineid
1481
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11522-HHN
pragma
no-cache
server
nginx
x-timer
S1622718293.320765,VS0,VE57
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66479105&crid=6166585&dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&cmcv=&pix=31589837&cb=1622718293314&uv=2978&tms=1622718293314&abt=adh5c-1_vA!ecf_vB!insc_vA!prbdsm6_vB!spa2_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1622718289228.5!ts:1622718293314&mntl=1
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-length
0
server
nginx
aabve2zy5choogs4rdna.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1619616801/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1619616801/aabve2zy5choogs4rdna.mp4
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://popcornfor2.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
x1sQHMXsA24nz3OqiSJ8jjb1G1auaFkP
via
1.1 varnish
etag
"2dcc8642557c4c1e41e36578c8903966"
age
9
x-cache
HIT
Content-Range
bytes 0-345749/345750
x-amz-replication-status
COMPLETED
Content-Length
345750
x-amz-id-2
2uN/4XWg5dctGSOOXbaisfSGRWFUGYkYAfxsyYN6Pa4RTgrat+H80OJtF8QDF1BaEyr33sGcb90=
x-served-by
cache-hhn11522-HHN
last-modified
Wed, 28 Apr 2021 13:33:29 GMT
server
AmazonS3
x-timer
S1622718293.325574,VS0,VE1
date
Thu, 03 Jun 2021 11:04:53 GMT
x-amz-request-id
H7WRWZ1R8WKG0VBC
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
92
x-cache-hits
0
generic
match.adsrvr.org/track/cmf/ Frame 9F3B 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame 9F3B 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.102.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-102-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 9F3B
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=85fe6bc4-c45b-11eb-8cb8-18969d310306&orig=video&us_privacy=1---
0
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=85fe6bc4-c45b-11eb-8cb8-18969d310306&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Thu, 03 Jun 2021 11:04:53 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12999

Redirect headers

Date
Thu, 03 Jun 2021 11:04:53 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=85fe6bc4-c45b-11eb-8cb8-18969d310306&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
127
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 09E9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66479105&crid=6166585&dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&cmcv=&pix=undefined&cb=1622718293314&uv=2978&tms=1622718293314&abt=adh5c-1_vA!ecf_vB!insc_vA!prbdsm6_vB!spa2_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9BBCAFD676198335252002118676&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame 09E9 		0
125 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66479105&crid=6166585&dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&cmcv=&pix=undefined&cb=1622718293314&uv=2978&tms=1622718293314&abt=adh5c-1_vA!ecf_vB!insc_vA!prbdsm6_vB!spa2_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9BBCAFD676198335252002118676&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.102.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-102-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 09E9
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=85feb038-c45b-11eb-a878-1e5bf6c20206&orig=video&us_privacy=1---
0
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=85feb038-c45b-11eb-a878-1e5bf6c20206&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66479105&crid=6166585&dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&cmcv=&pix=undefined&cb=1622718293314&uv=2978&tms=1622718293314&abt=adh5c-1_vA!ecf_vB!insc_vA!prbdsm6_vB!spa2_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9BBCAFD676198335252002118676&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Thu, 03 Jun 2021 11:04:53 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12933

Redirect headers

Date
Thu, 03 Jun 2021 11:04:53 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=85feb038-c45b-11eb-a878-1e5bf6c20206&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
93
Connection
keep-alive
Content-Length
0
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/29_7_8/infra/ 		724 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/29_7_8/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e5ffaa00876e9b4b6d949863a205cd5563e07e1d59db148fcd45ed7603730d5c

Request headers

Origin
https://popcornfor2.com
Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish
age
179930
x-amz-meta-mtime
1622538277
x-cache
HIT
x-amz-meta-ctime
1622538278
x-amz-meta-mode
33188
content-encoding
br
content-length
121892
x-amz-id-2
N53zxUSmTLzBTp9kHn759LwwpASZk7hwEHbMa9rBJXPV2nQxFOJfINqE3Q2UE/Vsv7Itsouf/R0=
x-served-by
cache-hhn11535-HHN
accept-ranges
bytes
last-modified
Tue, 01 Jun 2021 09:04:39 GMT
server
AmazonS3-br
x-timer
S1622718293.404675,VS0,VE0
etag
"41f0e3acb2ae2088caf6e3caae64713d"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
7P50C11ESG2GW7KX
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
260235
cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_7_8/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/29_7_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6b514da2aed798bb9c409b346194c0e2b38edfd554f412e4af2717892f5300ff

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish
age
179930
x-amz-meta-mtime
1622538295
x-cache
HIT
x-amz-meta-ctime
1622538296
x-amz-meta-mode
33188
content-encoding
br
content-length
7948
x-amz-id-2
anOzxELgCgPof53l1t30PY90aZ1m2a1tGZzvfzSx66lWzclvIKYdBWmuzig4awLkIEDzEwn4E3I=
x-served-by
cache-hhn11522-HHN
accept-ranges
bytes
last-modified
Tue, 01 Jun 2021 09:04:57 GMT
server
AmazonS3-br
x-timer
S1622718293.389019,VS0,VE0
etag
"ab667f7a75f0ca28449b3d4701aa479a"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
7P5EB2X5YCFKNNWX
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
354741
content14_10_18m.js
vidstat.taboola.com/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront), 1.1 varnish
age
2128556
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-hhn11522-HHN
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1622718293.498754,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
omj5vaGwuVO0u1DUElZ04p0xjblvLHfKzDESlIUndnM3CZOy52LCcg==
x-cache-hits
1233897
oppsula.js
vidstat.taboola.com/oppsula/1.3.8/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront), 1.1 varnish
age
2561959
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
5164
x-served-by
cache-hhn11522-HHN
last-modified
Tue, 14 Apr 2020 06:07:12 GMT
server
AmazonS3
x-timer
S1622718294.500553,VS0,VE0
etag
"328b70146f77a19d2bc0172c656d921e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
mX0WwlTmUO4x6xuR8DDLZg909FJ4TvyaVteRGEevDZZ-WfTsdjHQoQ==
x-cache-hits
4869137
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v12.3.5/ 		548 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.5/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
8613c83bfc14870ca75e75432aa71df3cd2e3d36116bbd353f06aa21a4162f01

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
via
1.1 varnish
age
180167
x-amz-meta-mtime
1622538044
x-cache
HIT
x-amz-meta-ctime
1622538061
x-amz-meta-mode
33188
content-encoding
br
content-length
114639
x-amz-id-2
HRlIZUvGTF1Q9VT5JTPozmuNdrTcgF/TM7pWLq9CDY6qw+vW/2Vtm6Yo9zMhd9vxNEUc07FkKlM=
x-served-by
cache-hhn11522-HHN
accept-ranges
bytes
last-modified
Tue, 01 Jun 2021 09:01:02 GMT
server
AmazonS3-br
x-timer
S1622718294.512513,VS0,VE0
etag
"49fdd1f2794614e3f62149f10e935020"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
XKXGG83H2ZMDCQDR
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
273549
sync
am-match.taboola.com/ Frame 8413 		411 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
c4867130456ceb9e2a8d69e5eb2bba9e349518a86945eaaeffe55289f7839c06

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=fdad47b6-456e-476c-9c4c-08e018e1622d-tuct7b23cd5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 11:04:53 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3404
analytics.js
www.google-analytics.com/ Frame B312 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.viu.com
URL: https://www.viu.com/ott/misc/widget/index.php?product_id=356293&event=th9&utm_source=popcornfor2&utm_campaign=widget&utm_medium=vdowidget&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.viu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6810
date
Thu, 03 Jun 2021 09:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 03 Jun 2021 11:11:23 GMT
generic
match.adsrvr.org/track/cmf/ Frame 8413 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:53 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame 8413 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.102.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-102-119.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 8413 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.79.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-79-35.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
truncated
/ Frame 3889 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
280c1eb4aafe9085d0cfceee2cd0c96123edce8418dd27460cdda9b9a15c9707

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3889 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1KTyyESW7YS49Nj2DiWJ8fZpO3BYd5yZRKCjCAP8RbOvoYVpJva1RQiF0c_4zEwSeXW_nHil54ZZ1UofflriEUPxWkWUs0kCZtbskP5j99fsAX97obMLLIkk-lVJnhXVdw97R68z_qTU3QuhTsbQYsmUbba5wdtkFi5fiqOs7sVx-gRzlZN4So__RKf8_fbXyYu7mRbhoMSuLcyK4P-JfGkJ4dhAklthWyciupEDhEJANH_j03oKE0UgksfVJZqVhwDYLejEjvKyDJ9-4GZXLdP2Iz3ERpLDAv7AsGr-9RNIov0kgYjAK5mfU1wNj23eadkWdU-MBiaU0jbNqF7e7Ha3J9OnGAdqYMJDeMyrm3Yc&sai=AMfl-YRLk7Wg8VtbTPTio7Ht52EAW1jdJ3SR_HwyPnJbrqG1Mc9TgTe2vF_UHEey7gw_S6gA2jVa1nTB2fyweADcODj1xtUg1FDber2UMewgXN9FR5FwJXf3sgUI1jsOYd0&sig=Cg0ArKJSzIgzBXJ3mtSVEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 03 Jun 2021 11:04:53 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 11:04:53 GMT
ic5.php
data00.adlooxtracking.com/ads/ Frame 3889 		1 B
420 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?adloox_io=1&seq=0&campagne=152&banniere=0&plat=78&adloox_transaction_id=null&bp=&visite_id=86012997842&client=adasia&ctitle=&os=&navigateur=&appname=Netscape&timezone=-120&fai=google_ads_iframe_%2F21622890900%2FTH_popcornfor2.com_pc_allsite_anchor_sticky_728x90%2F%2F970x90_0%40https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&data=-813568601ttttttttffffffttttftffffffffttttf&js=tfav_adl_152.js&commitid=5e1985b&fw=1&version=log&iframe=3&hadnxs=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&url_referrer=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&resolution=1600x1200&nb_cpu=12&nav_lang=en-US&date_regen=2021-05-20%2008%3A58%3A21&debug=7%3A%20top%20%21%3D%20window%20%26%20friendly%20-%3E%20location.href%20&ao=https%3A%2F%2Fpopcornfor2.com&fake=000000&type_crea=2&tagid=95&id11=&id1=4423307908&id2=2589796935&id3=22347107561&id4=21621840631&id5=138308776040&id20=5e1985b
Requested by
Host: as.adlooxtracking.com
URL: https://as.adlooxtracking.com/ads/js/tfav_adl_152.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.19.8 / PHP/7.4.19
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
access-control-allow-origin
https://popcornfor2.com
x-powered-by
PHP/7.4.19
route
ads-prod-68c5cc8796-6mn4h
alt-svc
clear
pragma
no-cache
server
nginx/1.19.8
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin
*
expires
0
adview
googleads.g.doubleclick.net/pagead/ Frame FCDF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4ibCVLe4YM7yDOyW1fAP57SbkAOy4LPrYpyjm7XvDIHv9qKmDxABIPeklBVglQKgAcz1rvwByAEJqQK_dzlWJD9hPqgDAaoE3gFP0Lk29wVUGAQSg2-phPmk6C2Kg9TI6rISkH_JW7zjpKxaHt4QDcMz52X0CyC8ZcRTu6udYSrtnugfZNwEFvLyOYNY8iQ-hD5y3A0ntHxJsda5iYnpdsZDTpuqfSYM-bdYMOK8uxDswMSzgQ68SzYa12RehS8507GGBtJ6BvTf7hiLVR1INu_0ugdwFmDbce0In95Z0vh6FqFJTt6DGWI01IyIpoRlLsZSXbzyDlipBxYWqDYqiFdjJTxHnuCMBRxNTFjsv9keSdRvMKuIDjyBBBLu_ecoMigNVHZDu0zABOTF4KqpA6AGLoAHnIrRgwKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQqoUB0ggJCIDhgBAQARgfgAoByAsB2BMDiBQB0BUBmBYBgBcBshcaChgIABIUcHViLTU5MDgzOTg2OTIwODYxMzg&sigh=EojkCbyQgrg&vt=1&template_id=484
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=600&slotname=6038496641&adk=1758787011&adf=3563103278&pi=t.ma~as.6038496641&w=300&fwrn=4&fwrnh=100&lmt=1622718292&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718292082&bpp=3&bdt=1456&idt=89&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=1320941389&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=990&ady=390&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=QD4QQdvFq9&p=https%3A//popcornfor2.com&dtd=93
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 03 Jun 2021 11:04:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FCDF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqpGhIe7jr4FwsZuiGah_7B5pn0lL0J6KwcOGagLvcIfWWVxO_dHX2-cyzPMY3Eep_pTZLSpTYShfN6NfD-W0_PNSH-loxCHOwSX2PjZRFlFVIUW5ChFSlXkIBmA&sai=AMfl-YTSlAXe2RDV5HJdB3GxHGfqwV8IwGX4E1_qhGA2WY01VANeBgpQeWKPx4x3TP-ErfDFZBwWMaFsrte3&sig=Cg0ArKJSzJiz92mLLJYLEAE&id=lidar2&mcvt=1045&p=390,990,990,1290&mtos=1045,1045,1045,1045,1045&tos=1045,0,0,0,0&v=20210602&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1758787011&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622718292177&dlt=454&rpt=74&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 11:04:53 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 158F 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/2d982c6f-d025-4935-b59d-f601cf322314?loc=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08c7f7a74db8d5c95b02d7800149a7e9f0a45e85a4b5180ffda161b4854e9568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"891 / 755 of 1000 / last-modified: 1622713237"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21317
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:53 GMT
collect.php
data.adop.cc/ Frame 158F 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adop.cc/collect.php?log=com_imp&dt=20210603110453&aid=4be6dc25-5707-4778-9800-5a859435dada&zid=2d982c6f-d025-4935-b59d-f601cf322314&r=7ianVNK
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.165.52.101 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-165-52-101.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
pubads_impl_2021052601.js
securepubads.g.doubleclick.net/gpt/ Frame 158F 		311 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 08:37:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111649
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:53 GMT
bulk
trc.taboola.com/popcornfor2/log/3/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/popcornfor2/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=10
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210602-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
11
pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
via
1.1 varnish
server
nginx
x-timer
S1622718294.002445,VS0,VE11
x-served-by
cache-hhn11522-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
integrator.js
adservice.google.de/adsid/ Frame 158F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=popcornfor2.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 158F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=popcornfor2.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 158F 		30 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=195656016986172&correlator=1459256834212419&output=ldjh&impl=fifs&eid=31061340%2C31060990%2C31060839&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210603&iu_parts=223513049%2Cadopthailand%2Cpopcornfor2_r_content_336x280&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=336x280&eri=4&cookie_enabled=1&cdm=popcornfor2.com&bc=31&abxe=1&dt=1622718294034&dlt=1622718293183&idt=844&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=325&adys=4671&adks=2169849978&ucis=oaxoi43zmjyu&ifi=1&ifk=3395018922&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=www.popcornfor2.com&loc=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&top=popcornfor2.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x0&msz=336x0&ga_vid=995446333.1622718294&ga_sid=1622718294&ga_hid=808656203&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
55624acb75615cb7584e40fdb950ccdf7c827d62b74f84d969152000086a25d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12355
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 158F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
25573
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19181-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1622718294.051749,VS0,VE0
date
Thu, 03 Jun 2021 11:04:54 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
94
x-cache-hits
14724
container.html
ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 965F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 03 Jun 2021 11:04:54 GMT
expires
Fri, 03 Jun 2022 11:04:54 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 158F 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622656037121142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28114
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:54 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6EE0 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZsc-ZATAB&v=APEucNVmtkbVErFs_bn0QGK1XB6E1ZPRnwB1LmpJVdik1EqhCc9nIRTJCEYc4hmU-HGgRnr6yuJBaI6_icHhlP2Q38OnjnQVyccI5GWSX1RiLKYJ0hUsgM9GkkqoeIXlNJ345nLV08nOXBrLeJ9ocW6dDUA9oQQHNn9PSXSrpZS9grXOJ4V0pJQ
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CJfnugEQw7j0ARjZsc-ZATAB&v=APEucNVmtkbVErFs_bn0QGK1XB6E1ZPRnwB1LmpJVdik1EqhCc9nIRTJCEYc4hmU-HGgRnr6yuJBaI6_icHhlP2Q38OnjnQVyccI5GWSX1RiLKYJ0hUsgM9GkkqoeIXlNJ345nLV08nOXBrLeJ9ocW6dDUA9oQQHNn9PSXSrpZS9grXOJ4V0pJQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl11f4K4hH0UiOVzs4hhavzovLKasvAPqhHT6Ps4M831lNiTpXM-2LJqsWCLro
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 03 Jun 2021 11:04:54 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 275E 		24 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhOQd_ednjUlnPW-GKy1hKb5U52h5Qow97hu_OE7xThMpfIe32H30_nR9glz_vQDdKUnPZVe3Mu_psoEddUPovYyRn8DpY-74CPoeEcB-YNOBALLl6xeRgE7IzLjnB44H6EYZjTZoMGgxM6ixeKswO8croeg&cry=1&dbm_d=AKAmf-A1HM_HOLdmdpNM4AEDzhOUI3ScqOvDaoyMPgY02H3i8uqMOWwTg4q7kepJ0U8M5XT86sIh88b1EnQ8klE0BePJuvrQaiq8DoZuIysalEQ3TnA0sKe3I5vFq0yhZXc7ZGYb74cQqwbrc-mRw-CoGhelb4Lxg3xeg2djRhrY2LbrqCH28TQ_BX6DNXs9cuQxB07vvI6lOBJ5ChuU-xn8C_VpolF1EJHYpb7Dx5Ymoy4dHikZow8wTX2YiExQFLZWr5HNvVF2FtZOvNA-hSuUf-Ha6d5iB8X_91Mhqn1_4KHhkXBm2qM44ALhZpuS02vVZC5eSsC60SV5X38n_yHOjfsRhtih1RaZgeuKqt2j03G-2rM70IRGt8u9vypH4L4z-eNEZ6r4q9tMPm6MARuWrTQzz1oA_SvH4DD9pxGWuoXK1JvYBv4TGJo9QVN-L0ZYIxFArRgSBYfm5azNvNig7U2iCUGmYgkKg0BUqk2SbQH_UsWx6BfawpRJCtGKbHJI6oPIbH5r1ZEKZ4flqE7x8H-Sw7H-WaGqIbpFwfbs_HYmZjheIK_X0ERmKe01jIT70YFF3mMLqpaxtERedCEpcGqATUz_btYghb1rie9JdBEOAGE_-ihvIPC2uxCA4pvg3EK3vtKiknM-egSh9m73PLkwoWZ4mp6nTPnG0HLDCQ43zWe9YC4kGy3SYIgbx_CPBBmqdUC3Ebbh6f7aSTjAtfC-DHB_TQG85ffSZwp24EzPBYj-vfrdxEFg0lWH0Cksj946B5OgE01VMhdvGDdpAk4nBNOLapLc_sfVF4Gf1UWtxv5vhv6fUO7aGaZKDb4f-ISny-53w9f2zId2Mmo_4MPVczXiDsnoAeQgGeZQOwONgEeaHEAzr3xo2yaA2etOBtGbNudeWT62LtRlDU7IDMp9NIFuMNhs-OEaeFrpaJb5b8FE8NSaL7bZW8lutk78oqdm4_J6CaKWficMMLZvle86c6C-Z0z8IWEKW8zI-7zk5WI0w-f06imQvilLAsjxogcI6In6hgXSK7bf7ojWSXAeZgKJcbcPQGCVM_6RiOBpRzSutWPKfPW12I3hiPXbPpMWluAkpzvL4W1zV4gE2zptkzPALwjQM29lqHm0UCaggFrEim3vpRDuNt4tCwKe1k0ErnZXrf3nZFLQGDWxumvNVNv6wiWPqwwVsNmSvjVQINWYY5bm7xgnjAaeNtO4f0uoZE-mIBiR-1w0NH7jJ1tEc-xAjnT7VLBUEQKK6mZU5AslNcqauDznC2SQa58G3Dq88m2Cp_bQ3RwqaSNQ-2mwJzYldcTA5ZHMPtcHvYeGKXkALlan7Yi35yN4BSP5rruejQbz1F2CwmkroyubejLCd1U7XPPONydpvt2EYdKpaNQibTnfBXt88pyKDWiYxLeuzzazfoodw8_zS32MDf0ThzbePJGcC2sqNhw0Dz1fxogrXQTTI8dk9o7q3bt_fobb9RBx4ngt6RxTk-VvwRujeDZ1QfMI7a04DGMvXsuZuRpLqA9D1YlYDRAnNbcoq-epx61iJBbcAA_xFMcOSFvBo7fVNZI96-oHJG9l0f1_lFMCZWEpDG8WSzLsAPqPkY2uEFIsWG2RcQWGZenhZ48M7x4RlmVd6aCkpfTcsin6Q4EBS7rEXciU9IJZyIcorTYH4xje2Me3KVDuuLb_D0myLpBRdNtniT9BmN5mh9-LVqb_GMgZZLhELWl3mx4KL-OiBo3C_QfIf-gTV77Qlabx9thDYRs_lpbTShU61Po5h3Tlr1YuqWr1D3vrOFsWa_GGMxohF7DmLkNUkUJNISlor4-1xR02MjIAlttTM9WgR-_QQctEPut7XGkcGuV0r20f1aCnHZO6Tc0wuSvRR-stGeccDRtP6LdYEi-_Vx7m25bO396wKwWNwzepvkuXEVrR8kwmPioyDnKtlxatymkNJuo43H4IBXQno0xQUWLXlX4kl0I46A7lHyDIZs4LBNoHW24Dw9I_Fw5_if03Ee0uhEOHxUyLWsHPwUOgPqRXp715d5uSqyAwZcooRlOYi7wTnB1mrpxqYI3a2pgM4IfSbEKrpcZHX1D6S_j8D3tUBczQntYqzqn4aDqaXCyzNsEIPDLPrIrt2A6XzDOTJ4lgPtjKfToUVbjjs4S3q7n79ZaD28jD9E-qfV8Fy02XtonlipUCM-2PuzBM1vamfJERAP2dcU-WL1LGKKMdWbc9FGSoXBYUPfrhVgwiE5imSK0trZGi8aQ5cjS2TFfhqN_NjoVJzfVRGgL5DwUZk9K5jJkN7lOjBphFUUoSAgsK4z7EkmUPBzDL1rNcvbO2gVhB0KuPnjHnz63Lp5mg77WQveXtOCJhXFekj9zTC30TmZmsoovK1kyUWx8wT4f0j6bAAZ1hFheAaBBFs_nuW8rZ1-FQZkCELgLGcflYZibgeZnMkUPal1FHaTWE7tafNDw4n-5QOT8usPy1GfpsBHzEIFXo8Ceb7lOIgJ_XnrldfqVuSC7tWj_vKiKqhz-VYAwcxM2Bs9n4q-c5-9U1ug5bW__mLJi--mussoVgW1sUgzGqGUngCUYV6qzZ5iZW6O5rKVp0vGqh-e00zITHlRMwITBk1w4SwEPvio5wrOnGE9eJkRlkXHPK0T2rpTvc616i8LrUxUScBno8H-avp81Rir4rCPulLcty2AktWOV5ypwWAwVU5OTqlvOWAlyamzMTu33seCRTT2Sco0_8tSc2cDpXnos4YKJozT1YdpgbkQdLNT3ZSIxRZiv4tBAb9j5Z70XlZCuWFpWnlmZoX3k0MPFY3cVMx3GDCDrz-Pb2uDxSIEpJCZcbmrzCbOfk9glBsYvlZW04EyzUsY3Qs5gmlUxXpH88GHnmLsSMdUOUlJeOKiHtmjuWMupZJNrgMuy1Y-h75QFivQoELvwVs9cGWK68tlYgn_O1Bu7PZiK3cBYmDDw0o3QIXYx3T7AorhRhRuq4jIV1U0RJ7i1uQu5T2MgXmr5e7WjGcrPfs75v2joFws5dDqkPZb3eg57fI6I62nD3T_jix3aKldKWnzrTJGFGJ663nGfAuwtflmBgBaGGdzlc5BGOtuSiBzY6oBkD0HFEI5rTMCEmGpxRzJDW9B1pYKs&cid=CAASEuRoDUjnjEBlxkN6JAl94RAlOg&rfl=4%2Chttps%253A%252F%252Fpopcornfor2.com%242%2C%2Chttps%253A%252F%252Fpopcornfor2.com%252F%240
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c66ece65aa11af6bbe270d2504741725c280a2a644dba5480644ed136dafa0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12119
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 275E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4229116&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gAT_Trss4JpB3KY3C93jyC&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322164953&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=27288803037&turl=www.popcornfor2.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b6b0cae917b7cab30c559158025a1bbd5d2a026aa792934722b30e075abdf65f

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 11:04:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 May 2021 11:07:16 GMT
Server
Microsoft-IIS/10.0
ETag
"11a0951dd56d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvtp_src.js
cdn.doubleverify.com/ Frame 275E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gAT_Trss4JpB3KY3C93jyC&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322164953&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=27288803037&turl=www.popcornfor2.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b7f66a926061e968da66d7fb4d87e45c24dc934a20ff0abfa636a1b3ecd91cec

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 11:04:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 13:00:44 GMT
Server
Microsoft-IIS/10.0
ETag
"0a6324caf57d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3195
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 275E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:01:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 11:01:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 275E 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622656031336809"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37735
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 275E 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 11:01:14 GMT
l
www.google.com/ads/measurement/ Frame 275E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvMJdqQdvcHURXtCrha7D4E3fszsvH-OxgJMlHXVzZ32w-28Aoit8kHHIr2AIVBO368_Br0k0TYsr5WWNLZ3tt0VwDTA
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 275E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ClOzMBePlN4AW9SkUxXwwidFlgN5LSalEz7Yqts4a_yFoaT9SKXXtpB4yZB2Yw5_FiAzSifJMKNAaj-9OpWoBwGq25nczF3nanFdzvB8fde8rsdTQ
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6EE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFOVZ7-LWMRhUcvx_Fgj0FU&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFOVZ7-LWMRhUcvx_Fgj0FU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZsc-ZATAB&v=APEucNVmtkbVErFs_bn0QGK1XB6E1ZPRnwB1LmpJVdik1EqhCc9nIRTJCEYc4hmU-HGgRnr6yuJBaI6_icHhlP2Q38OnjnQVyccI5GWSX1RiLKYJ0hUsgM9GkkqoeIXlNJ345nLV08nOXBrLeJ9ocW6dDUA9oQQHNn9PSXSrpZS9grXOJ4V0pJQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 03 Jun 2021 11:04:54 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFOVZ7-LWMRhUcvx_Fgj0FU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6EE0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLi3VuvTpQybyF-dGHd8iAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFOVZ7-LWMRhUcvx_Fgj0FU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFOVZ7-LWMRhUcvx_Fgj0FU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZsc-ZATAB&v=APEucNVmtkbVErFs_bn0QGK1XB6E1ZPRnwB1LmpJVdik1EqhCc9nIRTJCEYc4hmU-HGgRnr6yuJBaI6_icHhlP2Q38OnjnQVyccI5GWSX1RiLKYJ0hUsgM9GkkqoeIXlNJ345nLV08nOXBrLeJ9ocW6dDUA9oQQHNn9PSXSrpZS9grXOJ4V0pJQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 03 Jun 2021 11:04:54 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFOVZ7-LWMRhUcvx_Fgj0FU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6EE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBB3z8Bl1azC5JTI0T39nLg&google_cver=1
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBB3z8Bl1azC5JTI0T39nLg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZsc-ZATAB&v=APEucNVmtkbVErFs_bn0QGK1XB6E1ZPRnwB1LmpJVdik1EqhCc9nIRTJCEYc4hmU-HGgRnr6yuJBaI6_icHhlP2Q38OnjnQVyccI5GWSX1RiLKYJ0hUsgM9GkkqoeIXlNJ345nLV08nOXBrLeJ9ocW6dDUA9oQQHNn9PSXSrpZS9grXOJ4V0pJQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:54 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.242:80
AN-X-Request-Uuid
330b21a9-008a-4023-a10c-36ab5a0d2392
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBB3z8Bl1azC5JTI0T39nLg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6EE0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyOTcwNzEyMjE2MjY3NTE1MQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyOTcwNzEyMjE2MjY3NTE1MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZsc-ZATAB&v=APEucNVmtkbVErFs_bn0QGK1XB6E1ZPRnwB1LmpJVdik1EqhCc9nIRTJCEYc4hmU-HGgRnr6yuJBaI6_icHhlP2Q38OnjnQVyccI5GWSX1RiLKYJ0hUsgM9GkkqoeIXlNJ345nLV08nOXBrLeJ9ocW6dDUA9oQQHNn9PSXSrpZS9grXOJ4V0pJQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:54 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.83:80
AN-X-Request-Uuid
df50ab13-7b59-4c53-ab54-b3812c1b896f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyOTcwNzEyMjE2MjY3NTE1MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame 275E 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhOQd_ednjUlnPW-GKy1hKb5U52h5Qow97hu_OE7xThMpfIe32H30_nR9glz_vQDdKUnPZVe3Mu_psoEddUPovYyRn8DpY-74CPoeEcB-YNOBALLl6xeRgE7IzLjnB44H6EYZjTZoMGgxM6ixeKswO8croeg&cry=1&dbm_d=AKAmf-A1HM_HOLdmdpNM4AEDzhOUI3ScqOvDaoyMPgY02H3i8uqMOWwTg4q7kepJ0U8M5XT86sIh88b1EnQ8klE0BePJuvrQaiq8DoZuIysalEQ3TnA0sKe3I5vFq0yhZXc7ZGYb74cQqwbrc-mRw-CoGhelb4Lxg3xeg2djRhrY2LbrqCH28TQ_BX6DNXs9cuQxB07vvI6lOBJ5ChuU-xn8C_VpolF1EJHYpb7Dx5Ymoy4dHikZow8wTX2YiExQFLZWr5HNvVF2FtZOvNA-hSuUf-Ha6d5iB8X_91Mhqn1_4KHhkXBm2qM44ALhZpuS02vVZC5eSsC60SV5X38n_yHOjfsRhtih1RaZgeuKqt2j03G-2rM70IRGt8u9vypH4L4z-eNEZ6r4q9tMPm6MARuWrTQzz1oA_SvH4DD9pxGWuoXK1JvYBv4TGJo9QVN-L0ZYIxFArRgSBYfm5azNvNig7U2iCUGmYgkKg0BUqk2SbQH_UsWx6BfawpRJCtGKbHJI6oPIbH5r1ZEKZ4flqE7x8H-Sw7H-WaGqIbpFwfbs_HYmZjheIK_X0ERmKe01jIT70YFF3mMLqpaxtERedCEpcGqATUz_btYghb1rie9JdBEOAGE_-ihvIPC2uxCA4pvg3EK3vtKiknM-egSh9m73PLkwoWZ4mp6nTPnG0HLDCQ43zWe9YC4kGy3SYIgbx_CPBBmqdUC3Ebbh6f7aSTjAtfC-DHB_TQG85ffSZwp24EzPBYj-vfrdxEFg0lWH0Cksj946B5OgE01VMhdvGDdpAk4nBNOLapLc_sfVF4Gf1UWtxv5vhv6fUO7aGaZKDb4f-ISny-53w9f2zId2Mmo_4MPVczXiDsnoAeQgGeZQOwONgEeaHEAzr3xo2yaA2etOBtGbNudeWT62LtRlDU7IDMp9NIFuMNhs-OEaeFrpaJb5b8FE8NSaL7bZW8lutk78oqdm4_J6CaKWficMMLZvle86c6C-Z0z8IWEKW8zI-7zk5WI0w-f06imQvilLAsjxogcI6In6hgXSK7bf7ojWSXAeZgKJcbcPQGCVM_6RiOBpRzSutWPKfPW12I3hiPXbPpMWluAkpzvL4W1zV4gE2zptkzPALwjQM29lqHm0UCaggFrEim3vpRDuNt4tCwKe1k0ErnZXrf3nZFLQGDWxumvNVNv6wiWPqwwVsNmSvjVQINWYY5bm7xgnjAaeNtO4f0uoZE-mIBiR-1w0NH7jJ1tEc-xAjnT7VLBUEQKK6mZU5AslNcqauDznC2SQa58G3Dq88m2Cp_bQ3RwqaSNQ-2mwJzYldcTA5ZHMPtcHvYeGKXkALlan7Yi35yN4BSP5rruejQbz1F2CwmkroyubejLCd1U7XPPONydpvt2EYdKpaNQibTnfBXt88pyKDWiYxLeuzzazfoodw8_zS32MDf0ThzbePJGcC2sqNhw0Dz1fxogrXQTTI8dk9o7q3bt_fobb9RBx4ngt6RxTk-VvwRujeDZ1QfMI7a04DGMvXsuZuRpLqA9D1YlYDRAnNbcoq-epx61iJBbcAA_xFMcOSFvBo7fVNZI96-oHJG9l0f1_lFMCZWEpDG8WSzLsAPqPkY2uEFIsWG2RcQWGZenhZ48M7x4RlmVd6aCkpfTcsin6Q4EBS7rEXciU9IJZyIcorTYH4xje2Me3KVDuuLb_D0myLpBRdNtniT9BmN5mh9-LVqb_GMgZZLhELWl3mx4KL-OiBo3C_QfIf-gTV77Qlabx9thDYRs_lpbTShU61Po5h3Tlr1YuqWr1D3vrOFsWa_GGMxohF7DmLkNUkUJNISlor4-1xR02MjIAlttTM9WgR-_QQctEPut7XGkcGuV0r20f1aCnHZO6Tc0wuSvRR-stGeccDRtP6LdYEi-_Vx7m25bO396wKwWNwzepvkuXEVrR8kwmPioyDnKtlxatymkNJuo43H4IBXQno0xQUWLXlX4kl0I46A7lHyDIZs4LBNoHW24Dw9I_Fw5_if03Ee0uhEOHxUyLWsHPwUOgPqRXp715d5uSqyAwZcooRlOYi7wTnB1mrpxqYI3a2pgM4IfSbEKrpcZHX1D6S_j8D3tUBczQntYqzqn4aDqaXCyzNsEIPDLPrIrt2A6XzDOTJ4lgPtjKfToUVbjjs4S3q7n79ZaD28jD9E-qfV8Fy02XtonlipUCM-2PuzBM1vamfJERAP2dcU-WL1LGKKMdWbc9FGSoXBYUPfrhVgwiE5imSK0trZGi8aQ5cjS2TFfhqN_NjoVJzfVRGgL5DwUZk9K5jJkN7lOjBphFUUoSAgsK4z7EkmUPBzDL1rNcvbO2gVhB0KuPnjHnz63Lp5mg77WQveXtOCJhXFekj9zTC30TmZmsoovK1kyUWx8wT4f0j6bAAZ1hFheAaBBFs_nuW8rZ1-FQZkCELgLGcflYZibgeZnMkUPal1FHaTWE7tafNDw4n-5QOT8usPy1GfpsBHzEIFXo8Ceb7lOIgJ_XnrldfqVuSC7tWj_vKiKqhz-VYAwcxM2Bs9n4q-c5-9U1ug5bW__mLJi--mussoVgW1sUgzGqGUngCUYV6qzZ5iZW6O5rKVp0vGqh-e00zITHlRMwITBk1w4SwEPvio5wrOnGE9eJkRlkXHPK0T2rpTvc616i8LrUxUScBno8H-avp81Rir4rCPulLcty2AktWOV5ypwWAwVU5OTqlvOWAlyamzMTu33seCRTT2Sco0_8tSc2cDpXnos4YKJozT1YdpgbkQdLNT3ZSIxRZiv4tBAb9j5Z70XlZCuWFpWnlmZoX3k0MPFY3cVMx3GDCDrz-Pb2uDxSIEpJCZcbmrzCbOfk9glBsYvlZW04EyzUsY3Qs5gmlUxXpH88GHnmLsSMdUOUlJeOKiHtmjuWMupZJNrgMuy1Y-h75QFivQoELvwVs9cGWK68tlYgn_O1Bu7PZiK3cBYmDDw0o3QIXYx3T7AorhRhRuq4jIV1U0RJ7i1uQu5T2MgXmr5e7WjGcrPfs75v2joFws5dDqkPZb3eg57fI6I62nD3T_jix3aKldKWnzrTJGFGJ663nGfAuwtflmBgBaGGdzlc5BGOtuSiBzY6oBkD0HFEI5rTMCEmGpxRzJDW9B1pYKs&cid=CAASEuRoDUjnjEBlxkN6JAl94RAlOg&rfl=4%2Chttps%253A%252F%252Fpopcornfor2.com%242%2C%2Chttps%253A%252F%252Fpopcornfor2.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b98a31a2e279e9ddc8c68c0f0d35a03fd6cabb0d4fe7cce8b5ea0f3d1f7c5bf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 10:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
808
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8608
x-xss-protection
0
server
cafe
etag
13843236118941462489
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 10:51:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 275E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhOQd_ednjUlnPW-GKy1hKb5U52h5Qow97hu_OE7xThMpfIe32H30_nR9glz_vQDdKUnPZVe3Mu_psoEddUPovYyRn8DpY-74CPoeEcB-YNOBALLl6xeRgE7IzLjnB44H6EYZjTZoMGgxM6ixeKswO8croeg&cry=1&dbm_d=AKAmf-A1HM_HOLdmdpNM4AEDzhOUI3ScqOvDaoyMPgY02H3i8uqMOWwTg4q7kepJ0U8M5XT86sIh88b1EnQ8klE0BePJuvrQaiq8DoZuIysalEQ3TnA0sKe3I5vFq0yhZXc7ZGYb74cQqwbrc-mRw-CoGhelb4Lxg3xeg2djRhrY2LbrqCH28TQ_BX6DNXs9cuQxB07vvI6lOBJ5ChuU-xn8C_VpolF1EJHYpb7Dx5Ymoy4dHikZow8wTX2YiExQFLZWr5HNvVF2FtZOvNA-hSuUf-Ha6d5iB8X_91Mhqn1_4KHhkXBm2qM44ALhZpuS02vVZC5eSsC60SV5X38n_yHOjfsRhtih1RaZgeuKqt2j03G-2rM70IRGt8u9vypH4L4z-eNEZ6r4q9tMPm6MARuWrTQzz1oA_SvH4DD9pxGWuoXK1JvYBv4TGJo9QVN-L0ZYIxFArRgSBYfm5azNvNig7U2iCUGmYgkKg0BUqk2SbQH_UsWx6BfawpRJCtGKbHJI6oPIbH5r1ZEKZ4flqE7x8H-Sw7H-WaGqIbpFwfbs_HYmZjheIK_X0ERmKe01jIT70YFF3mMLqpaxtERedCEpcGqATUz_btYghb1rie9JdBEOAGE_-ihvIPC2uxCA4pvg3EK3vtKiknM-egSh9m73PLkwoWZ4mp6nTPnG0HLDCQ43zWe9YC4kGy3SYIgbx_CPBBmqdUC3Ebbh6f7aSTjAtfC-DHB_TQG85ffSZwp24EzPBYj-vfrdxEFg0lWH0Cksj946B5OgE01VMhdvGDdpAk4nBNOLapLc_sfVF4Gf1UWtxv5vhv6fUO7aGaZKDb4f-ISny-53w9f2zId2Mmo_4MPVczXiDsnoAeQgGeZQOwONgEeaHEAzr3xo2yaA2etOBtGbNudeWT62LtRlDU7IDMp9NIFuMNhs-OEaeFrpaJb5b8FE8NSaL7bZW8lutk78oqdm4_J6CaKWficMMLZvle86c6C-Z0z8IWEKW8zI-7zk5WI0w-f06imQvilLAsjxogcI6In6hgXSK7bf7ojWSXAeZgKJcbcPQGCVM_6RiOBpRzSutWPKfPW12I3hiPXbPpMWluAkpzvL4W1zV4gE2zptkzPALwjQM29lqHm0UCaggFrEim3vpRDuNt4tCwKe1k0ErnZXrf3nZFLQGDWxumvNVNv6wiWPqwwVsNmSvjVQINWYY5bm7xgnjAaeNtO4f0uoZE-mIBiR-1w0NH7jJ1tEc-xAjnT7VLBUEQKK6mZU5AslNcqauDznC2SQa58G3Dq88m2Cp_bQ3RwqaSNQ-2mwJzYldcTA5ZHMPtcHvYeGKXkALlan7Yi35yN4BSP5rruejQbz1F2CwmkroyubejLCd1U7XPPONydpvt2EYdKpaNQibTnfBXt88pyKDWiYxLeuzzazfoodw8_zS32MDf0ThzbePJGcC2sqNhw0Dz1fxogrXQTTI8dk9o7q3bt_fobb9RBx4ngt6RxTk-VvwRujeDZ1QfMI7a04DGMvXsuZuRpLqA9D1YlYDRAnNbcoq-epx61iJBbcAA_xFMcOSFvBo7fVNZI96-oHJG9l0f1_lFMCZWEpDG8WSzLsAPqPkY2uEFIsWG2RcQWGZenhZ48M7x4RlmVd6aCkpfTcsin6Q4EBS7rEXciU9IJZyIcorTYH4xje2Me3KVDuuLb_D0myLpBRdNtniT9BmN5mh9-LVqb_GMgZZLhELWl3mx4KL-OiBo3C_QfIf-gTV77Qlabx9thDYRs_lpbTShU61Po5h3Tlr1YuqWr1D3vrOFsWa_GGMxohF7DmLkNUkUJNISlor4-1xR02MjIAlttTM9WgR-_QQctEPut7XGkcGuV0r20f1aCnHZO6Tc0wuSvRR-stGeccDRtP6LdYEi-_Vx7m25bO396wKwWNwzepvkuXEVrR8kwmPioyDnKtlxatymkNJuo43H4IBXQno0xQUWLXlX4kl0I46A7lHyDIZs4LBNoHW24Dw9I_Fw5_if03Ee0uhEOHxUyLWsHPwUOgPqRXp715d5uSqyAwZcooRlOYi7wTnB1mrpxqYI3a2pgM4IfSbEKrpcZHX1D6S_j8D3tUBczQntYqzqn4aDqaXCyzNsEIPDLPrIrt2A6XzDOTJ4lgPtjKfToUVbjjs4S3q7n79ZaD28jD9E-qfV8Fy02XtonlipUCM-2PuzBM1vamfJERAP2dcU-WL1LGKKMdWbc9FGSoXBYUPfrhVgwiE5imSK0trZGi8aQ5cjS2TFfhqN_NjoVJzfVRGgL5DwUZk9K5jJkN7lOjBphFUUoSAgsK4z7EkmUPBzDL1rNcvbO2gVhB0KuPnjHnz63Lp5mg77WQveXtOCJhXFekj9zTC30TmZmsoovK1kyUWx8wT4f0j6bAAZ1hFheAaBBFs_nuW8rZ1-FQZkCELgLGcflYZibgeZnMkUPal1FHaTWE7tafNDw4n-5QOT8usPy1GfpsBHzEIFXo8Ceb7lOIgJ_XnrldfqVuSC7tWj_vKiKqhz-VYAwcxM2Bs9n4q-c5-9U1ug5bW__mLJi--mussoVgW1sUgzGqGUngCUYV6qzZ5iZW6O5rKVp0vGqh-e00zITHlRMwITBk1w4SwEPvio5wrOnGE9eJkRlkXHPK0T2rpTvc616i8LrUxUScBno8H-avp81Rir4rCPulLcty2AktWOV5ypwWAwVU5OTqlvOWAlyamzMTu33seCRTT2Sco0_8tSc2cDpXnos4YKJozT1YdpgbkQdLNT3ZSIxRZiv4tBAb9j5Z70XlZCuWFpWnlmZoX3k0MPFY3cVMx3GDCDrz-Pb2uDxSIEpJCZcbmrzCbOfk9glBsYvlZW04EyzUsY3Qs5gmlUxXpH88GHnmLsSMdUOUlJeOKiHtmjuWMupZJNrgMuy1Y-h75QFivQoELvwVs9cGWK68tlYgn_O1Bu7PZiK3cBYmDDw0o3QIXYx3T7AorhRhRuq4jIV1U0RJ7i1uQu5T2MgXmr5e7WjGcrPfs75v2joFws5dDqkPZb3eg57fI6I62nD3T_jix3aKldKWnzrTJGFGJ663nGfAuwtflmBgBaGGdzlc5BGOtuSiBzY6oBkD0HFEI5rTMCEmGpxRzJDW9B1pYKs&cid=CAASEuRoDUjnjEBlxkN6JAl94RAlOg&rfl=4%2Chttps%253A%252F%252Fpopcornfor2.com%242%2C%2Chttps%253A%252F%252Fpopcornfor2.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
122633
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 01:01:01 GMT
dvbs_src_internal92.js
cdn.doubleverify.com/ Frame 275E 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal92.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4229116&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gAT_Trss4JpB3KY3C93jyC&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322164953&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=27288803037&turl=www.popcornfor2.com/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e58c7574cfd80a0be2e2368f3313ab30ac688f14d078a367ed45ffc03b51bf71

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 11:04:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 May 2021 11:07:30 GMT
Server
Microsoft-IIS/10.0
ETag
"05d525d56d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19061
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7EAB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 01 Jun 2021 08:57:58 GMT
expires
Wed, 01 Jun 2022 08:57:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
180416
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bst2tv3.html
cdn3.doubleverify.com/ Frame 44B5 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal92.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:488::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=68359
Date
Thu, 03 Jun 2021 11:04:54 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame 275E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_286289380164&jsTagObjCallback=__tagObject_callback_286289380164&num=6&ctx=1828362&cmp=115845&plc=4229116&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=286289380164&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.20&dvpx_strhd=0.20&brid=0&brver=&bridua=3&dup=null&turl=www.popcornfor2.com/&chro=0&hist=3&winh=280&winw=336&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=2&ssl=1&refD=4&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gAT_Trss4JpB3KY3C93jyC&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322164953&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=27288803037&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=4&m1=13&noc=12&fcifrms=16&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=140&eparams=DC4FC%3Dl9EEADTbpTauTauA%40A4%40C%3F7%40Ca%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauA%40A4%40C%3F7%40Ca%5D4%40%3ETar9EEADTbpTauTauA%40A4%40C%3F7%40Ca%5D4%40%3ETar9EEADTbpTauTauA%40A4%40C%3F7%40Ca%5D4%40%3ETar9EEADTbpTauTau77a2cgefecg536_6_eg653___b33%60e4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau77a2cgefecg536_6_eg653___b33%60e4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau77a2cgefecg536_6_eg653___b33%60e4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauD2767C2%3E6Tau%60%5C_%5CbgTau9E%3E%3DTau4%40%3FE2%3A%3F6C%5D9E%3E%3DTbu%3FTbsa&dvp_exetime=12.60
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal92.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2647dcd0adee2f197a77bcae03fb4e10deb16fb9154b3badf002ba2099689ee5

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Date
Thu, 03 Jun 2021 11:04:53 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
6/2/2021 11:04:54 AM
dv-match6.js
cdn.doubleverify.com/ Frame 3334 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 11:04:54 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31717
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame 7EAB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 06:35:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 06:35:09 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 275E 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal92.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a41961e0d9a6bd44051bc60fdaab657e7e86e23e8c3a859540c0999a70449079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3753
x-xss-protection
0
last-modified
Wed, 02 Jun 2021 17:38:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 03 Jun 2021 12:03:53 GMT
bsevent.gif
tps20515.doubleverify.com/ Frame 275E 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20515.doubleverify.com/bsevent.gif?impid=968e71840126479fb71c1afce684de18&dvp_or2=1&cbust=1622718294710374
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:53 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
6/2/2021 11:04:54 AM
query.gif
sync.doubleverify.com/ Frame 275E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&google_hm=**&cbust=1622718294711296
  • https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1622718294711296&google_hm=2&google_gid=CAESED2mVvyaTRAFUIFuKIpSdH4&google_cver=1&google_ula=7327243,0
807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1622718294711296&google_hm=2&google_gid=CAESED2mVvyaTRAFUIFuKIpSdH4&google_cver=1&google_ula=7327243,0
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:53 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
6/2/2021 11:04:54 AM

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1622718294711296&google_hm=2&google_gid=CAESED2mVvyaTRAFUIFuKIpSdH4&google_cver=1&google_ula=7327243,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
392
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3889 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8pWl-q23tGSFTP1uKl5-j2WECqO7L8bkYsQtQmzBer6P_z0Qk_TPXNsuUVx7ZU0denlkfVKMLJkAm2Y703QZwQQpyABDBq--rlXggooA&sig=Cg0ArKJSzAf8iELnPO9CEAE&id=lidar2&mcvt=1002&p=1110,315,1200,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210602&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1246830150&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622718292821&dlt=0&rpt=888&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl_v72.js
www.googletagservices.com/dcm/ Frame 275E 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v72.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f630a191b479def3ee0f7408cfec54c5e6cad83fec65155d68ef83dcd381714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 03:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 May 2021 20:34:47 GMT
server
sffe
age
115095
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15545
x-xss-protection
0
expires
Thu, 02 Jun 2022 03:06:39 GMT
B10224936.280232945;dc_ver=72.211;sz=300x250;u_sd=1;dc_adk=2536364250;ord=bhijrp;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=4,https%3A%2F%2Fpopcornfor2.com$2,,https%3A%2F...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 275E 		34 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=72.211;sz=300x250;u_sd=1;dc_adk=2536364250;ord=bhijrp;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=4,https%3A%2F%2Fpopcornfor2.com$2,,https%3A%2F%2Fpopcornfor2.com%2F$0;xdt=1;crlt=Da0aMNP0R2;osda=2;sttr=23;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v72.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
f35d7d396b9f92bdf60aaa0f6f14a0182b09a25783b5c26b03f47cf59efbfd68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17728
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7EAB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsxxOVre4YLLaId2q3gO9i7WwCwAAAAA4AeAEAg&bg=!REelRwPNAAaMan2LjGo7ACkAdvg8Wp8lJHV1Fu1n9-F9G8U46Ve-HCL7tKNx1Sng1dMGbULomRs_DgIAAABKUgAAAAxoAQeZAxzFK7Z2yrT8L6TxJcpVrpxLFBeQqIG8-FePI_gjsh_x2eU45WUcxfFrI-1mN_gbWdLJUpWtScGZoz5Tj_mD65bCOw1qxUhSwB6pAB5KKKnjbV_wxQCC6S4wrWAEHJ3BXW1XHeV-JVeMX8eaoWJe6YN3-Neu8QB-OpEgH0ouiG2c3Rg1K1hhf9zipVWOMLoCcIX1EfkXLHg_6GdgXJh-IVVf4fc7oqzqYHFlDLe09eZf_QVooFeeGwNPizEoPcC5GEidsTCCJx1YrbbpPYCW5EtyW_GEoWsohK8d_vKiPn5oCdJntk384JA_Q7e1weYmxrxR_AzzcXLzytLWSAsoKhFXR-rPrZDrQpaRM5ki-nX1mL4Ru2FSMKuH8VjG-HYpNHWbYYvmgupPd24ED7Fx0IylGvyoJczemEiI_4zdSdM0YPccuBmotSVhazig_G40PnHkVP_GeZ8zmNmi44NvPR8uCy6klywQAZ0y9m9A4Gr4zX6yjH4l-7gbboC2Na_6qd_klr_8PqVQc45B96FIAWumTlKfEtN-8eeEFXJCvhuLyogXAkwfztzUD3FLN_dZBZmG9_qQc03q5XYbUbfbaAeWxLL_KVl6EZLqfKS22kLBXcSNpfYuKLzqTrYNM8VJm0YNC4I0OnADe4mzNVNxz4nXXtASX_ZQ8N0jcXGPgI03xplo42JvyB51aV0M_e4X-lVIK4dt38MIumOvC0cjmm_tsqpv13K0T5gQzLjscqUBVbyoYuUusLBXTlyNTQtR5cqDqeIirOuFgU2F8HKjPK_yOBcO6vdzOCv-3KNp6eidmqfYHStQjoFX0gnxhe07wMQC6zZRqSs24wOSWLVbWnjwsTaEZjRP3rtNLWcdKOy59XBDS0w6RBFW7gAXBjPQOBAcgEbqRtA7FgztlwvQpZgL52f_zDowAe-85jclxz9-CmAeKzoaJ4WARwga7PMXzjLiJCv0OPGvR3-TE7hL0WA8Sc-24G2ayK8MntmnnBxtAhsDIRt_KFc1U0FOwNuRURXAgp3frXfSqaWt8-V23OsavpziI-unQZ_FG2YH
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/elements/html/ Frame 275E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=72.211;sz=300x250;u_sd=1;dc_adk=2536364250;ord=bhijrp;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=4,https%3A%2F%2Fpopcornfor2.com$2,,https%3A%2F%2Fpopcornfor2.com%2F$0;xdt=1;crlt=Da0aMNP0R2;osda=2;sttr=23;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 11:04:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 275E 		0
528 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshc-zKO2T22f9wnadgYBVx8X6hAqMVciCfAFXqFyAkkhen5N80E4CnsYtr4ntZIgHThG1xot4so8O0v6TYDGj1DH3mUt0sZv9Z5ePGDKNJIMUGmDtxstUgsWs0AyqAuBnifOpI06aELGR9v4G0ayw&sig=Cg0ArKJSzBSrGsKq4-LkEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210525.45028&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=72.211;sz=300x250;u_sd=1;dc_adk=2536364250;ord=bhijrp;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=4,https%3A%2F%2Fpopcornfor2.com$2,,https%3A%2F%2Fpopcornfor2.com%2F$0;xdt=1;crlt=Da0aMNP0R2;osda=2;sttr=23;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dvtp_src.js
cdn.doubleverify.com/ Frame 275E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=10224936&sid=2641434&plc=280232945&num=&adid=&advid=2276943&adsrv=1&btreg=315303753&btadsrv=doubleclick&crt=117630481&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=72.211;sz=300x250;u_sd=1;dc_adk=2536364250;ord=bhijrp;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=4,https%3A%2F%2Fpopcornfor2.com$2,,https%3A%2F%2Fpopcornfor2.com%2F$0;xdt=1;crlt=Da0aMNP0R2;osda=2;sttr=23;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
584b0accadc79e1b7911494b1fa3200666a59fbff926a255428ecd90367f55b3

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 11:04:54 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 May 2021 19:20:43 GMT
Server
Microsoft-IIS/10.0
ETag
"80b738e28855d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3196
adc_HUN_EndHungerStory_300x250_static_Evergreen.jpg
s0.2mdn.net/2276943/ Frame 275E 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/2276943/adc_HUN_EndHungerStory_300x250_static_Evergreen.jpg
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5277325d5b271b5c4e2386adf6a74b7a9671a58c6c271053247ba01579776cac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 23:55:03 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2019 18:22:57 GMT
server
sffe
age
40191
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61905
x-xss-protection
0
expires
Thu, 03 Jun 2021 23:55:03 GMT
dv-omid.js
cdn.doubleverify.com/ Frame 275E 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-omid.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gAT_Trss4JpB3KY3C93jyC&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322164953&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=27288803037&turl=www.popcornfor2.com/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2ccb0e5d42e6167ccc065c9ab67c61e72a34bba3df465c678ec8dbc5b957f241

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 11:04:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Apr 2021 11:53:50 GMT
Server
Microsoft-IIS/10.0
ETag
"01b62d2923ad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=32074
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6284
dv-measurements1421.js
cdn.doubleverify.com/ Frame 51C3 		483 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1421.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f8bd3352da23102cdf6b4f8793b24fa55f2eae7638caa7c3821437dfc4b9d8bb

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 11:04:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 09:53:31 GMT
Server
Microsoft-IIS/10.0
ETag
"80dfce249557d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88590
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 06AE 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 02 Jun 2021 19:54:30 GMT
expires
Thu, 03 Jun 2021 19:54:30 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
54624
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 275E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c3137d91a031fa13a1237a588cbe6bc3cf45148de400e3c2371ed16227a998f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 96E6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Tue, 01 Jun 2021 08:57:58 GMT
expires
Wed, 01 Jun 2022 08:57:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
180416
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame A9C7
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4da5a146-fa4e-42f1-b3cd-50bd47f4bc56
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4da5a146-fa4e-42f1-b3cd-50bd47f4bc56&tbid=fdad47b6-456e-476c-9c4c-08e018e1622d-tuct7b23cd5&query=taboola_hm%3D4da5a146-fa4e-...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4da5a146-fa4e-42f1-b3cd-50bd47f4bc56&tbid=fdad47b6-456e-476c-9c4c-08e018e1622d-tuct7b23cd5&query=taboola_hm%3D4da5a146-fa4e-42f1-b3cd-50bd47f4bc56&isDirect=0
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
via
1.1 varnish
server
nginx
x-timer
S1622718295.053182,VS0,VE10
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11522-HHN

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=4da5a146-fa4e-42f1-b3cd-50bd47f4bc56&tbid=fdad47b6-456e-476c-9c4c-08e018e1622d-tuct7b23cd5&query=taboola_hm%3D4da5a146-fa4e-42f1-b3cd-50bd47f4bc56&isDirect=0
tbl-x-upstream
10.40.0.195:10213
date
Thu, 03 Jun 2021 11:04:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21426
sd
u.openx.net/w/1.0/ Frame A9C7
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&gdpr=0&gdpr_consent=
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&gdpr=0&gdpr_consent=
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&gdpr=0&gdpr_consent=
date
Thu, 03 Jun 2021 11:04:54 GMT
via
1.1 google
server
OXGW/16.208.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sync.php
pixel.rubiconproject.com/exchange/ Frame A9C7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame A9C7
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=7754909c-3838-529a-a7ab-5fb7c713e8e1
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=7754909c-3838-529a-a7ab-5fb7c713e8e1
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Thu, 03 Jun 2021 11:04:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20310

Redirect headers

location
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=7754909c-3838-529a-a7ab-5fb7c713e8e1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
101956
jadserve.postrelease.com/suid/ Frame A9C7 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.23.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame A9C7
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=p3nAMYajIXCI&ev=1&orig=trc&pid=562107
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=p3nAMYajIXCI&ev=1&orig=trc&pid=562107
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Thu, 03 Jun 2021 11:04:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25238

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=p3nAMYajIXCI&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-555c8fd69d-rz2l8
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame A9C7
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=2929707122162675151&orig=trc
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=2929707122162675151&orig=trc
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Thu, 03 Jun 2021 11:04:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22676

Redirect headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:54 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.132:80
AN-X-Request-Uuid
f5c07914-358f-4da8-90cd-db7ab6c644ef
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=2929707122162675151&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame A9C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAlsbwrAeGa542sSfRfrUN8&google_cver=1
0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAlsbwrAeGa542sSfRfrUN8&google_cver=1
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 03 Jun 2021 11:04:54 GMT
via
1.1 varnish
server
nginx
x-timer
S1622718295.974275,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11522-HHN

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAlsbwrAeGa542sSfRfrUN8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A9C7 		42 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4:$UID
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:54 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:391
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame A9C7
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=fdad47b6-456e-476c-9c4c-08e018e1622d-tuct7b23cd5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=fdad47b6-456e-476c-9c4c-08e018e1622d-tuct7b23cd5
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=fdad47b6-456e-476c-9c4c-08e018e1622d-tuct7b23cd5
tbl-x-upstream
10.41.10.104:10213
date
Thu, 03 Jun 2021 11:04:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24137
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame A9C7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fa0655f6-0ad2-4ec9-b050-91f9d487286b
0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fa0655f6-0ad2-4ec9-b050-91f9d487286b
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Thu, 03 Jun 2021 11:04:55 GMT
via
1.1 varnish
server
nginx
x-timer
S1622718295.043355,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11522-HHN

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fa0655f6-0ad2-4ec9-b050-91f9d487286b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame A9C7
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:55 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:55 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame A9C7 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-555c8fd69d-qhqzt
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame A9C7 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&gdpr=0&gdpr_consent=
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame A9C7 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:54 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A9C7
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a15ddd12-9432-460d-bf6a-4eb14c45346c
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a15ddd12-9432-460d-bf6a-4eb14c45346c
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Thu, 03 Jun 2021 11:04:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20310

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Thu, 03 Jun 2021 11:04:55 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=a15ddd12-9432-460d-bf6a-4eb14c45346c
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3300
content-type
text/html; charset=utf-8
content-length
222
expires
Thu, 03 Jun 2021 00:00:00 GMT
3.gif
id5-sync.com/c/464/441/5/ Frame A9C7
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOq_YuxT0ggJ5a33PQp4TMKffPpJeWePDz7RhFmw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOq_YuxT0ggJ5a33PQp4TMKffPpJeWePDz7RhFmw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=450be4e0-68f8-4a80-a938-27e6e900ab0c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/441/5/3.gif?puid=e_7dabbfad-f9b6-41d5-9add-2d8526792d73&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/441/5/3.gif?puid=e_7dabbfad-f9b6-41d5-9add-2d8526792d73&gdpr=1&gdpr_consent=
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.49 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 11:04:51 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/c/464/441/5/3.gif?puid=e_7dabbfad-f9b6-41d5-9add-2d8526792d73&gdpr=1&gdpr_consent=
date
Thu, 03 Jun 2021 11:04:57 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame A9C7
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=nDdVa7SDA2eiP3EqWLe4YA
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=nDdVa7SDA2eiP3EqWLe4YA
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Thu, 03 Jun 2021 11:04:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23638

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=nDdVa7SDA2eiP3EqWLe4YA
date
Thu, 03 Jun 2021 11:04:56 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame A9C7 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:43 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame A9C7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dtaboola%26bsw_param%3D59fd1fca-abaf-4530-8bef-8368b8705d3...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=1f0860b8-b756-4d00-bbd4-81733000b1ee&expires=30&ssp=taboola&bsw_param=59fd1fca-abaf-4530-8bef-8368b8705d3c&gdpr=0&gdpr_consent=
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=59fd1fca-abaf-4530-8bef-8368b8705d3c
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=59fd1fca-abaf-4530-8bef-8368b8705d3c
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Thu, 03 Jun 2021 11:04:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20310

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=59fd1fca-abaf-4530-8bef-8368b8705d3c
date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dv-measurements1389.js
cdn.doubleverify.com/ Frame 5491 		483 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1389.js
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0e12d567a48199de2089253e3b38d051475af46c0c215d6fb8b9726978d91944

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 11:04:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 10:12:55 GMT
Server
Microsoft-IIS/10.0
ETag
"806d3cb3604dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88500
view
googleads4.g.doubleclick.net/pcs/ Frame 275E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsshc-zKO2T22f9wnadgYBVx8X6hAqMVciCfAFXqFyAkkhen5N80E4CnsYtr4ntZIgHThG1xot4so8O0v6TYDGj1DH3mUt0sZv9Z5ePGDKNJIMUGmDtxstUgsWs0AyqAuBnifOpI06aELGR9v4G0ayw&sig=Cg0ArKJSzBSrGsKq4-LkEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=75&vt=11&dtpt=74&dett=2&cstd=0&cisv=r20210525.45028&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=72.211;sz=300x250;u_sd=1;dc_adk=2536364250;ord=bhijrp;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=4,https%3A%2F%2Fpopcornfor2.com$2,,https%3A%2F%2Fpopcornfor2.com%2F$0;xdt=1;crlt=Da0aMNP0R2;osda=2;sttr=23;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
visit.js
tps.doubleverify.com/ Frame 51C3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauA%40A4%40C%3F7%40Ca%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauA%40A4%40C%3F7%40Ca%5D4%40%3ETar9EEADTbpTauTauA%40A4%40C%3F7%40Ca%5D4%40%3ETar9EEADTbpTauTauA%40A4%40C%3F7%40Ca%5D4%40%3ETar9EEADTbpTauTau77a2cgefecg536_6_eg653___b33%60e4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau77a2cgefecg536_6_eg653___b33%60e4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau77a2cgefecg536_6_eg653___b33%60e4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauD2767C2%3E6Tau%60%5C_%5CbgTau9E%3E%3DTau4%40%3FE2%3A%3F6C%5D9E%3E%3DTbu%3FTbsa&srcurlD=2&aUrlD=4&ssl=https:&dfs=6&ddur=23&uid=1622718294948884&jsCallback=dvCallback_1622718294948680&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=3&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1421&tgjsver=1421&lvvn=28&m1=13&refD=4&referrer=https%3A%2F%2Fff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&fcifrms=17&brh=3&dvp_epl=627&noc=12&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=www.popcornfor2.com/&errorURL=https://tps.doubleverify.com/visit.jpg&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gAT_Trss4JpB3KY3C93jyC&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322164953&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=27288803037&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=26370162137.341984&dvp_tukv=17327825034.040066&dvp_uuid=12556814621.07869&dvp_strhd=0.20000076293945312&dvpx_strhd=0.20000076293945312&dvp_tuid=1132206959079&dvp_vcms=23&dvp_slmsd=73&dvp_vcmsd=96
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1421.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fed2392e7f78b89df766488d7e920ab2c61c40387948ad2cbced196978c818d2

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:54 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
6/2/2021 11:04:54 AM
showad.js
ads.pubmatic.com/AdServer/js/ Frame C75F 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=34796
expires
Thu, 03 Jun 2021 20:44:51 GMT
date
Thu, 03 Jun 2021 11:04:55 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FE71 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://popcornfor2.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=2929707122162675151; anj=dTM7k!M41.D>6NRF']wIg2GVMrf8ss!@wnfH8K6pQK`!5=E<*L5?%M%flkP41IA0Mg4^<ue:$oMkN>h$C2]KO<%0WC%nugO%v4VB%nmNE)tn:t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Tue, 01 Jun 2021 04:37:22 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 03 Jun 2021 11:04:54 GMT
Age
23248
X-Served-By
cache-lga21973-LGA, cache-hhn4057-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 429738
X-Timer
S1622718295.990170,VS0,VE0
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 059F 		1007 B
865 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
55c4c7bf103af11d67ba6df23c0efe58d458383bd59ca8c9516c36b704629032

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=6d14bf16-1630-4a7e-bd8a-78a63b66621f|1622718294
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=6d14bf16-1630-4a7e-bd8a-78a63b66621f|1622718294; Version=1; Expires=Fri, 03-Jun-2022 11:04:54 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1622718294|mOgegqnskin0vNomiygu; Version=1; Expires=Fri, 18-Jun-2021 11:04:54 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.208.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 03 Jun 2021 11:04:54 GMT
content-type
text/html
content-length
547
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 7BAC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://popcornfor2.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Thu, 03 Jun 2021 11:04:55 GMT
Connection
keep-alive
current
dclk-match.dotomi.com/match/bounce/ Frame 06AE 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEGdX5amqqaRSk0SGFg9BnU&google_cver=1&google_push=AQvitUK-iprX-Y6lZaIu7zeabs2SZRLKR8UDfAHG-mKXES6G5MS0Qg3ZtXaYjdgi3UfZg18eNmpoRMNlxlWjAcgg-dKNYQIEhBs
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 06AE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELVzHovIymJpF8G5UO-EBQI&google_cver=1&google_push=AQvitULxH33zvNqsNH87kLweYGcbl1tXt5vNQW8d7FzmDb0E7GStYpDie6lhhe0oyHcGT54rNHUVVdiwIL4M6P6L...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULxH33zvNqsNH87kLweYGcbl1tXt5vNQW8d7FzmDb0E7GStYpDie6lhhe0oyHcGT54rNHUVVdiwIL4M6P6LmSP2_Yv1o-Y
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULxH33zvNqsNH87kLweYGcbl1tXt5vNQW8d7FzmDb0E7GStYpDie6lhhe0oyHcGT54rNHUVVdiwIL4M6P6LmSP2_Yv1o-Y
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 03 Jun 2021 11:06:41 GMT
Server
MT3 3736 915c305 master cdg-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitULxH33zvNqsNH87kLweYGcbl1tXt5vNQW8d7FzmDb0E7GStYpDie6lhhe0oyHcGT54rNHUVVdiwIL4M6P6LmSP2_Yv1o-Y
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 03 Jun 2021 11:06:40 GMT
pixel
cm.g.doubleclick.net/ Frame 06AE
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL9QsaaZnm1Df9bqkmb4TX4&google_cver=1&google_push=AQvitUJek2P6ETwFrX71_aajE8avBtc6SzQwN3V__ibKVGv59SXJcDPPqoBemd_mwsUobg-6v8d3EojXMbZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJek2P6ETwFrX71_aajE8avBtc6SzQwN3V__ibKVGv59SXJcDPPqoBemd_mwsUobg-6v8d3EojXMbZTVJowdpgUqevKW3c&google_hm=t2fN10rmQNmO6Woamfishqs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJek2P6ETwFrX71_aajE8avBtc6SzQwN3V__ibKVGv59SXJcDPPqoBemd_mwsUobg-6v8d3EojXMbZTVJowdpgUqevKW3c&google_hm=t2fN10rmQNmO6Woamfishqs
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJek2P6ETwFrX71_aajE8avBtc6SzQwN3V__ibKVGv59SXJcDPPqoBemd_mwsUobg-6v8d3EojXMbZTVJowdpgUqevKW3c&google_hm=t2fN10rmQNmO6Woamfishqs
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 06AE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIHRiS92dAhW__fZHNzk3E0&google_cver=1&google_push=AQvitULWlnO8_tU8esD7FPU_9wfjEMrxg60jTsvElxK2LGrQFFtMs6QpgLsYvwVBbhscXt_PxLekKmQ-CDmIDHI2KVqN...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULWlnO8_tU8esD7FPU_9wfjEMrxg60jTsvElxK2LGrQFFtMs6QpgLsYvwVBbhscXt_PxLekKmQ-CDmIDHI2KVqNYc12Vmw&google_hm=Wf0fyquvRTCL74NouHBdPA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULWlnO8_tU8esD7FPU_9wfjEMrxg60jTsvElxK2LGrQFFtMs6QpgLsYvwVBbhscXt_PxLekKmQ-CDmIDHI2KVqNYc12Vmw&google_hm=Wf0fyquvRTCL74NouHBdPA==
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULWlnO8_tU8esD7FPU_9wfjEMrxg60jTsvElxK2LGrQFFtMs6QpgLsYvwVBbhscXt_PxLekKmQ-CDmIDHI2KVqNYc12Vmw&google_hm=Wf0fyquvRTCL74NouHBdPA==
date
Thu, 03 Jun 2021 11:04:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 06AE
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFOfsOPGVKfwlfZned3xwhQ&google_cver=1&google_push=AQvitUIWJbHbCLN3wxmWphGicR4rqoZnHBVGkQAYgWA9ZHSne3vvLWFwyzm4z76hps0vkvqCui2IT3k41ffi2UjsxOQcdibqauY
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIWJbHbCLN3wxmWphGicR4rqoZnHBVGkQAYgWA9ZHSne3vvLWFwyzm4z76hps0vkvqCui2IT3k41ffi2UjsxOQcdibqauY&google_hm=Ye4KcxYxzKcBKPz5jFhrWA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIWJbHbCLN3wxmWphGicR4rqoZnHBVGkQAYgWA9ZHSne3vvLWFwyzm4z76hps0vkvqCui2IT3k41ffi2UjsxOQcdibqauY&google_hm=Ye4KcxYxzKcBKPz5jFhrWA==
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:54 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUIWJbHbCLN3wxmWphGicR4rqoZnHBVGkQAYgWA9ZHSne3vvLWFwyzm4z76hps0vkvqCui2IT3k41ffi2UjsxOQcdibqauY&google_hm=Ye4KcxYxzKcBKPz5jFhrWA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
d9rt75cqio7p1ka2grrnggps365olo3g
pixel
cm.g.doubleclick.net/ Frame 06AE
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CkRjPkOQRtqcOz1988ACEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CkRjPkOQRtqcOz1988ACEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJzHqXBFzLu5ADiJvBI3sZg9hlKPftF6mReyBOKYBgr_Kj-wHmnMF8dUOQkSBZNoFtC90JaL3Lx2q19tBEs4Za0I5_N0qE
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CkRjPkOQRtqcOz1988ACEA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJzHqXBFzLu5ADiJvBI3sZg9hlKPftF6mReyBOKYBgr_Kj-wHmnMF8dUOQkSBZNoFtC90JaL3Lx2q19tBEs4Za0I5_N0qE
date
Thu, 03 Jun 2021 11:04:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 06AE
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEJLPQ0tv7Gv70FVUm0E1mE&google_cver=1&google_push=AQvitUKH5vgpwfsMhYoPsNDG0yv1yD86alVAeN83mZingUQ8iM7S65Oqji0xxJlA6oKeb_Yb5ci05FFP9ArfpI68c...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEJLPQ0tv7Gv70FVUm0E1mE&google_cver=1&google_push=AQvitUKH5vgpwfsMhYoPsNDG0yv1yD86alVAeN83mZingUQ8iM7S65Oqji0xxJlA6oKeb_Yb5ci05FFP9ArfpI68c...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUKH5vgpwfsMhYoPsNDG0yv1yD86alVAeN83mZingUQ8iM7S65Oqji0xxJlA6oKeb_Yb5ci05FFP9ArfpI68c1_N1G26isI&google_hm=1da266253fa02cb7c81105a1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUKH5vgpwfsMhYoPsNDG0yv1yD86alVAeN83mZingUQ8iM7S65Oqji0xxJlA6oKeb_Yb5ci05FFP9ArfpI68c1_N1G26isI&google_hm=1da266253fa02cb7c81105a1
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 03 Jun 2021 11:04:55 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUKH5vgpwfsMhYoPsNDG0yv1yD86alVAeN83mZingUQ8iM7S65Oqji0xxJlA6oKeb_Yb5ci05FFP9ArfpI68c1_N1G26isI&google_hm=1da266253fa02cb7c81105a1
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 06AE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IMeLmALPzbXayAwUrBBUnpRyHw8CI8BNJc81EmVIck64r7QtAEY510nQjUPEdwibfX3kmZ
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:54 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
visit.js
tps.doubleverify.com/ Frame 5491 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauA%40A4%40C%3F7%40Ca%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauA%40A4%40C%3F7%40Ca%5D4%40%3ETar9EEADTbpTauTauA%40A4%40C%3F7%40Ca%5D4%40%3ETar9EEADTbpTauTauA%40A4%40C%3F7%40Ca%5D4%40%3ETar9EEADTbpTauTau77a2cgefecg536_6_eg653___b33%60e4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau77a2cgefecg536_6_eg653___b33%60e4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau77a2cgefecg536_6_eg653___b33%60e4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauD2767C2%3E6Tau%60%5C_%5CbgTau9E%3E%3DTau4%40%3FE2%3A%3F6C%5D9E%3E%3DTbu%3FTbsa&srcurlD=2&aUrlD=4&ssl=https:&dfs=6&ddur=23&uid=1622718295005633&jsCallback=dvCallback_1622718295005401&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=3&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1389&tgjsver=1389&lvvn=28&m1=13&refD=4&referrer=https%3A%2F%2Fff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&fcifrms=21&brh=3&dvp_epl=627&noc=12&ctx=13311291&cmp=10224936&sid=2641434&plc=280232945&crt=117630481&btreg=315303753&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=26370162137.341984&dvp_tukv=149959062.7534336&dvp_uuid=24451845.134186234&dvp_strhd=0.20000076293945312&dvpx_strhd=0.20000076293945312&dvp_tuid=1526681603053&dvp_vcms=25&dvp_slmsd=73&dvp_vcmsd=98
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3ab22481dec313568be89a65055bfdbdb850868cb1090752a2ae202a842c8bf0

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:54 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
6/2/2021 11:04:55 AM
6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js
pagead2.googlesyndication.com/bg/ Frame 96E6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:41:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
4979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5787
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 09:41:56 GMT
async_usersync
ib.adnxs.com/ Frame FE71 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:55 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.40:80
AN-X-Request-Uuid
0b69db3d-274c-4a38-a7fb-d3585df84e67
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
query.gif
sync.doubleverify.com/ Frame 51C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&google_hm=**&cbust=1622718295058166
  • https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1622718295058166&google_hm=2&google_gid=CAESED2mVvyaTRAFUIFuKIpSdH4&google_cver=1&google_ula=7327243,0
807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1622718295058166&google_hm=2&google_gid=CAESED2mVvyaTRAFUIFuKIpSdH4&google_cver=1&google_ula=7327243,0
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:54 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
6/2/2021 11:04:55 AM

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1622718295058166&google_hm=2&google_gid=CAESED2mVvyaTRAFUIFuKIpSdH4&google_cver=1&google_ula=7327243,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
392
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tps20227.doubleverify.com/ Frame 51C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=6588265853&google_hm=**&google_redir=https%3A%2F%2Ftps20227.doubleverify.com%2Fevent.png%3Fimpid%3Ddeeaff356d8e47bd9a2f3635...
  • https://tps20227.doubleverify.com/event.png?impid=deeaff356d8e47bd9a2f3635032b88d7&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1622718295058895&google_hm=2&google_ula=6588265853,0
67 B
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20227.doubleverify.com/event.png?impid=deeaff356d8e47bd9a2f3635032b88d7&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1622718295058895&google_hm=2&google_ula=6588265853,0
Requested by
Host: ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
URL: https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:55 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=0
Content-Length
98
Expires
6/2/2021 11:04:56 AM

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://tps20227.doubleverify.com/event.png?impid=deeaff356d8e47bd9a2f3635032b88d7&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1622718295058895&google_hm=2&google_ula=6588265853,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
394
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2a7fe60b-2f1b-e7c0-d68b-a6bba0169cab
pr-bh.ybp.yahoo.com/sync/openx/ Frame 059F 		43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/2a7fe60b-2f1b-e7c0-d68b-a6bba0169cab?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 059F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=EnWuFgfb1LOL9J5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=EnWuFgfb1LOL9J5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:54 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-0a1405953f2666354@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=EnWuFgfb1LOL9J5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 059F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=59fd1fca-abaf-4530-8bef-8368b8705d3c
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=4da5a146-fa4e-42f1-b3cd-50bd47f4bc56&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=59fd1fca-abaf-4530-8bef-8368b8705d3c
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=59fd1fca-abaf-4530-8bef-8368b8705d3c
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=59fd1fca-abaf-4530-8bef-8368b8705d3c
date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 059F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFESGhVN0JjVzhBQURKYWY3TEFiZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.40.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:55 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 059F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1f0860b8-b756-4d00-bbd4-81733000b1ee
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1f0860b8-b756-4d00-bbd4-81733000b1ee
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 03 Jun 2021 11:06:41 GMT
Server
MT3 3736 915c305 master cdg-pixel-x4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1f0860b8-b756-4d00-bbd4-81733000b1ee
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 03 Jun 2021 11:06:40 GMT
sd
us-u.openx.net/w/1.0/ Frame 059F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=K8RAcX_DF34wxRYoLMwPcS7AF3wwwBd6eMMhAngZ
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=K8RAcX_DF34wxRYoLMwPcS7AF3wwwBd6eMMhAngZ
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=K8RAcX_DF34wxRYoLMwPcS7AF3wwwBd6eMMhAngZ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 059F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6982712400737837658
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6982712400737837658
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6982712400737837658
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 059F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=beb8804f-bfb7-7589-e75c-b04e5f4151e2&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 059F 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTJkNzUzODUtNzZjMC0yYjJkLWYyYmMtZWFmNzk1YTM5Zjgy
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 059F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAmsdNd4MpdaVAa3Jl0UU24&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAmsdNd4MpdaVAa3Jl0UU24&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=569ad57e-43c9-460e-9a8f-667f824c03af&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAmsdNd4MpdaVAa3Jl0UU24&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C75F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66683308&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a2fc02481d03c6e4f675d3a0c676d3cf9c43e09e9cb4b67879a25f4c71174482

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:54 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
query.gif
sync.doubleverify.com/ Frame 5491
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=7327243&google_cm&google_hm=**&cbust=1622718295092583
  • https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1622718295092583&google_hm=2&google_gid=CAESED2mVvyaTRAFUIFuKIpSdH4&google_cver=1&google_ula=7327243,0
807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1622718295092583&google_hm=2&google_gid=CAESED2mVvyaTRAFUIFuKIpSdH4&google_cver=1&google_ula=7327243,0
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:54 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
6/2/2021 11:04:55 AM

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.doubleverify.com/query.gif?ctx=818052&cmp=2249559&cbust=1622718295092583&google_hm=2&google_gid=CAESED2mVvyaTRAFUIFuKIpSdH4&google_cver=1&google_ula=7327243,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
392
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tps20229.doubleverify.com/ Frame 5491
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=doubleverify_ddp&google_ula=6588265853&google_hm=**&google_redir=https%3A%2F%2Ftps20229.doubleverify.com%2Fevent.png%3Fimpid%3D66d7af7a01db441cadf24bb3...
  • https://tps20229.doubleverify.com/event.png?impid=66d7af7a01db441cadf24bb369d968da&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1622718295093967&google_hm=2&google_ula=6588265853,0
67 B
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20229.doubleverify.com/event.png?impid=66d7af7a01db441cadf24bb369d968da&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1622718295093967&google_hm=2&google_ula=6588265853,0
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:55 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=0
Content-Length
98
Expires
6/2/2021 11:04:55 AM

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://tps20229.doubleverify.com/event.png?impid=66d7af7a01db441cadf24bb369d968da&gdpr=&gdpr_consent=&dvpx_gfbc=1&cbust=1622718295093967&google_hm=2&google_ula=6588265853,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
394
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame C3EF 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://popcornfor2.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9f11f98038b8e65631930989a62668accaad5092dcc65806a127171b3d82fb12

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YLi3VuvTpQybyF-dGHd8iAAA; CMPS=5182; CMPRO=1209; CMST=YLi3VmC4t1YA; CMRUM3=2d60b8b7562760CAESEFOVZ7-LWMRhUcvx_Fgj0FU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|230|46|191|5|3|190
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1725
Expires
Thu, 03 Jun 2021 11:04:55 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:55 GMT
Connection
keep-alive
Set-Cookie
CMID=YLi3VuvTpQybyF-dGHd8iAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 03 Jun 2022 11:04:55 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 11:04:55 GMT CMPRO=1209;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 11:04:55 GMT CMST=YLi3VmC4t1cA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 04 Jun 2021 11:04:55 GMT CMRUM3=e660b8b7572760&be60b8b75705a0&2760b8b7570b40&0560b8b75705a0&2e60b8b75705a0&f160b8b75705a0&2d60b8b7562760CAESEFOVZ7-LWMRhUcvx_Fgj0FU&0360b8b75705a0&bf60b8b75705a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 03 Jun 2022 11:04:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 158F 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c316c74988a96ef127eba34083ea8979c0e02852c30fefc6e1117239ea6e5f66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8230
x-xss-protection
0
match
c1.adform.net/serving/cookie/ Frame 83A7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0A44633E-4390-46DA-9C3B-3D7DF3C00210
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0A44633E-4390-46DA-9C3B-3D7DF3C00210
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0A44633E-4390-46DA-9C3B-3D7DF3C00210
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=0A44633E-4390-46DA-9C3B-3D7DF3C00210
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 11:04:55 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=2330130166302795970; expires=Mon, 02 Aug 2021 11:04:55 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Thu, 03 Jun 2021 11:04:55 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0A44633E-4390-46DA-9C3B-3D7DF3C00210
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Sat, 03 Jul 2021 11:04:55 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 387B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8956874937439035966
42 B
211 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8956874937439035966
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8956874937439035966
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_1235=23226-f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4:$UID; PUBMDCID=3; KADUSERCOOKIE=0A44633E-4390-46DA-9C3B-3D7DF3C00210; chkChromeAb67Sec=1; DPSync3=1623888000%3A201_197_219%7C1622764800%3A174; SyncRTB3=1625270400%3A203%7C1623542400%3A63%7C1623888000%3A3_71_8_22_13_56_7_220_54_21_161%7C1623974400%3A35%7C1623283200%3A223; KRTBCOOKIE_57=22776-2929707122162675151; KRTBCOOKIE_153=19420-_at_HKmsKBPmqilF-qMwHPivKBHmrygXrqweq1nB&KRTB&22979-_at_HKmsKBPmqilF-qMwHPivKBHmrygXrqweq1nB; KRTBCOOKIE_27=16735-uid:1f0860b8-b756-4d00-bbd4-81733000b1ee&KRTB&16736-uid:1f0860b8-b756-4d00-bbd4-81733000b1ee&KRTB&23019-uid:1f0860b8-b756-4d00-bbd4-81733000b1ee&KRTB&23114-uid:1f0860b8-b756-4d00-bbd4-81733000b1ee; KRTBCOOKIE_80=22987-CAESEJrmkITIpmMrOerQ7ZJjGQg&KRTB&16514-CAESEJrmkITIpmMrOerQ7ZJjGQg&KRTB&23025-CAESEJrmkITIpmMrOerQ7ZJjGQg; KRTBCOOKIE_377=6810-fa0655f6-0ad2-4ec9-b050-91f9d487286b&KRTB&22918-fa0655f6-0ad2-4ec9-b050-91f9d487286b&KRTB&23031-fa0655f6-0ad2-4ec9-b050-91f9d487286b; KRTBCOOKIE_466=16530-59fd1fca-abaf-4530-8bef-8368b8705d3c; KRTBCOOKIE_391=22924-7409291517371381188&KRTB&23263-7409291517371381188; KRTBCOOKIE_1101=23040-6969522011945433229; PugT=1622718296; SPugT=1622718295
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 11:04:56 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-8956874937439035966; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Jul-2021 11:04:56 GMT; path=/ PugT=1622718296; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Jul-2021 11:04:56 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 01-Sep-2021 11:04:56 GMT; path=/
x-lat
lhrpug006:0:778
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8956874937439035966
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 7A6C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
42 B
111 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_1235=23226-f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4:$UID; PugT=1622718294; PUBMDCID=3; KADUSERCOOKIE=0A44633E-4390-46DA-9C3B-3D7DF3C00210; chkChromeAb67Sec=1; DPSync3=1623888000%3A201_197_219%7C1622764800%3A174; SyncRTB3=1625270400%3A203%7C1623542400%3A63%7C1623888000%3A3_71_8_22_13_56_7_220_54_21_161%7C1623974400%3A35%7C1623283200%3A223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 11:04:55 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 01-Sep-2021 11:04:55 GMT; path=/
x-lat
lhrpug013:0:443
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

cache-control
no-cache
pragma
no-cache
content-type
text/html; charset=utf-8
expires
Thu, 03 Jun 2021 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3528
date
Thu, 03 Jun 2021 11:04:54 GMT
content-length
205
Pug
simage2.pubmatic.com/AdServer/ Frame 0D97
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969522011945433229
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969522011945433229
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969522011945433229
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KRTBCOOKIE_1235=23226-f6289de0-fad1-49b3-a148-02b5fb5e3fcd-tuct7b23cd4:$UID; PUBMDCID=3; KADUSERCOOKIE=0A44633E-4390-46DA-9C3B-3D7DF3C00210; chkChromeAb67Sec=1; DPSync3=1623888000%3A201_197_219%7C1622764800%3A174; SyncRTB3=1625270400%3A203%7C1623542400%3A63%7C1623888000%3A3_71_8_22_13_56_7_220_54_21_161%7C1623974400%3A35%7C1623283200%3A223; KRTBCOOKIE_57=22776-2929707122162675151; PugT=1622718295; KRTBCOOKIE_153=19420-_at_HKmsKBPmqilF-qMwHPivKBHmrygXrqweq1nB&KRTB&22979-_at_HKmsKBPmqilF-qMwHPivKBHmrygXrqweq1nB; KRTBCOOKIE_27=16735-uid:1f0860b8-b756-4d00-bbd4-81733000b1ee&KRTB&16736-uid:1f0860b8-b756-4d00-bbd4-81733000b1ee&KRTB&23019-uid:1f0860b8-b756-4d00-bbd4-81733000b1ee&KRTB&23114-uid:1f0860b8-b756-4d00-bbd4-81733000b1ee; KRTBCOOKIE_80=22987-CAESEJrmkITIpmMrOerQ7ZJjGQg&KRTB&16514-CAESEJrmkITIpmMrOerQ7ZJjGQg&KRTB&23025-CAESEJrmkITIpmMrOerQ7ZJjGQg; KRTBCOOKIE_377=6810-fa0655f6-0ad2-4ec9-b050-91f9d487286b&KRTB&22918-fa0655f6-0ad2-4ec9-b050-91f9d487286b&KRTB&23031-fa0655f6-0ad2-4ec9-b050-91f9d487286b; KRTBCOOKIE_466=16530-59fd1fca-abaf-4530-8bef-8368b8705d3c; KRTBCOOKIE_391=22924-7409291517371381188&KRTB&23263-7409291517371381188; SPugT=1622718293
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 11:04:56 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6969522011945433229; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Jul-2021 11:04:56 GMT; path=/ PugT=1622718296; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 03-Jul-2021 11:04:56 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 01-Sep-2021 11:04:56 GMT; path=/
x-lat
lhrpug008:0:366
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 03 Jun 2021 11:04:56 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6969522011945433229; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6969522011945433229
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C75F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CkRjPkOQRtqcOz1988ACEA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 06:44:25 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-2080-5c3aeac410031"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=140505
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2586
expires
Sat, 05 Jun 2021 02:06:40 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C75F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1f0860b8-b756-4d00-bbd4-81733000b1ee
0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1f0860b8-b756-4d00-bbd4-81733000b1ee
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cnection
close
date
Thu, 03 Jun 2021 11:04:53 GMT
content-encoding
gzip
server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache
content-type
text/plain; charset=utf-8

Redirect headers

Date
Thu, 03 Jun 2021 11:06:41 GMT
Server
MT3 3736 915c305 master cdg-pixel-x4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1f0860b8-b756-4d00-bbd4-81733000b1ee
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 03 Jun 2021 11:06:40 GMT
mw
mwzeom.zeotap.com/ Frame C75F
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=0A44633E-4390-46DA-9C3B-3D7DF3C00210
  • https://spl.zeotap.com/?zdid=1332&zcluid=cfefab596081d56f
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=82c3446e-435c-4318-41ef-cce55c988b64&reqId=65a259c0-959e-4ee1-713a-4341227df692&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEIwcVh7oiYlmMmUmn78ZJh4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=82c3446e-435c-4318-41ef-cce55c988b64&reqId=65a259c0-959e-4ee1-713a-434...
95 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEIwcVh7oiYlmMmUmn78ZJh4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=82c3446e-435c-4318-41ef-cce55c988b64&reqId=65a259c0-959e-4ee1-713a-4341227df692&zcluid=cfefab596081d56f&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
65987187daf14e79-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a732548ea00004e790c1d0000000001

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEIwcVh7oiYlmMmUmn78ZJh4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=82c3446e-435c-4318-41ef-cce55c988b64&reqId=65a259c0-959e-4ee1-713a-4341227df692&zcluid=cfefab596081d56f&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C75F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEE0NDYzM0UtNDM5MC00NkRBLTlDM0ItM0Q3REYzQzAwMjEw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:858
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C75F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJrmkITIpmMrOerQ7ZJjGQg&google_cver=1
42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJrmkITIpmMrOerQ7ZJjGQg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:436
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJrmkITIpmMrOerQ7ZJjGQg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C75F 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 02 Jun 2021 11:04:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C75F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7409291517371381188
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7409291517371381188
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:397
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7409291517371381188
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame C75F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1f0860b8-b756-4d00-bbd4-81733000b1ee&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1f0860b8-b756-4d00-bbd4-81733000b1ee&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:448
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 03 Jun 2021 11:06:41 GMT
Server
MT3 3736 915c305 master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1f0860b8-b756-4d00-bbd4-81733000b1ee&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 03 Jun 2021 11:06:40 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C75F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fa0655f6-0ad2-4ec9-b050-91f9d487286b
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fa0655f6-0ad2-4ec9-b050-91f9d487286b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:531
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fa0655f6-0ad2-4ec9-b050-91f9d487286b
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame C75F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2929707122162675151&gdpr=0&gdpr_consent=
42 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2929707122162675151&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:307
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:55 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.52:80
AN-X-Request-Uuid
9edf0edd-ab3b-405d-bd94-27669f9c423e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2929707122162675151&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
0A44633E-4390-46DA-9C3B-3D7DF3C00210
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C75F 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0A44633E-4390-46DA-9C3B-3D7DF3C00210?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C75F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0A44633E-4390-46DA-9C3B-3D7DF3C00210&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0A44633E-4390-46DA-9C3B-3D7DF3C00210&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-deMtPOBE2uV8q7O0RP3Mj6TaYi7YGfc-~A&gdpr=0&gdpr_consent=
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-deMtPOBE2uV8q7O0RP3Mj6TaYi7YGfc-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 03 Jun 2021 11:04:56 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-deMtPOBE2uV8q7O0RP3Mj6TaYi7YGfc-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame C75F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_at_HKmsKBPmqilF-qMwHPivKBHmrygXrqweq1nB
42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_at_HKmsKBPmqilF-qMwHPivKBHmrygXrqweq1nB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:641
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_at_HKmsKBPmqilF-qMwHPivKBHmrygXrqweq1nB
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C75F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dpubmatic%26bsw_param...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=2b8845bc9b4148168d96d664498b9c17&ssp=pubmatic&bsw_param=59fd1fca-abaf-4530-8bef-8368b8705d3c&gdpr=0&consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=59fd1fca-abaf-4530-8bef-8368b8705d3c&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=59fd1fca-abaf-4530-8bef-8368b8705d3c&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:649
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=59fd1fca-abaf-4530-8bef-8368b8705d3c&gdpr=0&gdpr_consent=&gdpr_pd=
date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame C75F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLi3WAABc-2F9AAC&gdpr=0&gdpr_consent=&_test=YLi3WAABc-2F9AAC
1 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLi3WAABc-2F9AAC&gdpr=0&gdpr_consent=&_test=YLi3WAABc-2F9AAC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:56 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:514
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1622718296.312538,VS0,VE0
x-served-by
cache-fra19156-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLi3WAABc-2F9AAC&gdpr=0&gdpr_consent=&_test=YLi3WAABc-2F9AAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 158F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2653 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 03 Jun 2021 10:45:44 GMT
expires
Fri, 03 Jun 2022 10:45:44 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1151
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4CE7 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4e7bcbc8d4514fcd321b7335f475b56a8ba669c96d6e7200e63f382a05ce7cdd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ry9eRDp5XQUIbY8bBquYwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

expires
Thu, 03 Jun 2021 11:04:55 GMT
date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Ry9eRDp5XQUIbY8bBquYwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96E6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BU5Z7Vre4YK__MPCN7_UP9KemkAwAAAAAOAHgBAI&bg=!QEOlQwfNAAaMan2LjGo7ACkAdvg8WmpzhkWLE5bGWuswj90ZI3jPMWQ-bDRhwIt5igrYfxwiOLHKIwIAAAB2UgAAAAtoAQeZAyMQG-UsOSyIDzX4y2IruhGLb0QcNyvpjV4sk868pCjGXJlw08IAEOubU6ZqPF013tJQh7DFlip44IPE_3I3ux5h4W07-NtFKmytwPNtrG6OJwL1TGuvbVNSFdrNMLFKJhmcRKmlxJNiqWgRff0xJK6Y8ETXmQ_s32Rx-VxzK4mwfEcbMkj0P9AbR9y-W__dguBncShsr5kYW4Ahj7xY92XRMfRDdGgjFtOMqo8oSbQT7XVcmihOYiawnQ9YBonRdKDt0lOVnVifWiKzfN2m5uujZ1ZWRYTVvVeR6rfghfONQiRB0R2qoQE8diB2p6VdhAa0vzKKEa6jAy5fBocTKiwDmU4lFEyLCw0gECDK6FCiphCGXziwRyXUq5-GiAn5qtp1T0vBQazTH3UpvmgF8LZwCKZu1GhH3hcMqebllg3UA2g9koFyc-nfsV-sypsBdF-ORI6BJ1bVBeEJa7Rg8dB3AJ7pmC0Z3Xj525XpOGlI_twYqjETTCToQFevNuB0f0eqsg2AIFABI-nNez7Q6GJZZB99_kg9W1pkpSXtWeA4EpQdx5y_76uyXkjqzssWlusiH6rptsTtSUfE-grqZ-hL0TG8oX7rbAa2YP-Y3nyu0I2QdHQpThQXys9iZ6bEwV67y7emzcd7U0bBqryX3KttrMGd0tLDvhMkMRxOHISg74VkhgFCKiFPmOT5R0yTMbMmer-wCv1RyRkCEigrAZiv2oLKAhelLqeEB7ITiTeVqdgPLsi2D4zoPfeBisSypfYGNvSOLw5YoDHDgsrAfJghQ_81BPUW-Cw6SRuorCwWkxxyf3TYwY-0mcJYI9nWgy3ls5mmwaaGzfYO7mXo_UH9GFUlHWOgfhRDnVn2wt5bITsAHYW3VpDLbUMKxb7i4CAr_2Q1QgFptxRa4nFXmHzFh5PdikHzngLpxhRtot1UbY3oit1zzZr8i--0kgZbEgsftVXMDpNbvcP0dBZ-UiPNBKEnIq-_aTm9KFBSJd24-LxfkjH3JWAsktos7D5yZCJ8744VRcvA5oI6JK10Sy6Vv9zOZlNQcywOxiw6HdjzCGbWIw
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C3EF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YLi3VuvTpQybyF-dGHd8iAAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://popcornfor2.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame C3EF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLi3VuvTpQybyF_dGHd8iAAABLkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLi3VuvTpQybyF_dGHd8iAAABLkAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLi3VuvTpQybyF_dGHd8iAAABLkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://popcornfor2.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:58 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:58 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLi3VuvTpQybyF_dGHd8iAAABLkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C3EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLi3VuvTpQybyF_dGHd8iAAABLkAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEL6HAW5xPNU_FHiuICBSo_4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEL6HAW5xPNU_FHiuICBSo_4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://popcornfor2.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 03 Jun 2021 11:04:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEL6HAW5xPNU_FHiuICBSo_4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
secure.adnxs.com/ Frame C3EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://popcornfor2.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
index
dmp.brand-display.com/cm/api/ Frame C3EF 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://popcornfor2.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.40.241.35.bc.googleusercontent.com
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:58 GMT
via
1.1 google
last-modified
Thu, 03 Jun 2021 11:04:58 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Thu, 03 Jun 2021 11:04:59 GMT
ix
ad4m.at/ad/sim/ Frame C3EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://popcornfor2.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame C3EF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1f0860b8-b756-4d00-bbd4-81733000b1ee&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1f0860b8-b756-4d00-bbd4-81733000b1ee&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://popcornfor2.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 03 Jun 2021 11:04:55 GMT

Redirect headers

Date
Thu, 03 Jun 2021 11:06:41 GMT
Server
MT3 3736 915c305 master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1f0860b8-b756-4d00-bbd4-81733000b1ee&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 03 Jun 2021 11:06:40 GMT
getuid
ib.adnxs.com/ Frame C3EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://popcornfor2.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame C3EF 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YLi3VuvTpQybyF-dGHd8iAAA%261209
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://popcornfor2.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 11:04:55 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1229
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 03 Jun 2021 11:25:24 GMT
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame 2653 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 06:35:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 06:35:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 158F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=195656016986172&bg=!dXaldjLNAAaMan2LjGo7ACkAdvg8WhsctDSjlgxvpDVuKLocn0Ffg-67dS3DJ-9EgIBTWsshldRzPwIAAABYUgAAAAhoAQeZAnwPCYaSAj88oJQvix96OQ8Y9skNO1pwFef9guXn0ATtwyJz8y2bmAGvKJay-AxmFTIKwYR4C4ikQzFdCY3Kgb3k7Uni_QFcexTbWM50URKbM-xiDP99EKheuwXF9gQc8Tm0iwGX43TauS6Ede6-ABBgYDW_q2i-P9Fnt0Bvplea6kL4jBcJAX-jp9TbBGS1gXPZb0GcqK8rbqRIwHSM38rpuslV_W3IL4qqoWvNMq0rJB-Am_VbCnZdpDhyJO0MkOOKcmxhDBMw22JX1lZN7_NsjuMPHUgnvB1Qc50NGCTSDP-5_n5TKKaIM8XubBipzKBSnZLCNNQuOulmdM0sEhPIunfp4Lqr4HHeSSfp9bWZUj1DCjbR2Gsdk5PSKYxcw7DJ5tCs3BEM0Wo1MNHkVTEGySvJIn90zIIkI6-XvE3syBCPeMIhLRf4ZsNE7XhHgi-bsL14UgALF95-XpAWiKWMQUplj-VJHsHd-rer2BjDcHBT4j3lG_3D12PRyVAPaGa_siHKLj9NMqzmQ6ogZ2mw72sDnoO-EZ10HMDQW4bVNQpr7UElTCdvXPavOkmnqUcb84yldjN0FBMo-euLns-jwKr-16hViuKSpwdSJgPircaMRWV3m-kqPaRHBZdZDx8LFXGZ3qUJZ7iF5FYRczY1KK1Dq0a9gWE-PqSeS_m7kEYFLT1T5VCc0RoHTuDIAFKLmRfH4KWVAcLP5AiLP06IUBxUMR-DHfgbxuvgCf_IJ4aDfK8HS-tpPwImrVRVG-e-dHC5Jgr2i2OcbD1hBA6QNq1rroRI3BgK2uFOTHWCV1J2R45mBiujG-wbuDF6sGi65a7cAm9Zn5FAznU
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FE71 		0
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:56 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid
6982e9c5-3c48-4832-81d0-5d533690a647
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6166585&noaop=3&sortOrderType=0&cb=1622718296610&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1235&pt=871972663&tz=120&viewable=true&ddast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2524215&dpubid=474985&abtst=adh5c-1_vA!ecf_vB!insc_vA!prbdsm6_vB!spa2_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fpopcornfor2.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0bb0a3ccce1ef4d73a8fbe39f400eafbe4ce899e9a10b1902893770efe271a3d

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 03 Jun 2021 11:04:56 GMT
content-encoding
gzip
access-control-allow-origin
https://popcornfor2.com
machineid
1438
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11522-HHN
pragma
no-cache
server
nginx
x-timer
S1622718297.614410,VS0,VE81
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
bsevent.gif
tps20515.doubleverify.com/ Frame 275E 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20515.doubleverify.com/bsevent.gif?impid=968e71840126479fb71c1afce684de18&pltfrm=Linux%20x86_64&cbust=1622718296711556
Requested by
Host: popcornfor2.com
URL: https://popcornfor2.com/content/-news-116414
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:55 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
6/2/2021 11:04:56 AM
event.png
tps20227.doubleverify.com/ Frame 51C3 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20227.doubleverify.com/event.png?impid=deeaff356d8e47bd9a2f3635032b88d7&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=50&vdur=78&eoid=5&msrjs=1421&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1622718297059706
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1421.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:56 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
6/2/2021 11:04:57 AM
event.png
tps20229.doubleverify.com/ Frame 5491 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20229.doubleverify.com/event.png?impid=66d7af7a01db441cadf24bb369d968da&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=42&vdur=51&eoid=5&msrjs=1389&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1622718297094245
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:56 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
6/2/2021 11:04:57 AM
event.png
tps20227.doubleverify.com/ Frame 51C3 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20227.doubleverify.com/event.png?impid=deeaff356d8e47bd9a2f3635032b88d7&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=7&ismms=30&isumms=30&isvelg=1&nvr=2&isgmmims=30&isgmv4mims=30&elmtp=6&isbxdms=2230&b0=2314&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&dvp_vsosnmr=1&lftb=2314&sftb=2314&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=29&dvp_dpr=1&cbust=1622718298057751
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1421.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:57 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
6/2/2021 11:04:58 AM
event.png
tps20229.doubleverify.com/ Frame 5491 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20229.doubleverify.com/event.png?impid=66d7af7a01db441cadf24bb369d968da&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=7&ismms=33&isumms=33&isvelg=1&nvr=2&elmtp=3&isbxdms=2133&b0=2212&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&dvp_vsosnmr=1&lftb=2212&sftb=2212&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=33&dvp_dpr=1&cbust=1622718298092323
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:57 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
6/2/2021 11:04:58 AM
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&tn=DIV&cls=ats-overlay-bottom-wrapper-rendered&ign=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=popcornfor2.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5908398692086138&plah=popcornfor2.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=popcornfor2.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5908398692086138&plah=popcornfor2.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D103 		9 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&adk=1812271804&adf=3025194257&lmt=1622718298&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718298680&bpp=1&bdt=8055&idt=2&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&prev_slotnames=1320941389&nras=1&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&psts=AGkb-H9p7w9flzl9acITZ5JNwnudn-Ogg4g8z4MdrTCP8afjKccfQL9dpXtlcLgWG4B5ZZ9AVOxb4qnf39AU1g&pvsid=871901546580247&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5908398692086138&plah=popcornfor2.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19ed8157c518bb5ef38ca9d026fed886856b7270536e449d67f67c185e31ab0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5908398692086138&output=html&adk=1812271804&adf=3025194257&lmt=1622718298&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718298680&bpp=1&bdt=8055&idt=2&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&prev_slotnames=1320941389&nras=1&correlator=61374092658&frm=20&pv=1&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&psts=AGkb-H9p7w9flzl9acITZ5JNwnudn-Ogg4g8z4MdrTCP8afjKccfQL9dpXtlcLgWG4B5ZZ9AVOxb4qnf39AU1g&pvsid=871901546580247&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=10
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 03 Jun 2021 11:04:58 GMT
server
cafe
content-length
976
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 03-Jun-2021 11:19:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Jun 2021 11:04:58 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210525&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5908398692086138&plah=popcornfor2.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5378994cee2bcf8221b1a9cba21b17dd6a00c5b230fc123b4b6c7e4970c3b0d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 11:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7721
x-xss-protection
0
syncframe
gum.criteo.com/ Frame B501 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=popcornfor2.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=popcornfor2.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1807
set-cookie
uid=57a97a62-872e-4342-82da-27dd1875f6e5; expires=Fri, 03 Jun 2022 11:04:57 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Thu, 03 Jun 2021 11:04:58 GMT
content-length
1129
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5908398692086138&plah=popcornfor2.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 11:04:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 03 Jun 2021 11:04:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 4AC5 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 03 Jun 2021 10:45:44 GMT
expires
Fri, 03 Jun 2022 10:45:44 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1154
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7CF0 		783 B
813 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
552ec2cbdff90cc8275b6e6b12460e7ce907250175499ddccf54f1d4c8d1351d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hLWDfwANeyW0ciMH5v6k9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://popcornfor2.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://popcornfor2.com/

Response headers

expires
Thu, 03 Jun 2021 11:04:58 GMT
date
Thu, 03 Jun 2021 11:04:58 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-hLWDfwANeyW0ciMH5v6k9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame 4AC5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 06:35:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
16189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 06:35:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210525&jk=871901546580247&bg=!5Oel56PNAAaMan2LjGo7ACkAdvg8WqGwzb_yC1Uf802o1LgvyQ_vRW7CKjbCVHBjOpsb05r7LaHbpQIAAABQUgAAAAxoAQcKAFmLBT0KGOETLpLDQTCsX8cex2jobhhPr8R6Ahlo4vevpCwIaLWz-foG7NVBuSyph--mTqXkNVEp9HFOBSwpZUx-NM3d1JbYb2RIdsfq4qFt3lbBq48BCXvAtpkCS-2LXr1L7F4vq2S_IYl6pysP-twVVA0IQjU-DKWvfiyxDPgELIRLjLFeQ6jdqvwhEPhGcg9_iNdtNfMIJjqGQaLNbATDIaSC-_zjTIFuT4JrY42FZ5_yFlI6OLq7snW2fT4kQCpqsECs3qVVJhv2W2XwTDpmgfePI1s0kOz3wmRCReFl7Eewhgqe0EZGftFkajJQUFXiSE4xPXl9-nWbFJWiYOTlY1PYB07DQroN5ly8UEVlmyRx-h4TOSs-yW2u30DHoTWUX2g1WDACKXnV23q7Pr26k1Wln-KjLhG5bOKabjpTAL5K3T_rUrQzcgJi0f2sMR6KyeRbjD3lmSKWfPKLFhnJett9gLv_i87aOyCzTuB5JLlr_sH9bAJUZ8ndxGLfDRSp9fu2FleQpKTNjta5DVwR8g_W2z6R_N_wwLiIK_2wfRxLsJHjKfsA81ORj1ReMTaeND0tb6PE2syOjaGfsOOxoM8OG7n3chiwzoZs779x6br2SSP_mr9fOVN3prKkj7FREh4sXH9uszcDALB17DG2tkVqZ_BCP3IgFt6Cgrlnd-YdC6fUBJ4VgTB2uOWxxrZwew2_Bh4cjVb-5g9EgC3P8nrVV5SXZ81WwDkznlLUpIpI3lY6w8s95TToxl9Av1_Krm9xzqHB1DUmJEGCRS6TNYxCP4jPMM1AvOeXz2afWHf2xy1kOxP3wYs7tuO2mMXxMOzhylNOyFM37KhzZm6SbhlX4WLBIx8O3UUQFgO1Bk9SpoduvgFqcA-anJLxjWltb04SSMoG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6166585&noaop=3&sortOrderType=0&cb=1622718299610&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1235&pt=871972663&tz=120&viewable=true&ddast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2524215&dpubid=474985&abtst=adh5c-1_vA!ecf_vB!insc_vA!prbdsm6_vB!spa2_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fpopcornfor2.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
1994609ff106e2317c7654b37e8ea1189f64f256f09c14a8f5ef7b0fe113d566

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:04:59 GMT
content-encoding
gzip
server
nginx
machineid
1425
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
bsevent.gif
tps20515.doubleverify.com/ Frame 275E 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps20515.doubleverify.com/bsevent.gif?impid=968e71840126479fb71c1afce684de18&mascid=kpgskpkrjg3tpinhtzro0lwhnp260x91&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=319&cbust=1622718299651538
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:58 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=0
Content-Length
860
Expires
6/2/2021 11:04:59 AM
event.png
tps20227.doubleverify.com/ Frame 51C3 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20227.doubleverify.com/event.png?impid=deeaff356d8e47bd9a2f3635032b88d7&gdpr=&gdpr_consent=&mascid=kpgskpkrjg3tpinhtzro0lwhnp260x91&dvp_masver=1421&eoid=8&cbust=1622718300161402
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1421.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.15 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:04:59 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
6/2/2021 11:05:00 AM
event.png
tps20229.doubleverify.com/ Frame 5491 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20229.doubleverify.com/event.png?impid=66d7af7a01db441cadf24bb369d968da&gdpr=&gdpr_consent=&mascid=kpgskpueaew71slc7uufoxjkyqz4fgxf&dvp_masver=1389&eoid=8&cbust=1622718300195642
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1389.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.17 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 11:05:00 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
6/2/2021 11:05:00 AM
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6166585&noaop=3&sortOrderType=0&cb=1622718302610&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1235&pt=871972663&tz=120&viewable=true&ddast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2524215&dpubid=474985&abtst=adh5c-1_vA!ecf_vB!insc_vA!prbdsm6_vB!spa2_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fpopcornfor2.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
1994609ff106e2317c7654b37e8ea1189f64f256f09c14a8f5ef7b0fe113d566

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:05:02 GMT
content-encoding
gzip
server
nginx
machineid
1453
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6166585&noaop=3&sortOrderType=0&cb=1622718305610&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1235&pt=871972663&tz=120&viewable=true&ddast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2524215&dpubid=474985&abtst=adh5c-1_vA!ecf_vB!insc_vA!prbdsm6_vB!spa2_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fpopcornfor2.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
1994609ff106e2317c7654b37e8ea1189f64f256f09c14a8f5ef7b0fe113d566

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:05:05 GMT
content-encoding
gzip
server
nginx
machineid
1406
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6166585&noaop=3&sortOrderType=0&cb=1622718308610&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=6&pv=1235&pt=871972663&tz=120&viewable=true&ddast=V7DUMCFgMgYeuglJbyggQgYeuglJbyggUAAAAGBvQHHDmhcBg0Em03WyyHm81qspoMBpPFYjjbzYawkRMKh0Ej0XazxXK42awmo9VoMlrtBovhFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43CAbkoel0-Fz3esHf8PFb7ja_5TLX-N1-jd9uetlNf5WKsJIQV8LFSkVYSYgrCXOlIqwkxJWCsVIRVhLiSkJaqQgrCXMlnKxUhJWEuFKw2DrX22n0u1UqwkpCXAlHKxVhJSGuJLyVirCSEFcKEktFWEmIKwWJpSKsJMSVhLBSEVYS5ko4WqkIKwlxpeCsVSrCSkJcKXcrFWElIa4knJWKsJIwV8LRSkVYSYgrBWOlIqwkxJVwtFIRVhLiSrlcqQgrCXMlHKxUhJWEuBIuVirCSkJcSSgrFWElIa4UFJaKsJIQVwrWSkVYSYgrCWulIqwkxJVytlIRVhLiSkJbqQgrCXEl3K1UhJWEuFKuVirCSsJcCZcrFWElIa4UJJaKsJIQV8LdSkVYSYgr4WKlIqwkxJWCtVIRVhLiSsJYqQgrCXGl4K3lLt_nrVjMRovRHAAAAAAeALwwciB-AAEAIgAAAAAkAAAAACgCKv4tBC4AAAAAMAAUJDY0AKA4DMRlOTvt_gAAeCgAAQAQwCABOPhJKwEwIbw5AQAAAAAAAABg-f___48ZsCcLkBnQt77oAXjwAXggKjgtYgQAAACQlQ-0ejSpEyqLKgAAgnQrgCsAgIC8aMYR1TAAAACBsQV6WPx-s8Ou8btdBgAAAAAAAABg9n_2jyYk5YGbFmRFsaf2CwgAsPYLCADApm4AAG8BcEFH0IrBYHUBMTsAAACAu____389kNisLC7TYDLYLFaj1WCxck1MvtXGuNvYPMPlyLa9YYiy7dOos6O-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHMNhkuRy7DWuYwOdai5cSzVjhGw7VgMnHNLK6VZ-YxuUWvj-k3sWw2JtMWBQXY9iK4SCeCv-Hjt9xtfstlIpZoThbpRHbZNzYri8s0mAw2i9VoNVisXBOTb7Ux7jY2z3A5su1rtslwOXIZ1jKHybEWLSeetcIxGq4Fk4lrZnGtPDOPyS16fUy_iWWzMZn2jdlkslsMJ8vJvjGbTHaL4WQ52XfoDN_V52xUFrZOj0qmcZ7Mk5n5oHAZLN6fxLSYdmcHv7R1dPp8HmVBZxRev0evQeE5eEzj5a12LG-fzfRxmFDEEsHpIp2IXsbTRSyRPC3Sica5MRmHu5FnYTI5RpaRx-KwTDYLx2C42K18u5VFLFGaLtKJXuO3m15201-lMqwkxpVwsVIZVhLjSuJcqQwriXGlcKxUhpXEuJKYVirDSuJcCScrlWElMa4ULrfO9XYa_W6VyrCSGFfC0UplWEmMK4lvpTKsJMaVwuRSGVYS40phcqkMK4lxJTGsVIaVxLkSjlYqw0piXCk8a5XKsJIYV8rdSmVYSYwriWelMqwkzpVwtFIZVhLjSuFYqQwriXElHK1UhpXEuFIuVyrDSuJcCQcrlWElMa6Ei5XKsJIYVxLLSmVYSYwrhcWlMqwkxpXCtVIZVhLjSuJaqQwriXGlnK1UhpXEuJLYVirDSmJcCXcrlWElMa6Uq5XKsJI4V8LlSmVYSYwrhcmlMqwkxpVwt1IZVhLjSrhYqQwriXGlcK1UhpXEuJI4VirDSmJcKXxrucv3eSsWs9FiNFH_sQGXc8loOZeN5ordYpUAAAAAAAAAAJYwZ94EAAAA4DSg3Wg5XC0XgEIyWxcYBAAAAAAAoLjx4wX4Gz5-y93mt1zGvNkzQazValkDAAAIYAMAAARw6-YtICySAw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2524215&dpubid=474985&abtst=adh5c-1_vA!ecf_vB!insc_vA!prbdsm6_vB!spa2_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fpopcornfor2.com&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
40cf7b44db7531a0f7359fa8cc09a60279464b034c95fe619be00f2bcaa3b1d2

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:05:08 GMT
content-encoding
gzip
server
nginx
machineid
1441
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://www8.smartadserver.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
ac
www8.smartadserver.com/
Redirect Chain
  • https://www8.smartadserver.com/ac?siteid=353075&pgid=1339190&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1622718308688&pgDomain=popcornfor2.com&vpw=700&vph=393&gdpr=1&gdpr...
  • https://www8.smartadserver.com/ac?siteid=353075&pgid=1339190&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1622718308688&pgDomain=popcornfor2.com&vpw=700&vph=393&gdpr=1&gdpr...
129 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=353075&pgid=1339190&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1622718308688&pgDomain=popcornfor2.com&vpw=700&vph=393&gdpr=1&gdpr_consent=&us_privacy=1---&cklb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Referer
https://popcornfor2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:05:07 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8
transfer-encoding
chunked

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 11:05:08 GMT
location
https://www8.smartadserver.com/ac?siteid=353075&pgid=1339190&fmtid=85711&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=R0.1622718308688&pgDomain=popcornfor2.com&vpw=700&vph=393&gdpr=1&gdpr_consent=&us_privacy=1---&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://popcornfor2.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hits1.truehits.net
URL
http://hits1.truehits.net/data/c0003585.js

Verdicts & Comments Add Verdict or Comment

406 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| CKEDITOR object| _taboola function| setImmediate function| clearImmediate object| pbjs object| googletag object| sas function| startAnymindTS object| anymindTS function| fbq function| _fbq string| innity_pub function| innity_adZone function| innity_postbidWrapper function| innity_append_iframe function| innity_write_iframe function| innity_write_feedback string| innity_zone string| page function| pbjsChunk object| _pbjsGlobals object| mnet object| Criteo object| ggeac object| google_js_reporting_queue object| TRC object| _tblConsole undefined| msg object| _comscore object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height number| google_srt object| google_logging_queue object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired object| google_sa_queue object| google_sl_win function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map string| google_user_agent_client_hint string| adopDiv boolean| avaec boolean| adopPassbackFl boolean| isVideoAdEnd function| adop_transform function| noAds function| makeid325 function| adopRun003 function| checkLoad0988 function| listener572 object| _gqid boolean| _gqidtestmode object| adsbygoogle function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id object| gaGlobal boolean| _gfp_a_ function| google_spfd number| google_lpabyc object| e string| gInnity_auctionID object| gInnity_zone object| 16227182920952e0248c2f5fbc function| udm_ object| ns_p object| COMSCORE function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl string| __params_zone boolean| over_size function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator boolean| _gfp_p_ object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| taboola_view_id object| innity_adZoneAsync object| placementData string| nam object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| _tfa object| cmTag undefined| define function| startCMTagMain object| _cm_wfCounters string| lastWfUrl string| category function| shuffle object| arrToUse object| travel object| news object| mobilecontent1 object| mobilecontent1_new object| travelmuted object| movietrailersHD object| movietrailersHDmuted object| widescreen object| movietrailerslight object| landscapeHD object| landscapeHDmuted object| blank object| blankblack object| blankblack7 object| blankblack5 object| blankblack_mob object| blankwhiteHDmpg object| blankblack10 object| blankwhite object| blankwhiteHD object| black_loader object| lightweight object| lightweight_single object| lightweight300600 object| bonnier object| home object| lipstick object| shoes object| art object| infiltrator object| glass object| lemurs object| NBAshoes object| Sunglasses object| Hummus object| Short_food object| Short_swim object| Euro_news object| Automoto_TV object| Uzoo object| SmartDuvet object| Tiger object| Chocolate object| Logan object| Jacket object| Bike object| Kanye object| Cancun object| Smartwatch object| Helicopter object| dogshampoo object| icetea object| charger object| blueysmoothie object| ShortContent object| carbsandwich object| pisatower object| Food1 object| Food2 object| Food3 object| Food4 object| Food5 object| Food6 object| Food7 object| Fashion object| Lifestyle1 object| Lifestyle2 object| Technology1 object| Technology2 object| Technology3 object| Entertainment object| Scrambledeggs object| Spinach object| Bub1 object| Pokemon object| style_hacks object| Motorcycle object| IceCracking object| Manatees object| Daiving object| Fishing_Lure object| Shark object| HundredsManatees object| TigerShark object| MandelaPrize object| Bertram35 object| bushfire object| Snow object| Delta object| Wheels object| Yellowfin object| Grip object| Kawasaki object| Yoga object| Cat object| Chickens object| RZR object| bitcoin object| bmw object| wombat object| koala object| Marsupial object| puppy object| bitcoinMuted object| bmwMuted object| Wallabies object| Bunny object| Pumpkins object| Dogs_Stress object| Dogs_Stress_image object| lightweight300600_short object| playlist function| webpackHotUpdate string| vpaidId function| OvaMediaPlayer object| criteo_pubtag object| criteo_pubtag_prebid_108 object| Criteo_prebid_108 object| google_image_requests object| GoogleGcLKhOms

0 Cookies

5 Console Messages

Source Level URL
Text
console-api log (Line 24)
Message:
pc_mids running!!
console-api info URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs(Line 17)
Message:
Powered by AMP ⚡ HTML – Version 2105242203000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5908398692086138&output=html&h=280&slotname=1320941389&adk=1629319641&adf=526430925&pi=t.ma~as.1320941389&w=640&lmt=1622718292&url=https%3A%2F%2Fpopcornfor2.com%2Fcontent%2F-news-116414&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622718291907&bpp=9&bdt=1281&idt=244&shv=r20210525&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=61374092658&frm=20&pv=2&ga_vid=1112430115.1622718292&ga_sid=1622718292&ga_hid=806830452&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=3911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44744016&oid=3&pvsid=871901546580247&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RGAHuDL7Oi&p=https%3A//popcornfor2.com&dtd=257
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210602-6-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbs-feed-01
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210602-6-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - organic-thumbs-feed-01
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210602-6-RELEASE.js(Line 3)
Message:
TRC.TranslationsManager - language key: th not recognized for feature userx.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
1878cff205e3eb15b35fd683bab7f750.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ad4m.at
adasia-d.openx.net
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
anymind360.com
ap.lijit.com
as.adlooxtracking.com
as.innity.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c1.adform.net
c3.taboola.com
cdn.ampproject.org
cdn.doubleverify.com
cdn.innity.net
cdn.taboola.com
cdn3.doubleverify.com
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
compass.adop.cc
compasscdn.adop.cc
connect.facebook.net
d5p.de17a.com
data.adop.cc
data00.adlooxtracking.com
dclk-match.dotomi.com
dis.criteo.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eu-u.openx.net
ff2a4867648dbe0e068edb0003bb16c6.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hits1.truehits.net
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
jadserve.postrelease.com
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
me.jsfuz.com
mug.criteo.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
popcornfor2.com
portal.blau.de
pr-bh.ybp.yahoo.com
prg.smartadserver.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb0.doubleverify.com
s.amazon-adsystem.com
s.c.appier.net
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.criteo.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.doubleverify.com
sync.mathtag.com
sync.search.spotxchange.com
sync.taboola.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20227.doubleverify.com
tps20229.doubleverify.com
tps20515.doubleverify.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vidstat.taboola.com
wf.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www.viu.com
www8.smartadserver.com
x.bidswitch.net
hits1.truehits.net
104.111.224.62
119.81.192.141
13.248.242.197
139.99.121.205
141.226.228.48
142.250.184.194
142.250.185.98
142.250.186.38
143.204.98.112
143.204.98.68
146.0.227.107
146.59.148.16
15.165.52.101
151.101.113.108
151.101.13.44
151.101.14.49
159.253.128.188
172.105.221.240
178.250.0.157
178.250.0.163
178.250.0.165
18.156.0.31
18.156.12.32
18.195.155.181
185.29.135.226
185.33.221.13
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.86.137.133
185.86.137.32
185.86.138.32
185.94.180.125
188.42.191.196
192.132.33.46
198.148.27.139
199.232.137.44
2.18.233.180
2.18.234.21
2001:4de0:ac18::1:a:3a
202.162.79.112
213.155.156.167
213.254.244.15
213.254.244.17
216.52.2.19
216.52.2.39
216.58.212.162
23.37.38.181
2606:4700:10::6816:1957
2606:4700:20::ac43:4a81
2606:4700:3031::6815:2597
2606:4700::6810:125e
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:802::200a
2a00:1450:4001:803::2006
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400d:802::2001
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:10c:488::4469
2a02:26f0:6c00:2b2::4469
2a02:fa8:8806:13::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::645
3.121.79.35
3.127.92.82
34.251.173.19
35.186.193.173
35.186.253.211
35.241.31.249
35.241.40.233
35.244.159.8
37.157.6.241
52.21.23.66
52.222.158.39
52.222.163.195
52.49.40.147
52.57.38.160
52.59.102.119
54.239.17.112
54.36.109.49
69.173.144.139
78.46.85.162
82.113.101.236
84.200.5.215
85.114.159.93
009720b74cd6779498e3aa1f985734a59770bb3906ab15e15dae09508b6129ec
019a98e9ab6e7b814814f46f34f9e5db241685488dc2d37cef5e214c2f4048b1
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
032ccb6b94d826879010c7d32ba6a74343bc08d2369cc5f7e2bb8fdb6cea73c6
035831fd0e1882f238147cb75cc6807701719aa732cbdc764218589dc910d283
07eedc9e2f2d2df29bb3fc378d3b6d2bf9d51e84ada691758dbdc18a74c92e49
08c7f7a74db8d5c95b02d7800149a7e9f0a45e85a4b5180ffda161b4854e9568
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0bb0a3ccce1ef4d73a8fbe39f400eafbe4ce899e9a10b1902893770efe271a3d
0bec1537e1a863e97be3c54107419a5adbb701232b0e3913b8613449d9331579
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201
0e12d567a48199de2089253e3b38d051475af46c0c215d6fb8b9726978d91944
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98
1599804249239a7bf676ebc2565940e897243cb329350f6b35ed7e52a6e07b83
165f7dfc0d4608d3b66c6967fbe6fcb58c3e756e7ade457b46be5d2acabf2eb3
171f0468c50e393e4de68d8fac24e677412d9080d9ae1cfd710cbf67e53995d8
185c8f0ba5c84bb93c5ce2c23f353a9f5db8d4b7cdb4a03d816867c2a3871ed0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1994609ff106e2317c7654b37e8ea1189f64f256f09c14a8f5ef7b0fe113d566
19ed8157c518bb5ef38ca9d026fed886856b7270536e449d67f67c185e31ab0c
1a44b18d90209a2f3ab8468f036dfb1e50644e1edff0c5c81b78c84415944a46
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1c5563da3d1d8ffdd50815ecffd1c8549c4c8828429322f53effb7fe69814a0d
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e
1e6a8de32f3549cbc9f1c37130992e3505b087fd5050de4a4378ebb86712e165
1f82f5486330c383dd855a7374c611126a26b60364d99bf2a9a36ef8324b1cc5
20064947a7ba1d5876bbc8c1dffaf11fc7092ee5d9fa8b2e8cd66015a68d8bd1
206c572c9778e6bce862d1645129681d7d3f41fd669a9bb426111da817135de4
21bd9459df0e0ef0c64a5f407ff07b6382e6c1c519a22239684fe409625ae039
2354542a0d30f6a015f176904e0bfb7c6999ae88862f21f5204dad5cc88b8836
23bafdfbbc6fac24847fcd5be286e85a8984a993ec24e8d23404f88f4becdd23
251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f
25473141c9a530212a37c0de6e521d14df4b39b17eb8a376b776843e9c4a6e03
2647dcd0adee2f197a77bcae03fb4e10deb16fb9154b3badf002ba2099689ee5
280c1eb4aafe9085d0cfceee2cd0c96123edce8418dd27460cdda9b9a15c9707
2941c654d4fc90da0915020902f64f74bec1b841a2bc0d930665ebb1a58e49ee
297c9b0b785b6b64f662e17ded45f05d0be604d480c00829884035b38bc3a095
2bf72f5a2f96936ad9810f3149d81478157cde9a44cc73e9df90f3d2553d8dcb
2c66ece65aa11af6bbe270d2504741725c280a2a644dba5480644ed136dafa0b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ccb0e5d42e6167ccc065c9ab67c61e72a34bba3df465c678ec8dbc5b957f241
30fe573ed1de35f4e8479942f3d7ed0864489dea01216ca50473f7a6acaedc17
39259f689de4a4b42fe99ce88884ca2d525ccca82c0c7d99e7ab8f900bd24196
395aba58b0fcc0b97807071499234cbdd81997848de3014a541109e04e45d13b
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ab22481dec313568be89a65055bfdbdb850868cb1090752a2ae202a842c8bf0
3b90f60459b17f2ddf447768e249c21c662e70bde6148deff13643982f93f9a6
3ba5369627fc324f2d2c47f44c8da30769d2a3ccbe8110b9bd5eec9585e42a09
3cbc91b08f13856bfdca4216f4827f45654ee8c4daa770f79767d967595194a7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3da70d13898dd96111dad3cee26eb8ba5dcb82cd1c58ed7f9a706f8c978f134c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f51aaba9f9e007840a1fb8583c80647a2b678e679d86edd71c97bda3232360f
3f630a191b479def3ee0f7408cfec54c5e6cad83fec65155d68ef83dcd381714
3f9b64c2311af650b05e7c76458d2a9b4feecc2c6df4101229b9b69af862e179
4055bac4d32f26d4e50efaad16ac10588b3ed75d4e77c86e22ca9affd9821857
40cf7b44db7531a0f7359fa8cc09a60279464b034c95fe619be00f2bcaa3b1d2
4323d926e5e77ed2ba7ad04722c7d3e882d2dba9d211fb87750ae6853154a7d8
444de98d6b324cb44a453ed89eefdb69bfea4ba03a070ab0d92deba04cd5a502
446cc73e92229bee4f3f41fa39bf74caa55ff040eb59d07a4799e2eea3944eed
462350cf18e413f65046f2b1f1cdff263386016a238ee9e677c8658205f3fce1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48bef3c117473be5695f7c4c42342c18d14622e23c420e20d8c5ec6982fe1153
493bd64306dce98e46e22d903fdb73f1d6718e6c6ceb642feb32a6ddebf34bf1
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a649f32038a3d23de6c5d50b6362d52ea9b78261155656ec55dc5b0d51679f8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1dce6e69335b8f3206170ae222b3ec19ddbdff296d357b4a5b4ff24d4eacb0
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8
4e7bcbc8d4514fcd321b7335f475b56a8ba669c96d6e7200e63f382a05ce7cdd
4fedcb94b145f1e6bebc50de849d896e78e6bde1f15e3a57c092d112793a1d8d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5277325d5b271b5c4e2386adf6a74b7a9671a58c6c271053247ba01579776cac
535f4f6fd95e5a58074e7ea4ecae7fe8f3d40fb3725ab65a7ab59781f147d318
5378994cee2bcf8221b1a9cba21b17dd6a00c5b230fc123b4b6c7e4970c3b0d9
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53c1737bf97ae4d686956bf2c7caff015329c9aa554ed0ebfc24893dfbe2fddf
548f093619c9a18a373128119b05211ae778561c894cb6d7340724e66ff84a0a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552ec2cbdff90cc8275b6e6b12460e7ce907250175499ddccf54f1d4c8d1351d
55624acb75615cb7584e40fdb950ccdf7c827d62b74f84d969152000086a25d0
55c4c7bf103af11d67ba6df23c0efe58d458383bd59ca8c9516c36b704629032
561c7dbea8de1c1f53895f5991e4001e07e4ecf89c79d94ea156a7bcee46e74e
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
584b0accadc79e1b7911494b1fa3200666a59fbff926a255428ecd90367f55b3
58a591dd28e68db4bfd32d959f3d6b12112b767742c29067c6283fe0e0c016f1
596941d0a70f914b1234db9e21d87983ed14ceb8c6cf4d9c6024f3ec2d99f900
599a4fe9f6d46db80d5096c0c4d2f216d5f2a044e40a66fc1cd02c772cfb1025
5a41de748d1a4eb56759f0baaf6abed3ee21ec181db4c44f07d0b1253864cea8
5a94e3ed070985127960fd364ab910a948c9534f881176f4116483efdebd33b5
5b6d1902fb031a848a9384af13b55a192a754c13a0f521454891131a591a15af
5c3137d91a031fa13a1237a588cbe6bc3cf45148de400e3c2371ed16227a998f
5ccc3e785cd8e9b3f95a721637dd14595208dc56b4db19b788dc2ddc0262ede5
5e5484fbbe506423ad15726336d41c75108b9b388854405236faef3afcc519fa
60acf9a0f7c6469e002b31d6668c7b2b912998782e6a43c99cc89b1ebae687e7
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61fe798dad0d0f18d77acc8c9dbf6b7d3a639613d024f1b8827152372638452e
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
63e64de90532643fdbf033ffc93b82577940b123e36fd30a4de1f463529e57ec
647c92f76fc64af6c6e3a53076511116ad0063377df632389a1d659c7c749513
64f8efccc1f92d618b9c28fb149115e80e0b11e6120c15af2a397c34989ce395
6638c0a7d9322f8e8959abd8f54a8b1da2fea2aaf9703553fcd788e4d2a6284f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66aec8b722e7bcf87c9f7c3eb5bf174a3cda78ec4e1fe80121815564745d4ad6
67fff3ed7676cbf8696ec06fb6449f2cecb2f6dcfb3967e65381d09a7d7b09ed
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
68684d249ea9077d00190e5fb8026bb328e57a0584487a84925f04388ee6c4d8
6a40c50c628e708c2a68bc9f50ae46fff8da1db2a0c8e2343343a308787d25f9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b514da2aed798bb9c409b346194c0e2b38edfd554f412e4af2717892f5300ff
6bfb44e0a240c1d36c22801ef45084f4502c1eca46ef844a486184ae85e57e92
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
6ff59b8fff6124e1fa043b9d72390d6030931c77a7a11ede37e06815a0b2a312
72da9a2bdb97bec3bf2f6981252daf17fc79c751456664de66e8907697722e90
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
750afe59a26bf8952b85176aac95b52711b1a0cab36f99d857104784dacdb51d
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
754bbd09cc7a950a98690b40f3b60ef8250986f2f1b1d5d2bde0094fc9b202b7
773e5bbc4fb9297bc224eb406ea65168fe8d36586ff15b997e373943bbf0e643
776de058825ec91e4f42eb17bb00b3ea609b835c0ce1eba8e551fd5e942f7b16
78484aa368605f4d60b41ccc082c8be54ecd8033add9d708a15666c1cec58e6f
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7df29d096a4e131b99a46fd8516a95035f8588c5833ef86ebc3ea0d632d3c362
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f4203eee6fbb5f9194eee6955bfc91cc328154c82f1be75a459e5d2a6200ad7
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85c18891eb809f9bb107a23126774655dc39439ddff4af52ed39df7fb18ac72d
85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965
8613c83bfc14870ca75e75432aa71df3cd2e3d36116bbd353f06aa21a4162f01
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
87847e7e583a7c678697fce846181b5104f65b1daafdb3a66a8488529829868d
886eb2d8dd4858d03512a06cfc6ada3664af3d00e4bf32b80e5aab3d5b903eda
888a640d12a3841df0061289d6488bb3a4fda96edf0cd14c08ad92d4bf71b98c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db01293cefc880f4de07650664302948f95d070ece210c49673b9e758ad3f84
8febf71611604c367ef5865b9b4bbe037410ec9e62ffbc74ac1471e62ff2be07
90de19ec920fb510d111757bc7b3195aa4993ce277c81a425bfcb8cf2db61cef
9471fc2b390647abb187e157a67f6e89d72b0a227c5f1155d793da1bfa82f8dd
95817c67634ad129f8e9c425bbdf1b673e14ca3651659cb818fcf978e25ec224
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
97725b58061a739b37771c81bec6532aeaf5362f4d96cd9fbd5447fdd081396b
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
98614c6feb29562e328f6367244359681aae10928b9e4e986905caf0af2e6deb
98b79c969c618513a228a7ae2379703be8044e0cefa7a7252f7052754ddfda58
99ee441510a93b7123a9ea73f14a527fac26ce8a93f4cc7a3bbbacd30aa00063
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aaf38b063992a4ca096fbf98cafa39819aa68da899e8e6c0345d6a576dd8b44
9b489d02f44a4c62bcb9add3710722bace319b9ae208ef12b56514314e56e32d
9c6266a78d33a7222598a29b83c9656d04edc480e5544281a4992bc278378035
9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357
9e787e913bedcf9456405b99ee2afd397a9387b056ad3096c99b35f0863384a5
9ec07790a53b3f53ed2839b3da8d9a1933b5d1d9097eed67ffea9adbfab7c7f9
9f11f98038b8e65631930989a62668accaad5092dcc65806a127171b3d82fb12
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a167afc461bc3d29eae4005e5f5dad70990a506737015724b2b8999b856a635a
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c023fa7c31344c4a5e0ba92359a9c131a006e7ee9eeedb4a87423fafbec375
a2fc02481d03c6e4f675d3a0c676d3cf9c43e09e9cb4b67879a25f4c71174482
a3570e6a2be5521b069b3ef85b708ef89cd3d2cb3bfcfdbd0b24a99676625b23
a41961e0d9a6bd44051bc60fdaab657e7e86e23e8c3a859540c0999a70449079
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a884a31ee3d75ffacefe46610674d968dd2623dd972a03eae13ed549bd0fad93
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c
ab099ea7cfa35a68e348fadd6f3f21977465cddb240bdb42a6063f8ec3bcc886
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
b12be2bd8befee1064b293236eea529c4e2e49b0d87b16081a0f0b5ea5e59f44
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e8bf91184d1d6e8b046a770e7b654df71423ed038267b365fbe2162c0f50eb
b3bd0e94be6cf427db82c6933bf6a3db4653da1dc1f489b9ad8ad08442979ff4
b49dfc9938cda2c13d74642213c8cefbb67d61d17aebe29cd0a8b2659169aa77
b6b0cae917b7cab30c559158025a1bbd5d2a026aa792934722b30e075abdf65f
b7f66a926061e968da66d7fb4d87e45c24dc934a20ff0abfa636a1b3ecd91cec
b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d
b98a31a2e279e9ddc8c68c0f0d35a03fd6cabb0d4fe7cce8b5ea0f3d1f7c5bf6
bb4dc74bdeb98921069d998b4ae43f5978bea7f91b26b16c87d29277891feb7d
be31abd1ee0f3d0e3bef32d98c53c57a758cede23df23fc3f7ae53332023fe2d
be3b48dbe04f652fba8973decb94e84bf9e06fd3b0d0beddfe8859d11ccd7576
bed83f2820f81eb20ffb3d03834ebd7f964c96484eb5c3e1f491ee865c3cacaa
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
bfda53b675c4babacc545df4e60b99004a8bfec1e0485373a1444d7514b29de6
c0d25e811ae93b7cc04b1e2f712c5e6a969aa5770f241bb949d65dc4b8230b10
c1759e37e41c88b92d65a9e3fe0d1b4451703083fce97835e8b39281bff84abc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c316c74988a96ef127eba34083ea8979c0e02852c30fefc6e1117239ea6e5f66
c353d2a6da11f5a6bbf11ee81586d1bf2298c024f67d14598724c0028ba6cb63
c459c5fca5d46b8e4743b1351199db7d6daa118a8518990b69ea58decd736796
c4867130456ceb9e2a8d69e5eb2bba9e349518a86945eaaeffe55289f7839c06
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d4c33669a93a5b7e4538dd70f448bebe04d55adf5f628a1a617afdf2978ae2aa
d522ceba20f12d2594bca7ab06bc6cc877e8ee1c5d94c2ae3c3af0d90c38ccc6
d56b91115caaca1e6774ecaa48c9fc40be6d9f2ed6ebb46b7f11f182a543189b
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
daf5e62d38c305304e7f4c1c220cfd611994ed41282b6c001bba07c8c95989b2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd1c811271f1cb23decdb96cc5a350343eadc09df545417a10db1338507049da
e15eecb353d8723e3a7e8597a71060ca5e7887f7f42ff4d1e28a844352fb3f33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b8fff12df2d5aa8ebc515302934d8b4ee4fa913fcf562729305c09be1fbed
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e58c7574cfd80a0be2e2368f3313ab30ac688f14d078a367ed45ffc03b51bf71
e5ffaa00876e9b4b6d949863a205cd5563e07e1d59db148fcd45ed7603730d5c
e7cb666fdce72b534f769681c7d269b31b721f22897c1188c349631b2fadd508
eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820
eb0f4d827457fe98bf53b2f15bab971abf6b38a4cfc8c12bcb0c8e3d672a70c7
ebd643fa0d5226695fd8c8c08e042ffb960f3c287c7abd60dfc21996877f9390
ebe82920eef81e4bb40e4830db9ec575f255c65fe5a1e6a383795291d1f46d20
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08c909a96af173d1385ab70ef663fb8b7b265b4af1c1824c0e9e3939f9410d5
f29df7081519f60c495e46528a5bb0649910a86efaf66afe358c2706e90d02aa
f35d7d396b9f92bdf60aaa0f6f14a0182b09a25783b5c26b03f47cf59efbfd68
f606a66da878c391e755c803301e2a2191a60d69f1bec66fe95dc4bc8b540f43
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
f8bd3352da23102cdf6b4f8793b24fa55f2eae7638caa7c3821437dfc4b9d8bb
fa64746adfcaff960f137fdb035f6fba9d2ec695e31265a7dfff57d72811b10c
fe215aa5b96ce22327be6d4d81c361f1136de9e24391fd3f2387eb24ba4746e8
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b
fec66f10a0feefafcfbbbb988173e7a6024c6ecdc6b882c4eb6ed30f1c544351
fed2392e7f78b89df766488d7e920ab2c61c40387948ad2cbced196978c818d2