www.slashgear.com Open in urlscan Pro
35.222.52.199 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/fCS8oeenv2?amp=1
Effective URL:
https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/
Submission: On July 30 via manual (July 30th 2021, 5:59:54 pm UTC) from US

Summary HTTP 278 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 53 IPs in 8 countries across 43 domains to perform 278 HTTP transactions. The main IP is 35.222.52.199, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.slashgear.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 3rd 2020. Valid for: a year.

This is the only time www.slashgear.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 5	216.144.248.138 216.144.248.138	46475 (LIMESTONE...) (LIMESTONENETWORKS)
1	35.222.52.199 35.222.52.199	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	68.232.34.149 68.232.34.149	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2.16.186.144 2.16.186.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
26	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	13.224.90.44 13.224.90.44	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 5	13.224.96.53 13.224.96.53	16509 (AMAZON-02) (AMAZON-02)
4	2.21.172.90 2.21.172.90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 5	54.246.201.247 54.246.201.247	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:219... 2600:9000:2190:5200:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
10	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	52.71.45.67 52.71.45.67	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	35.202.23.71 35.202.23.71	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.253.169.181 34.253.169.181	16509 (AMAZON-02) (AMAZON-02)
2	63.34.231.123 63.34.231.123	16509 (AMAZON-02) (AMAZON-02)
44	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	13.224.96.56 13.224.96.56	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	44.193.70.245 44.193.70.245	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.228.137 104.111.228.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:217... 2600:9000:2176:6400:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
1	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
3	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:191::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5 17	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
6 10	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
6	23.47.213.73 23.47.213.73	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	18.197.99.6 18.197.99.6	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	44.194.225.67 44.194.225.67	14618 (AMAZON-AES) (AMAZON-AES)
2 2	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	35.72.120.200 35.72.120.200	16509 (AMAZON-02) (AMAZON-02)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
278	53

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.144.248.138 (United States) 1 redirects

ASN46475 (LIMESTONENETWORKS, US)
PTR: 138-248-144-216.static.reverse.lstn.net

cmun.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.222.52.199 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 199.52.222.35.bc.googleusercontent.com

www.slashgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 68.232.34.149 (United States)

ASN15133 (EDGECAST, US)

cdn.slashgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.144 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-144.deploy.static.akamaitechnologies.com

cdn.nsstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bb40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

g.pcmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.96.53 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-53.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.172.90 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-172-90.deploy.static.akamaitechnologies.com

cdn.static.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ns.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.246.201.247 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-201-247.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2190:5200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.71.45.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-45-67.compute-1.amazonaws.com

gurgle.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.202.23.71 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 71.23.202.35.bc.googleusercontent.com

stats.gixioanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.169.181 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-169-181.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.231.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-231-123.eu-west-1.compute.amazonaws.com

zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-56.zrh50.r.cloudfront.net

bee.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.193.70.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-70-245.compute-1.amazonaws.com

jogger.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-137.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2176:6400:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

djb8d2owpb6vps4sq6jzb4zk9n2xf1627667977.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:191::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.234.21 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.47.213.73 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-213-73.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.159 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.99.6 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.225.67 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-225-67.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.72.120.200 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-120-200.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

google.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com	742 KB
50	doubleclick.net 5 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	299 KB
30	slashgear.com www.slashgear.com cdn.slashgear.com	471 KB
29	2mdn.net s0.2mdn.net	221 KB
11	imrworldwide.com 2 redirects secure-us.imrworldwide.com cdn-gl.imrworldwide.com bee.imrworldwide.com djb8d2owpb6vps4sq6jzb4zk9n2xf1627667977.nuid.imrworldwide.com	72 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com	9 KB
10	teads.tv a.teads.tv s8t.teads.tv t.teads.tv	135 KB
9	zdbb.net cdn.static.zdbb.net ns.zdbb.net gurgle.zdbb.net zdbb.net jogger.zdbb.net	28 KB
8	google.com 3 redirects adservice.google.com www.google.com	1 KB
6	googletagservices.com www.googletagservices.com	214 KB
5	ampproject.org cdn.ampproject.org	101 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	4 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	33 KB
5	cmun.it 1 redirects cmun.it	25 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	gstatic.com fonts.gstatic.com	70 KB
4	cloudflare.com cdnjs.cloudflare.com	108 KB
3	rfihub.com 2 redirects a.rfihub.com p.rfihub.com	3 KB
3	amazon-adsystem.com c.amazon-adsystem.com	4 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	978 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	938 B
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	bumlam.com sync.bumlam.com	780 B
2	sniperlog.ru 2 redirects sync3.sniperlog.ru	742 B
1	beeline.ru 1 redirects google.ops.beeline.ru	764 B
1	adingo.jp cc.adingo.jp	44 B
1	fksnk.com 1 redirects fksnk.com	619 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	481 B
1	bluekai.com stags.bluekai.com	338 B
1	krxd.net cdn.krxd.net	393 B
1	bkrtx.com tags.bkrtx.com	16 KB
1	google.ch adservice.google.ch	853 B
1	adsafeprotected.com pixel.adsafeprotected.com	2 KB
1	adnxs.com ib.adnxs.com	1 KB
1	gixioanalytics.com stats.gixioanalytics.com	276 B
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	659 B
1	pcmag.com g.pcmag.com	323 B
1	googletagmanager.com www.googletagmanager.com	38 KB
1	nsstatic.net cdn.nsstatic.net	141 KB
1	t.co t.co	490 B
278	43

	Domain	Requested by
44	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com www.slashgear.com securepubads.g.doubleclick.net 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com cdn.ampproject.org
29	s0.2mdn.net	t.co s0.2mdn.net 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
29	cdn.slashgear.com	www.slashgear.com t.co
26	pagead2.googlesyndication.com	www.slashgear.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com t.co
17	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
10	securepubads.g.doubleclick.net	cdn.nsstatic.net securepubads.g.doubleclick.net www.slashgear.com
6	t.teads.tv
6	www.google.com	3 redirects tpc.googlesyndication.com www.slashgear.com 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
6	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	secure-us.imrworldwide.com	2 redirects www.slashgear.com
5	sb.scorecardresearch.com	1 redirects cdn.nsstatic.net www.slashgear.com
5	cmun.it	1 redirects t.co cmun.it
4	googleads4.g.doubleclick.net	t.co
4	cdn-gl.imrworldwide.com	www.slashgear.com secure-us.imrworldwide.com cdn-gl.imrworldwide.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	www.slashgear.com tpc.googlesyndication.com securepubads.g.doubleclick.net
4	cdnjs.cloudflare.com	www.slashgear.com cdnjs.cloudflare.com
3	a.teads.tv	securepubads.g.doubleclick.net s8t.teads.tv
3	8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	cdn.static.zdbb.net	cdn.nsstatic.net cdn.static.zdbb.net
3	c.amazon-adsystem.com	cdn.nsstatic.net
2	ap.lijit.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	a.rfihub.com	1 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	sync.bumlam.com	8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
2	sync3.sniperlog.ru	2 redirects
2	zdbb.net	www.slashgear.com cdn.static.zdbb.net
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	gurgle.zdbb.net	www.slashgear.com cdn.static.zdbb.net
1	google.ops.beeline.ru	1 redirects
1	cc.adingo.jp	8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
1	fksnk.com	1 redirects
1	p.rfihub.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	s8t.teads.tv	a.teads.tv
1	stags.bluekai.com	tags.bkrtx.com
1	cdn.krxd.net	cdn.static.zdbb.net
1	djb8d2owpb6vps4sq6jzb4zk9n2xf1627667977.nuid.imrworldwide.com
1	tags.bkrtx.com	cdn.static.zdbb.net
1	jogger.zdbb.net	cdn.static.zdbb.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	bee.imrworldwide.com	secure-us.imrworldwide.com
1	pixel.adsafeprotected.com	cdn.nsstatic.net
1	ib.adnxs.com	cdn.nsstatic.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	stats.gixioanalytics.com	cdn.slashgear.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ns.zdbb.net	cdn.nsstatic.net
1	g.pcmag.com	cdn.nsstatic.net
1	www.googletagmanager.com	www.slashgear.com
1	ajax.googleapis.com	www.slashgear.com
1	cdn.nsstatic.net	www.slashgear.com
1	www.slashgear.com	cmun.it
1	t.co
278	62

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.youtube.com
www.reddit.com
reddit.com
facebook.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.commun.it Sectigo RSA Domain Validation Secure Server CA	`2020-04-29` - `2021-04-29`	a year	crt.sh
www.slashgear.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-03` - `2021-10-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
cdn.slashgear.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-25` - `2022-06-25`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
www.ziffdavis.com COMODO RSA Organization Validation Secure Server CA	`2021-03-03` - `2022-02-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.zdbb.net Amazon	`2021-05-05` - `2022-06-03`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
stats.gixioanalytics.com R3	`2021-07-12` - `2021-10-10`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
zdbb.net Amazon	`2021-02-25` - `2022-03-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-07`	a year	crt.sh
*.nuid.imrworldwide.com Amazon	`2021-06-11` - `2022-07-10`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.bumlam.com R3	`2021-07-01` - `2021-09-29`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-14`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/
Frame ID: 7DABF883D0C1689AED64827638DE84A0
Requests: 102 HTTP requests in this frame

Frame: https://cmun.it/javascripts/xdomain_cookie.html?t=1627667974009
Frame ID: 7A9B4DD48BE66EB928D57EE30D32BAA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210728/r20190131/zrt_lookup.html
Frame ID: FC86FE948DB1BF4C786CA2C5F0850AE2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=285&slotname=7713392594&adk=2092238195&adf=383669989&pi=t.ma~as.7713392594&w=346&lmt=1627667976&rafmt=12&psa=0&format=346x285&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976409&bpp=4&bdt=317&idt=116&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&correlator=103970874507&frm=20&pv=2&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=457&ady=931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=eW3DiXLpK3&p=https%3A//www.slashgear.com&dtd=136
Frame ID: D3CEED0D47D067A59BB201949DF07A02
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=280&slotname=1358470999&adk=1833265905&adf=2596562503&pi=t.ma~as.1358470999&w=336&lmt=1627667976&psa=0&format=336x280&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976413&bpp=1&bdt=321&idt=141&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=462&ady=3256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PxWHqJ5nY8&p=https%3A//www.slashgear.com&dtd=144
Frame ID: 34FE5D4562BD5AF02F37C12DBE847679
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=250&slotname=9079582994&adk=151233876&adf=1647781436&pi=t.ma~as.9079582994&w=300&lmt=1627667976&psa=0&format=300x250&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976414&bpp=1&bdt=321&idt=174&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285%2C336x280&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=211&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kKtPEjJLAB&p=https%3A//www.slashgear.com&dtd=178
Frame ID: 8F1934CE46C9E421C8EDBDB88E34D63C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&adk=1812271804&adf=3025194257&lmt=1627667976&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976426&bpp=1&bdt=333&idt=174&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285%2C336x280%2C300x250&nras=1&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=182
Frame ID: A377D5E48F26E2B3687570EB9BCD8ED0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/index.html
Frame ID: BD48AACB7772E47C8E175DA5785BFD1A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E5CE1C25E0C97F77599CDE61971A3AC1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 04FF8D8C16C46B16EDE5273071D3757B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Frame ID: 42C18677DCCE6A5047315D461AE73E74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F7FA7F21312106977E970C816B38EF6C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Frame ID: ACEF01655122171B47FF6B3E0169216A
Requests: 1 HTTP requests in this frame

Frame: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FF502A825A9CABFC949FA454D33103E8
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: B1C7BD5739895BCC3C62645A42C14357
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 18551ADCDAB3065A9F31E5ACB8E0134C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D240B0A18739BF8B773CEF6473D56D99
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Dslashgear.com&phint=referer%3Dhttps%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&phint=bbseg%3D1100549&phint=bbseg%3D7309&phint=bbseg%3D900109&phint=bbseg%3D900110&phint=bbseg%3D900111&phint=bbseg%3D900241&phint=bbseg%3D900115&phint=bbseg%3D900255&phint=bbseg%3D900002&phint=bbseg%3D900263&phint=bbseg%3D900138&phint=bbseg%3D900139&phint=bbseg%3D900140&phint=bbseg%3D900015&phint=bbseg%3D900146&phint=bbseg%3D900276&phint=bbseg%3D900152&phint=bbseg%3D900282&phint=bbseg%3D900156&phint=bbseg%3D900157&phint=bbseg%3D900286&phint=bbseg%3D900159&phint=bbseg%3D900160&phint=bbseg%3D900033&phint=bbseg%3D900162&phint=bbseg%3D900166&phint=bbseg%3D900294&phint=bbseg%3D900168&phint=bbseg%3D900041&phint=bbseg%3D900042&phint=bbseg%3D900169&phint=bbseg%3D900170&phint=bbseg%3D900172&phint=bbseg%3D900173&phint=bbseg%3D900296&phint=bbseg%3D900049&phint=bbseg%3D900305&phint=bbseg%3D900306&phint=bbseg%3D900307&phint=bbseg%3D900309&phint=bbseg%3D900311&phint=bbseg%3D900059&phint=bbseg%3D900315&phint=bbseg%3D900061&phint=bbseg%3D900189&phint=bbseg%3D900190&phint=bbseg%3D900192&phint=bbseg%3D900317&phint=bbseg%3D900320&phint=bbseg%3D900195&phint=bbseg%3D900327&phint=bbseg%3D900200&phint=bbseg%3D900332&phint=bbseg%3D900207&phint=bbseg%3D900336&phint=bbseg%3D900082&phint=bbseg%3D900085&phint=bbseg%3D900341&phint=bbseg%3D900092&phint=__bk_t%3DBIG%20Shiny%20Pokemon%20GO%20leak%3A%20See%20Galar%20get%20bright!%20-%20SlashGear&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Fcmun.it%2F&phint=__bk_l%3Dhttps%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&phint=__bk_v%3D3.1.10&limit=10&r=46417560
Frame ID: 4CDD0384AEE25DEBBB8F7ECD0BBEAE83
Requests: 1 HTTP requests in this frame

Frame: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F4DA9131C36BB8ADEC7DA5D7F7301C41
Requests: 14 HTTP requests in this frame

Frame: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3D6E78D1CC6EB89ADC073C4F2F9EBF50
Requests: 15 HTTP requests in this frame

Frame: data://truncated
Frame ID: F500C5D767C08A1EE54B5B9006496700
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: 1E9BFA2D5B47857C85652C1B105321D5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: 6B95860D84708C0DD31B9B570136CFC1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: 9E9C2057815F5342D7856FE3FFEC9493
Requests: 3 HTTP requests in this frame

Frame: https://a.teads.tv/page/92146/tag
Frame ID: 3A3F288AC9D5C8484481D28EC889E50D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs
Frame ID: A1E9382D27388F1B1400E62AC6CFF3B9
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: 2962ED73337CD5A2B70186543DF1E574
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNXgvTGhSzA5l3NtcUYv2mA_ndm3fwewvpmHHPggo7KvHhHJOuRC6m_8L6-9uDr3J60ydmEPm7f5HiM1HsieETkde9rlVw
Frame ID: 2604DFD0BF91300C123A6BD0268B1292
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNWAsV_cLO2ndpUT99Zh0sIwqY-XgQiOlmGd2Cc434OfBUM1PH8BiKc1DcHTOByyDmGYNNT0pExJcv9eap-5ueRZKXEBBA
Frame ID: 9337F86E3FC47C56841DEC4AF99DAA90
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/9774257/838241088266301/index.html
Frame ID: F87D1154575D2A6BF28A5198B886F0E1
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 27EBFC0F7C62354765A765D4029A6D23
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C5FAC87F74CEC0C0DEA2E661B7D809F6
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/9774257/838239135150656/index.html
Frame ID: 1F75C2C1628523447CA392DE7F7BC597
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F2CBD7B32E2217AEB69D26BA772CE09E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DFA17CA91F4F9D3FB33370229A299B80
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/fCS8oeenv2?amp=1 Page URL
https://cmun.it/eh9qcxwi HTTP 302
https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=162766... Page URL
https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

278
Requests

96 %
HTTPS

38 %
IPv6

43
Domains

62
Subdomains

53
IPs

8
Countries

2751 kB
Transfer

6677 kB
Size

16
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/slashgear
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SlashGear
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SlashGear
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/TheSilphRoad/comments/grok0v/galar_assets_added_pokeminers/
Title: PokeMiners

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=BIG+Shiny+Pokemon+GO+leak%3A+See+Galar+get+bright%21&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&via=SlashGear
Title: Twitter

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&title=BIG+Shiny+Pokemon+GO+leak%3A+See+Galar+get+bright%21
Title: Reddit

Search URL Search Domain Scan URL

URL: https://facebook.com/slashgear
Title: Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/fCS8oeenv2?amp=1 Page URL
https://cmun.it/eh9qcxwi HTTP 302
https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=1627667973 Page URL
https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://cmun.it/eh9qcxwi HTTP 302
https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=1627667973

Request Chain 51

https://secure-us.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 68

https://sb.scorecardresearch.com/b?c1=8&c2=6036316&c3=1&ns__t=1627667976610&ns_c=UTF-8&cv=3.5&c8=BIG%20Shiny%20Pokemon%20GO%20leak%3A%20See%20Galar%20get%20bright!%20-%20SlashGear&c7=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&c9=https%3A%2F%2Fcmun.it%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=8&c2=6036316&c3=1&ns__t=1627667976610&ns_c=UTF-8&cv=3.5&c8=BIG%20Shiny%20Pokemon%20GO%20leak%3A%20See%20Galar%20get%20bright!%20-%20SlashGear&c7=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&c9=https%3A%2F%2Fcmun.it%2F

Request Chain 96

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 116

https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1627667977519&ci=ziffdavis&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&rp=https%3A%2F%2Fcmun.it%2F&sr=1600x1200&tz=2 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1627667977519&ci=ziffdavis&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&rp=https%3A%2F%2Fcmun.it%2F&sr=1600x1200&tz=2&ja=1

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&C=1

Request Chain 201

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQQ.Cx5qwVyOLPdX05jqIgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&google_hm=2

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&C=1

Request Chain 204

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQQ.Cx5qwVyOLPdX05jqIgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&google_hm=2

Request Chain 235

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEK19MUNR6MYf0M_hbdwA60U&google_cver=1&google_push=AYg5qPJQvzmbBJBjeutfRgTChANgMhoMG1lucS49yJGtIRcb_qhzQ1CVHEhsQ5hCE2-watuB-DRkvOem1Ka5YgwbVeRVWNYKGdWafg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJQvzmbBJBjeutfRgTChANgMhoMG1lucS49yJGtIRcb_qhzQ1CVHEhsQ5hCE2-watuB-DRkvOem1Ka5YgwbVeRVWNYKGdWafg&google_hm=OmBRk5LwTX2buODDbFGBc6I

Request Chain 236

https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEJAnyZmFhXiWGtT3GR3LIEQ&google_cver=1&google_push=AYg5qPLwtkQxJlxtpbYGymLI3ak4epcb-e5XXJQPXZ1jPZ2y7gZZ6UGOPULjIKAqZvP1xGPdQ7qxit83vu0xEFDPqYdamfZovuwpzQ HTTP 301
https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESEJAnyZmFhXiWGtT3GR3LIEQ&google_cver=1&google_push=AYg5qPLwtkQxJlxtpbYGymLI3ak4epcb-e5XXJQPXZ1jPZ2y7gZZ6UGOPULjIKAqZvP1xGPdQ7qxit83vu0xEFDPqYdamfZovuwpzQ

Request Chain 237

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPFwGMTfNsIIcQI0m2zFvaQ&google_cver=1&google_push=AYg5qPIm1IHiBhR8gyGPV8sDp-iuaZBQQvEzkYGjg8nlgdrRD3B9TmfhY5SFSZcrBEVMU_RIQ6F9DpecBEaBK0GRJ_KJeRoY6J4ieQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPFwGMTfNsIIcQI0m2zFvaQ&google_cver=1&google_push=AYg5qPIm1IHiBhR8gyGPV8sDp-iuaZBQQvEzkYGjg8nlgdrRD3B9TmfhY5SFSZcrBEVMU_RIQ6F9DpecBEaBK0GRJ_KJeRoY6J4ieQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SgBtIrjHStiF3aksJOlDqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIm1IHiBhR8gyGPV8sDp-iuaZBQQvEzkYGjg8nlgdrRD3B9TmfhY5SFSZcrBEVMU_RIQ6F9DpecBEaBK0GRJ_KJeRoY6J4ieQ

Request Chain 238

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKF4qw8B4N9js386iE5uwu8&google_cver=1&google_push=AYg5qPK1YCRl32g84n9AdmoU3gCpT9b5Rid3Sp8SjQO821Fs7hiwPmI7lBS5BcX_5zspviUW1ZgVa_6sTJXIZfgSqrXY6e-4oa7qxSo HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKF4qw8B4N9js386iE5uwu8&google_cver=1&google_push=AYg5qPK1YCRl32g84n9AdmoU3gCpT9b5Rid3Sp8SjQO821Fs7hiwPmI7lBS5BcX_5zspviUW1ZgVa_6sTJXIZfgSqrXY6e-4oa7qxSo&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKF4qw8B4N9js386iE5uwu8&google_cver=1&google_push=AYg5qPK1YCRl32g84n9AdmoU3gCpT9b5Rid3Sp8SjQO821Fs7hiwPmI7lBS5BcX_5zspviUW1ZgVa_6sTJXIZfgSqrXY6e-4oa7qxSo&apid=UPe8a0c791-f15f-11eb-9bd3-024aa993177c HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKF4qw8B4N9js386iE5uwu8&google_cver=1&google_push=AYg5qPK1YCRl32g84n9AdmoU3gCpT9b5Rid3Sp8SjQO821Fs7hiwPmI7lBS5BcX_5zspviUW1ZgVa_6sTJXIZfgSqrXY6e-4oa7qxSo&apid=UPe8a0c791-f15f-11eb-9bd3-024aa993177c&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlOGEwYzc5MS1mMTVmLTExZWItOWJkMy0wMjRhYTk5MzE3N2M%3D&google_push=AYg5qPK1YCRl32g84n9AdmoU3gCpT9b5Rid3Sp8SjQO821Fs7hiwPmI7lBS5BcX_5zspviUW1ZgVa_6sTJXIZfgSqrXY6e-4oa7qxSo

Request Chain 239

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEB-wCURftZpuHra3UH0Xt3U&google_cver=1&google_push=AYg5qPIzKP3GyrBXP972GUl-56bC1phWt0-re4gCnr3Zn4Qj7XanD97hwNj6dkqltc-gHHRYRJFdDjKs5Ln8lfmfKSJG7bqOjTzcExQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPIzKP3GyrBXP972GUl-56bC1phWt0-re4gCnr3Zn4Qj7XanD97hwNj6dkqltc-gHHRYRJFdDjKs5Ln8lfmfKSJG7bqOjTzcExQ&google_hm=NTA2MTkyODEwODUyNjYwOTE5Mw==

Request Chain 241

https://ads.avads.net/sync/ggl?google_gid=CAESELm-MOQNUgrA9sxpN9cZVeU&google_cver=1&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://ads.avads.net/sync/ggl?google_gid=CAESELm-MOQNUgrA9sxpN9cZVeU&google_cver=1&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw&av_tc=True HTTP 302
https://ads.avads.net/sync/ggl?google_gid=CAESELm-MOQNUgrA9sxpN9cZVeU&google_cver=1&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw

Request Chain 244

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEF133d_u7r3NOW-iroxiB78&google_cver=1&google_push=AYg5qPID4C5YV2a0uyf1nvw6FR1SBlgDJYtcnkZOwiGNcjju1QNUItyZHQxAqzTlA3ivPVd9-IjtujtcArnhy2ujphfb0k_Ewk_j HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPID4C5YV2a0uyf1nvw6FR1SBlgDJYtcnkZOwiGNcjju1QNUItyZHQxAqzTlA3ivPVd9-IjtujtcArnhy2ujphfb0k_Ewk_j&google_hm=MjE0NjQ1NjkyNjM4NzQyNzk1OQ== HTTP 302
https://a.rfihub.com/cm?pub=445&google_error=5

Request Chain 245

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDLe0IMBJPCUijVItT8j-KA&google_cver=1&google_push=AYg5qPI_EvNrFMuaTK3Bn1eiNpjtbCfvDD9FNEeaTFP_oMMR8Wb8zS19S930Us_dQ_XeN6CqUg_ylHT6r9VxbBCHry2kcZ2Yu3-J HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEDLe0IMBJPCUijVItT8j-KA&google_cver=1&google_push=AYg5qPI_EvNrFMuaTK3Bn1eiNpjtbCfvDD9FNEeaTFP_oMMR8Wb8zS19S930Us_dQ_XeN6CqUg_ylHT6r9VxbBCHry2kcZ2Yu3-J HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=KxLPojTGTsS2X2Li2xAVPGEEPgs

Request Chain 246

https://fksnk.com/cs/google?google_gid=CAESELdHLXDYibu46ZVc_DVYXWY&google_cver=1&google_push=AYg5qPLqhDH9UGpQk3R1tub1qloKMGAx7GkSrntKgh0e-jauJD-Y4F8CoNA--RwK0FGNT6SMx4aNstnfcrTxdl3Z81vzQCmvUs9- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QkFGNzAzODU4QkRDRjZCQg==

Request Chain 247

https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEJAnyZmFhXiWGtT3GR3LIEQ&google_cver=1&google_push=AYg5qPIxKmwbD3dJouXMODIwK01YLe25SR9hnAdgcsUPsA6NLClNOXIjmq9iKEe68wyJtcwxJGX9hheGknmVxPjWwyWMQXVpDwcg HTTP 301
https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESEJAnyZmFhXiWGtT3GR3LIEQ&google_cver=1&google_push=AYg5qPIxKmwbD3dJouXMODIwK01YLe25SR9hnAdgcsUPsA6NLClNOXIjmq9iKEe68wyJtcwxJGX9hheGknmVxPjWwyWMQXVpDwcg

Request Chain 248

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEABfEGhY8QSTDKXNDXmpeJk&google_cver=1&google_push=AYg5qPK-4lqSyRzh6KFiw3yuKiUa5N4iCEU9mKM2paYWXBe3ekZ7MBwdTC3prqOsu7_sgectkj_bcESbe-xh-FB5RW6BxzG_nOTs HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEABfEGhY8QSTDKXNDXmpeJk&google_cver=1&google_push=AYg5qPK-4lqSyRzh6KFiw3yuKiUa5N4iCEU9mKM2paYWXBe3ekZ7MBwdTC3prqOsu7_sgectkj_bcESbe-xh-FB5RW6BxzG_nOTs&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK-4lqSyRzh6KFiw3yuKiUa5N4iCEU9mKM2paYWXBe3ekZ7MBwdTC3prqOsu7_sgectkj_bcESbe-xh-FB5RW6BxzG_nOTs&google_hm=e8d11304f4160d6a57fd5caf

Request Chain 250

https://google.ops.beeline.ru/p?ssp=gl&google_gid=CAESED-1Dbi7eB1-8p9qVzKWd3Y&google_cver=1&google_push=AYg5qPKNAS49ZURyIFnrFTuG0Fn8CtXuPN25gNuDlOqhs_XvTI1-v_XTnFz3KWbrS6Bex5v9uen42NWtZJvM8uDB3UY2LCE9lRK4hw HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=YmQyNTlhNjQtY2IyZC00YTlhLWFiZGUtMzdiYTk1MTJhNjEw&google_push=AYg5qPKNAS49ZURyIFnrFTuG0Fn8CtXuPN25gNuDlOqhs_XvTI1-v_XTnFz3KWbrS6Bex5v9uen42NWtZJvM8uDB3UY2LCE9lRK4hw

278 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 fCS8oeenv2 Show response
t.co/ 227 B
490 B 187ms
141ms Document
text/html 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/fCS8oeenv2?amp=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

f4d01bd6e9571febec49d1566e896770f812e30b8b4154b888a146d21733cacb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /fCS8oeenv2?amp=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:32 GMT
vary: Origin
server: tsa_o
expires: Fri, 30 Jul 2021 18:04:32 GMT
set-cookie: muc=d304f6ce-4d05-49de-b490-a2e59ecd6e9b; Max-Age=63072000; Expires=Sun, 30 Jul 2023 17:59:32 GMT; Domain=t.co; Secure; SameSite=None
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 173
content-encoding: gzip
x-xss-protection: 0
strict-transport-security: max-age=0
x-connection-hash: fcce1f77ba79d96bcb0482ff5f1fea1c108872b760d8963274a444b9e25fb77a

GET
H/1.1

200
OK

/ Show response
cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/
Redirect Chain

https://cmun.it/eh9qcxwi
https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=1627667973

3 KB
3 KB

241ms
240ms

Document
text/html

216.144.248.138
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=1627667973

Requested by

Host: t.co
URL: https://t.co/fCS8oeenv2?amp=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.144.248.138 , United States, ASN46475 (LIMESTONENETWORKS, US),

Reverse DNS

138-248-144-216.static.reverse.lstn.net

Software

nginx/1.12.2 + Phusion Passenger 5.1.12 / Phusion Passenger 5.1.12

Resource Hash

81c74f0766f53645f859c1ed85b5c8e0d42e768e89b505990efd9d518b3f64b9

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Host: cmun.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://t.co/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: cmun_it_guid=41a897ec-c818-4ebc-80b8-e7f45e8223ab
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t.co/fCS8oeenv2?amp=1

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 1b0fec12-c7d3-4937-84b4-47ab2bb3b5dd
ETag: W/"dabf77dc42a54e8d6dafa4b0740ba96b"
X-Frame-Options: ALLOWALL
X-Runtime: 0.091794
Date: Fri, 30 Jul 2021 17:59:33 GMT
X-Powered-By: Phusion Passenger 5.1.12
Server: nginx/1.12.2 + Phusion Passenger 5.1.12

Redirect headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 302 Found
Cache-Control: no-cache
X-Request-Id: c4daa7ac-9f1c-454f-9a15-6e8ff0cd5fe8
Location: https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=1627667973
X-Runtime: 0.003808
X-Frame-Options: ALLOWALL
Date: Fri, 30 Jul 2021 17:59:33 GMT
Set-Cookie: cmun_it_guid=41a897ec-c818-4ebc-80b8-e7f45e8223ab; path=/; expires=Sat, 30 Jul 2022 17:59:33 -0000
X-Powered-By: Phusion Passenger 5.1.12
Server: nginx/1.12.2 + Phusion Passenger 5.1.12

GET
H/1.1 200
OK pix Show response
cmun.it/ 7 KB
8 KB 152ms
151ms Script
text/javascript 216.144.248.138
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cmun.it/pix

Requested by

Host: cmun.it
URL: https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=1627667973

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.144.248.138 , United States, ASN46475 (LIMESTONENETWORKS, US),

Reverse DNS

138-248-144-216.static.reverse.lstn.net

Software

nginx/1.12.2 + Phusion Passenger 5.1.12 / Phusion Passenger 5.1.12

Resource Hash

0a13281aa2176a69e922bfd397c6a0cbf678633f0c677d18ff1b02f10b6da48b

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cmun.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=1627667973
Cookie: cmun_it_guid=41a897ec-c818-4ebc-80b8-e7f45e8223ab
Connection: keep-alive
Referer: https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=1627667973
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Runtime: 0.001420
Date: Fri, 30 Jul 2021 17:59:33 GMT
ETag: W/"d79d441a05958edf601414f3be1ec457"
Server: nginx/1.12.2 + Phusion Passenger 5.1.12
X-Powered-By: Phusion Passenger 5.1.12
X-Frame-Options: ALLOWALL
Content-Type: text/javascript; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-Id: a81b3f79-db2e-4775-9a67-f00aaf00bb76

GET
H/1.1 200
OK xdomain_cookie.js Show response
cmun.it/javascripts/ 9 KB
9 KB 149ms
149ms Script
application/javascript 216.144.248.138
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmun.it/javascripts/xdomain_cookie.js?b=1627667973858
Requested by: Host: cmun.it
URL: https://cmun.it/pix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.144.248.138 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 138-248-144-216.static.reverse.lstn.net
Software: nginx/1.12.2 /
Resource Hash: e33f0e3e63fac80b588cdb659bd85b969ad5664ac25cc66e45565b3b68cd8618

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: cmun.it
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=1627667973
Cookie: cmun_it_guid=41a897ec-c818-4ebc-80b8-e7f45e8223ab
Connection: keep-alive
Referer: https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=1627667973
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 17:59:33 GMT
Last-Modified: Mon, 10 Jun 2019 13:04:10 GMT
Server: nginx/1.12.2
ETag: "5cfe554a-2472"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9330
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK xdomain_cookie.html Show response
cmun.it/javascripts/ Frame 7A9B 3 KB
4 KB 158ms
157ms Document
text/html 216.144.248.138
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cmun.it/javascripts/xdomain_cookie.html?t=1627667974009
Requested by: Host: cmun.it
URL: https://cmun.it/javascripts/xdomain_cookie.js?b=1627667973858
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.144.248.138 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 138-248-144-216.static.reverse.lstn.net
Software: nginx/1.12.2 /
Resource Hash: a39b49accb5917af2836dd21b3b1fe271cc239de8be48b1396b3ccabf4aaa408

Request headers

Host: cmun.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=1627667973
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=1627667973

Response headers

Server: nginx/1.12.2
Date: Fri, 30 Jul 2021 17:59:34 GMT
Content-Type: text/html
Content-Length: 3437
Last-Modified: Mon, 10 Jun 2019 13:04:10 GMT
Connection: keep-alive
ETag: "5cfe554a-d6d"
Accept-Ranges: bytes

GET
H2 200 Primary Request / Show response
www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/ 40 KB
10 KB 386ms
131ms Document
text/html 35.222.52.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Requested by

Host: cmun.it
URL: https://cmun.it/e/eh9qcxwi/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/?t=1627667973

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.222.52.199 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

199.52.222.35.bc.googleusercontent.com

Software

LiteSpeed /

Resource Hash

f7b22ec43eb8523e50a220ce7b2a246b23c1d1d43e441c02d66f5b47ebd6d85a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.slashgear.com
:scheme: https
:path: /big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://cmun.it/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cmun.it/

Response headers

content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Cookie
cache-control: max-age=3, must-revalidate
content-length: 10037
content-encoding: gzip
date: Fri, 30 Jul 2021 17:59:36 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/ 119 KB
16 KB 16ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3323960
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 16120
cf-request-id: 0ad40bcecd00004e5b0a806000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-1da71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Q0NCSIEjyxWsfZICnDFsRm4q5FW7AJSbx5O7BsZspEwgDutVvb%2FYseClXGmabU2a%2BWeIoCoX0OPlur7CTTbiFbFAzzIPmfo66mAxli12GOg4pnp19EzRXJWKt6C0wlYZUt6gguhNCl3Duv7PJVj0iSg"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67707b5299074414-FRA
expires: Wed, 20 Jul 2022 17:59:36 GMT

GET
H2 200 sgstyle-2021v2.min.css
cdn.slashgear.com/assets/css/ 54 KB
10 KB 122ms
32ms Stylesheet
text/css 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.slashgear.com/assets/css/sgstyle-2021v2.min.css

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C86) /

Resource Hash

e343db5aaf377aa0afb3d512a1ebd1090585733b1790818da792b8894fd1470c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 28 Apr 2021 00:50:16 GMT
server: ECAcc (mil/6C86)
age: 136458
etag: "d614-6088b148-15017cd478570817;br+gzip"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
content-length: 10091
expires: Fri, 06 Aug 2021 17:59:36 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
cdn.slashgear.com/wp-includes/js/mediaelement/ 11 KB
3 KB 130ms
41ms Stylesheet
text/css 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.slashgear.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BA6) /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 22:49:46 GMT
server: ECAcc (mil/6BA6)
age: 54100
etag: "2bf8-5fd1548a-6d0d3e2926977c31;br+gzip"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
content-length: 2592
expires: Fri, 06 Aug 2021 17:59:36 GMT

GET
H2 200 wp-mediaelement.min.css
cdn.slashgear.com/wp-includes/js/mediaelement/ 4 KB
1 KB 132ms
43ms Stylesheet
text/css 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.slashgear.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6CB8) /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2019 23:29:42 GMT
server: ECAcc (mil/6CB8)
age: 546994
etag: "105a-5dcc91e6-f8556d72533fa841;br+gzip"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
content-length: 1156
expires: Fri, 06 Aug 2021 17:59:36 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 18ms
17ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 262402
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMTdcuwpXbz2WpMmFvfye7sulR2uP0to6o2Va1exC5wkkvekqDAATAECuF%2BU3Wy42NcyRL%2FfdE435Krb6jjNm72iTiHwP9MWYnRyqb%2FRpRqiYkihC9IXTCLMWb2EXNXt1ycIlc%2FQlWP%2B%2BEZfwcOjGJia"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67707b5299094414-FRA
expires: Wed, 20 Jul 2022 17:59:36 GMT

GET
H2 200 jetpack.css
cdn.slashgear.com/wp-content/plugins/jetpack/css/ 85 KB
17 KB 113ms
25ms Stylesheet
text/css 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.slashgear.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.9.1

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C7A) /

Resource Hash

24dafe3b46bfc451a25556868c09802ad6357d9884710a122c9d54330f7e4eca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 21 Jul 2021 20:34:35 GMT
server: ECAcc (mil/6C7A)
age: 163388
etag: "15295-60f884db-b8738fb87e4ad23;br+gzip"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
content-length: 17025
expires: Fri, 06 Aug 2021 17:59:36 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
594 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed&display=swap

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae607ea7a823203f649d99f674ac1b5f47ba177bd55b46729fa48137d564e926

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 17:59:36 GMT
server: ESF
date: Fri, 30 Jul 2021 17:59:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jul 2021 17:59:36 GMT

GET
H2 200 slashgear.com.js Show response
cdn.nsstatic.net/ns/ 448 KB
141 KB 148ms
40ms Script
application/javascript 2.16.186.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nsstatic.net/ns/slashgear.com.js
Requested by: Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 67a806a2caa05540ca80de614ab7a5b4c829ce5c51ab4886861ae95630dd1aac

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3nhAhH85oHyUQatuGv1qTKLK2fSYBtRL
content-encoding: gzip
last-modified: Sun, 25 Jul 2021 00:01:43 GMT
x-amz-request-id: M94PKKVF3NCJH3VG
etag: "837938d1cff1324e667dc840932d1bfc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2417
date: Fri, 30 Jul 2021 17:59:36 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 143632
x-amz-id-2: G3C0e0b745tuZV+3TEAQXSNmyLcK3vh0zHkbBNNbE5T7BZtSdx9aoEtQs8v5Nyix5fzh55BJSiU=
expires: Fri, 30 Jul 2021 18:39:53 GMT

GET
H2 200 slashgear_logo.png
cdn.slashgear.com/assets/images/ 7 KB
8 KB 31ms
27ms Image
image/png 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/assets/images/slashgear_logo.png

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C17) /

Resource Hash

8db05b5d0c34c0d22a86d6b9aee5204e67531d2e52494d2adb4102261ebe7532

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Thu, 30 Apr 2020 10:14:41 GMT
server: ECAcc (mil/6C17)
age: 4643827
etag: "1d41-5eaaa511-8845bcccb835474b;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/assets/images/slashgear_logo.png>; rel="canonical"
content-length: 7489

GET
H2 200 pokemongo_bright-1280x720.jpg
cdn.slashgear.com/wp-content/uploads/2020/05/ 47 KB
48 KB 34ms
30ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2020/05/pokemongo_bright-1280x720.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C4D) /

Resource Hash

42ebfed84d3f96a400cafcef75d6629342768c52ee98a172e06e95a1379ade1b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Thu, 28 May 2020 17:08:04 GMT
server: ECAcc (mil/6C4D)
age: 2522094
etag: "bd5c-5ecfeff4-efe2df3cbed96155;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2020/05/pokemongo_bright-1280x720.jpg>; rel="canonical"
content-length: 48476

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
49 KB 50ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d77db41dc4c7b8c130a5569ce570646d824303b3909cbfc8767a5c513b4c9140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49341
x-xss-protection: 0
server: cafe
etag: 5430280584477430018
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 17:59:36 GMT

GET
H2 200 embed-scroll.min.js Show response
cdn.slashgear.com/wp-content/plugins/disqus-conditional-load/assets/js/ 2 KB
893 B 32ms
29ms Script
application/x-javascript 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.slashgear.com/wp-content/plugins/disqus-conditional-load/assets/js/embed-scroll.min.js?ver=11.0.6

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C61) /

Resource Hash

e57ae25fc885f74da9faecb08c7ff45422e0bda8d22005cbdd59ae7aa4279d19

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 24 Mar 2021 23:35:12 GMT
server: ECAcc (mil/6C61)
age: 221461
etag: "630-605bccb0-7b83104b233b64bf;br+gzip"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
content-length: 779
expires: Fri, 06 Aug 2021 17:59:36 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 16:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jul 2022 16:48:56 GMT

GET
H3-29 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/ 39 KB
10 KB 27ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.1/js/bootstrap.min.js?ver=3.4.1

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1282871
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9687
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-9b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5ldNQ%2FpbsG9vXcrg%2FXCjdN9ZwAkViO2RP725X7iuAkE96fFj9ZdJBYP7R1lrU6J%2Byy7bkXAGcEC%2FvWtpc9BuCOrojXe9N0DnJwE%2ByHFgAKjUQQRsrKfJ0POsWe8dEGEXjD2rRkk4oJ0RvQYqymqqMCC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67707b538baf4309-FRA
expires: Wed, 20 Jul 2022 17:59:36 GMT

GET
H2 200 superfish.min.js Show response
cdn.slashgear.com/assets/superfish/js/ 4 KB
2 KB 28ms
25ms Script
application/x-javascript 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.slashgear.com/assets/superfish/js/superfish.min.js?ver=1.7.9

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BB9) /

Resource Hash

f31f14f173559d1bc035ffcec66bdcd19b6685f42a2853bf7eaabd1e4bd9aba0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 14 May 2021 11:47:09 GMT
server: ECAcc (mil/6BB9)
age: 20561
etag: "117a-609e633d-3eea59fb3177fd7;br+gzip"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
content-length: 1883
expires: Fri, 06 Aug 2021 17:59:36 GMT

GET
H2 200 menus.min.js Show response
cdn.slashgear.com/wp-content/themes/slashgear/js/ 2 KB
784 B 32ms
29ms Script
application/x-javascript 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.slashgear.com/wp-content/themes/slashgear/js/menus.min.js

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BBE) /

Resource Hash

2093abc47104aed8b7ee990f6a7c217296cb2d08f26e998974409bc562304445

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Sat, 19 Nov 2016 01:13:37 GMT
server: ECAcc (mil/6BBE)
age: 39623
etag: "69a-582fa741-d2f2b72201570f5a;br+gzip"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
content-length: 670
expires: Fri, 06 Aug 2021 17:59:36 GMT

GET
H2 200 wp-embed.min.js Show response
cdn.slashgear.com/wp-includes/js/ 1 KB
879 B 31ms
29ms Script
application/x-javascript 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.slashgear.com/wp-includes/js/wp-embed.min.js?ver=5.8

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C2E) /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2021 01:20:41 GMT
server: ECAcc (mil/6C2E)
age: 546994
etag: "592-601b4be9-d083cce976c98bd7;br+gzip"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
content-length: 765
expires: Fri, 06 Aug 2021 17:59:36 GMT

GET
H2 200 jetpack-carousel.min.js Show response
cdn.slashgear.com/wp-content/plugins/jetpack/_inc/build/carousel/ 22 KB
7 KB 27ms
25ms Script
application/x-javascript 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.slashgear.com/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=9.9.1

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6CC8) /

Resource Hash

7e84778be145e427487918662879adb89c2d7479664bfb11294d299d801cd44b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 21 Jul 2021 20:34:35 GMT
server: ECAcc (mil/6CC8)
age: 163168
etag: "5995-60f884db-dd6a1fb1d3dd6b3f;br+gzip"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
content-length: 7027
expires: Fri, 06 Aug 2021 17:59:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 100 KB
38 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQRF3TG

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be745e15bb8eb5e9940f1f6c096a76628a3ec845b577e93883f9dd8b813fb5de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39002
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 17:29:03 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Jul 2021 17:59:36 GMT

GET
H3-29 200 NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2
fonts.gstatic.com/s/firasansextracondensed/v5/ 22 KB
22 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v5/NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f905435c0278c8998a37b1e932c610553df7c656806432baf8670720ec6e4e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.slashgear.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 12:16:32 GMT
x-content-type-options: nosniff
age: 279784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22864
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:08:38 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 12:16:32 GMT

GET
H3-29 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 17ms
16ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.slashgear.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2420885
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdDaEpmtt6EQe5UVkoXvycOiz4hK5ZG6df1qxaxeksfo15EyzzDHG0CH2BvbjSCdFebcWMLJ4gQQ0%2B%2B6MlN159cpypF2R%2BI035Y%2Bu9FyBX49FrC4ayFw07NlJljMWFkJvFm6hsJ%2Fz8yzHdAB10y0zNLu"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67707b538d804d8a-FRA
expires: Wed, 20 Jul 2022 17:59:36 GMT

GET
H2 200 covid-coronavirus-cdc-masks-guidance-update-450x250.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 15 KB
15 KB 29ms
28ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/covid-coronavirus-cdc-masks-guidance-update-450x250.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C35) /

Resource Hash

72300715c57175c0eb278fb5924d5f9dfa786b6289b3203f3a46949825b416ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Tue, 27 Jul 2021 18:38:47 GMT
server: ECAcc (mil/6C35)
age: 252740
etag: "3c07-610052b7-cde5f2299816683f;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/covid-coronavirus-cdc-masks-guidance-update-450x250.jpg>; rel="canonical"
content-length: 15367

GET
H2 200 karma-gs-6-02-1-450x250.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 14 KB
14 KB 28ms
27ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/karma-gs-6-02-1-450x250.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C5C) /

Resource Hash

46b535feebd6e45a5b43d7c4ef2b12f4b424ea843d3ef380d46bf9c2701c6dfa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Tue, 27 Jul 2021 14:08:30 GMT
server: ECAcc (mil/6C5C)
age: 271571
etag: "387f-6100135e-af9a52b1405c4b13;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/karma-gs-6-02-1-450x250.jpg>; rel="canonical"
content-length: 14463

GET
H2 200 2021-toyota-rav4-prime-phev-1-450x250.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 19 KB
19 KB 29ms
28ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/2021-toyota-rav4-prime-phev-1-450x250.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C72) /

Resource Hash

c8503991228334d66d47d98b514d60a31cf85079b650b6112674a960c25da355

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Mon, 26 Jul 2021 15:29:01 GMT
server: ECAcc (mil/6C72)
age: 353717
etag: "4a92-60fed4bd-a70e3bc80f23f378;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/2021-toyota-rav4-prime-phev-1-450x250.jpg>; rel="canonical"
content-length: 19090

GET
H2 200 IMG_2436_001-450x250.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 22 KB
22 KB 31ms
30ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/IMG_2436_001-450x250.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6CC5) /

Resource Hash

86e0b3624b6fb1f58c640dd298d2f422b501bd9000ff6c89f21d9d56cadcebe0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Fri, 23 Jul 2021 21:17:37 GMT
server: ECAcc (mil/6CC5)
age: 590103
etag: "5903-60fb31f1-5b10f283f1257fb4;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/IMG_2436_001-450x250.jpg>; rel="canonical"
content-length: 22787

GET
H2 200 2022-gmc-sierra-super-cruise-1-450x250.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 11 KB
11 KB 25ms
25ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/2022-gmc-sierra-super-cruise-1-450x250.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BA9) /

Resource Hash

46c0c734f626f441bcfa71b18c3d2603c9e2196cfa82d332e4d05b36f717a25f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Thu, 22 Jul 2021 19:03:25 GMT
server: ECAcc (mil/6BA9)
age: 653198
etag: "2a7e-60f9c0fd-622a19690f9f5166;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/2022-gmc-sierra-super-cruise-1-450x250.jpg>; rel="canonical"
content-length: 10878

GET
H2 200 mgwgnw.jpg
cdn.slashgear.com/wp-content/uploads/2020/05/ 100 KB
100 KB 395ms
392ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2020/05/mgwgnw.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a92ede8b5e556faa9a00e2501808b3a1bb0ef8bee5c70da0481e3be12bdd2227

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Thu, 28 May 2020 17:08:23 GMT
server: LiteSpeed
etag: "190ac-5ecff007-65b931a0072efe17;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2020/05/mgwgnw.jpg>; rel="canonical"
content-length: 102572

GET
H2 200 coagweea.jpg
cdn.slashgear.com/wp-content/uploads/2020/05/ 96 KB
96 KB 401ms
398ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2020/05/coagweea.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

be5ed0fcada74e7f150ecfcaf27b9110d31830ae561b9665b0046ac5ec66d03f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Thu, 28 May 2020 17:08:18 GMT
server: LiteSpeed
etag: "17f81-5ecff002-ce4da40ca95d830d;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2020/05/coagweea.jpg>; rel="canonical"
content-length: 98177

GET
H2 200 google-quantum-computer-200x200.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 7 KB
8 KB 29ms
27ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/google-quantum-computer-200x200.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C82) /

Resource Hash

245bce7ae8c9454fdb0189abf0dd331939f993a845ae1894faae3ee7224159a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Fri, 30 Jul 2021 17:21:16 GMT
server: ECAcc (mil/6C82)
age: 1825
etag: "1d8c-6104350c-d42db7fa7c7a93bd;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/google-quantum-computer-200x200.jpg>; rel="canonical"
content-length: 7564

GET
H2 200 mcdonalds-ps5-controller-australia-200x200.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 6 KB
6 KB 29ms
27ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/mcdonalds-ps5-controller-australia-200x200.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BA9) /

Resource Hash

558cbd26ff432481dc316e0956929cb426284eaf2ecbc4aebd30ad27e488adcd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Fri, 30 Jul 2021 17:06:47 GMT
server: ECAcc (mil/6BA9)
age: 1885
etag: "177c-610431a7-79e28f31a09d5b0d;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/mcdonalds-ps5-controller-australia-200x200.jpg>; rel="canonical"
content-length: 6012

GET
H2 200 Dont-rush-to-add-an-M.2-SSD-to-your-PS5-200x200.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 7 KB
7 KB 34ms
32ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/Dont-rush-to-add-an-M.2-SSD-to-your-PS5-200x200.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6CB7) /

Resource Hash

cf0b1763c95843c2da7428a742a2b41ac2a199e02d88ff48034b27a47068c163

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Fri, 30 Jul 2021 16:21:59 GMT
server: ECAcc (mil/6CB7)
age: 4088
etag: "1c71-61042727-957912c69e2c9afb;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/Dont-rush-to-add-an-M.2-SSD-to-your-PS5-200x200.jpg>; rel="canonical"
content-length: 7281

GET
H2 200 qr-code-ios-ipados-update-200x200.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 6 KB
6 KB 35ms
33ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/qr-code-ios-ipados-update-200x200.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BAA) /

Resource Hash

4d7ac35c4ed819ac412c2057b73ee3736090b763bd781e47b5a8a4773ac2d8c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Fri, 30 Jul 2021 16:03:47 GMT
server: ECAcc (mil/6BAA)
age: 4719
etag: "193e-610422e3-ab9728368fc17cc1;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/qr-code-ios-ipados-update-200x200.jpg>; rel="canonical"
content-length: 6462

GET
H2 200 Teaser1_Outlander-PHEV-model_02-200x200.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 4 KB
4 KB 35ms
33ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/Teaser1_Outlander-PHEV-model_02-200x200.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C22) /

Resource Hash

d813eb186c8fc642e65d3dc2e73e4cc580af677d78968fc6e1c0a4d946db644e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Fri, 30 Jul 2021 15:59:43 GMT
server: ECAcc (mil/6C22)
age: 6511
etag: "f9b-610421ef-472f36587d9ef1cd;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/Teaser1_Outlander-PHEV-model_02-200x200.jpg>; rel="canonical"
content-length: 3995

GET
H2 200 2021-lexus-lx-570-02-1-200x200.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 5 KB
6 KB 35ms
34ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/2021-lexus-lx-570-02-1-200x200.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6CC2) /

Resource Hash

2285227d4baf50a98406c85b4fea8c8040d53e70913c359e490d3d5607463253

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Wed, 28 Jul 2021 02:24:45 GMT
server: ECAcc (mil/6CC2)
age: 179791
etag: "15d6-6100bfed-34d9ec1215c88f80;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/2021-lexus-lx-570-02-1-200x200.jpg>; rel="canonical"
content-length: 5590

GET
H2 200 karma-gs-6-02-1-200x200.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 6 KB
6 KB 35ms
34ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/karma-gs-6-02-1-200x200.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BB0) /

Resource Hash

2fd874ab0169a62443c5ed5cb76b0af6a64fdb6eb17282d1d8863c146fc3f6da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Tue, 27 Jul 2021 14:08:30 GMT
server: ECAcc (mil/6BB0)
age: 270169
etag: "17ec-6100135e-18c5e183b610184;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/karma-gs-6-02-1-200x200.jpg>; rel="canonical"
content-length: 6124

GET
H2 200 2021-toyota-rav4-prime-phev-1-200x200.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 7 KB
8 KB 29ms
27ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/2021-toyota-rav4-prime-phev-1-200x200.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C33) /

Resource Hash

6831fd18cbe99a5ec4293a20643b6baba2e86ce4f1c782fabcfc2852764ca52c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Mon, 26 Jul 2021 15:29:01 GMT
server: ECAcc (mil/6C33)
age: 353716
etag: "1d71-60fed4bd-b3ea56bfc9b8454c;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/2021-toyota-rav4-prime-phev-1-200x200.jpg>; rel="canonical"
content-length: 7537

GET
H2 200 2021-rolls-royce-cullinan-black-badge-02-200x200.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 6 KB
6 KB 36ms
35ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/2021-rolls-royce-cullinan-black-badge-02-200x200.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6CC1) /

Resource Hash

4c7dd742d06806a863055682ff3e9a24816d968b7abfe14b1f0af87cf38a7177

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Thu, 22 Jul 2021 17:43:10 GMT
server: ECAcc (mil/6CC1)
age: 689710
etag: "1928-60f9ae2e-a18333c9e2335b18;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/2021-rolls-royce-cullinan-black-badge-02-200x200.jpg>; rel="canonical"
content-length: 6440

GET
H2 200 2021-gmc-yukon-xl-denali-01-200x200.jpg
cdn.slashgear.com/wp-content/uploads/2021/07/ 8 KB
8 KB 35ms
34ms Image
image/jpeg 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.slashgear.com/wp-content/uploads/2021/07/2021-gmc-yukon-xl-denali-01-200x200.jpg

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C38) /

Resource Hash

1b4031a923e9fe5846dca170a40b4791777b1c59e41e32ba0afe75b9be11997d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
last-modified: Wed, 21 Jul 2021 18:58:00 GMT
server: ECAcc (mil/6C38)
age: 772362
etag: "2060-60f86e38-7a6355afac313958;;;"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/jpeg
cache-control: public, max-age=31557600
accept-ranges: bytes
link: <https://www.slashgear.com/wp-content/uploads/2021/07/2021-gmc-yukon-xl-denali-01-200x200.jpg>; rel="canonical"
content-length: 8288

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/ 250 KB
93 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3201252381583585&plah=www.slashgear.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92704f0026adca12f0fd6fca2cfcf6849d465c18126b13527cab79d4a668c9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95279
x-xss-protection: 0
server: cafe
etag: 1002108113196412170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 17:59:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210728/r20190131/ Frame FC86 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210728/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210728/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.slashgear.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.slashgear.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Jul 2021 00:54:55 GMT
expires: Fri, 13 Aug 2021 00:54:55 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 61481
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQRF3TG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 2755
date: Fri, 30 Jul 2021 17:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 30 Jul 2021 19:13:41 GMT

GET
H2 200 matomo.js Show response
cdn.slashgear.com/assets/ 61 KB
20 KB 27ms
26ms Script
application/x-javascript 68.232.34.149
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.slashgear.com/assets/matomo.js

Requested by

Host: t.co
URL: https://t.co/fCS8oeenv2?amp=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.232.34.149 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C18) /

Resource Hash

58f643de3caab5b0ddbdc7a6b4d07ea368b6beed613c103f21a1489b68083f11

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 28 Jul 2021 23:09:19 GMT
server: ECAcc (mil/6C18)
age: 154015
etag: "f3cf-6101e39f-a3f98db25966b2b8;br+gzip"
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
content-length: 20300
expires: Fri, 06 Aug 2021 17:59:36 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 51ms
16ms XHR
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/slashgear.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 74155
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
date: Thu, 29 Jul 2021 21:23:42 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 6m6l2Pcz9OtbsuWsX0iGo842mNhGRiZJLUwAJ-WisRT4AKkTtV3Cbw==

GET
H/1.1 200
OK geocc.js Show response
g.pcmag.com/ 184 B
323 B 41ms
6ms Script
application/javascript 2a02:26f0:6c00::210:bb40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://g.pcmag.com/geocc.js
Requested by: Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/slashgear.com.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 99ecb14ec0a4e706ee386f1bde1a4684119fa8e100f24821f71f7fa75ccd481d

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 17:59:36 GMT
Connection: keep-alive
Content-Length: 184
Content-Type: application/javascript

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 49ms
14ms Script
application/javascript 13.224.96.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/slashgear.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-53.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:37:09 GMT
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: m3Zt-7QJKr1DS1DkabPI-btzPgyCMZ8AUCTmgsKIKlPYhrAgheeC9A==

GET
H2 200 z0WVjCBSEeGLoxIxOQVEwQ.min.js Show response
cdn.static.zdbb.net/js/ 85 KB
24 KB 200ms
46ms Script
application/javascript 2.21.172.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Requested by: Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/slashgear.com.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.172.90 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-172-90.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b0eb21032851980d76c5464cfdd537c7bcfe6ab6e3213950413c3f18a32ccddb

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FHPKIgShOCsNrE_3brCgvLSTW3oiGw5C
content-encoding: gzip
last-modified: Fri, 23 Jul 2021 16:36:45 GMT
x-amz-request-id: 83JKPX0JECDG2J5C
date: Fri, 30 Jul 2021 17:59:36 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 24541
x-amz-id-2: EC0heLEC3/SVHlBmVFclZpaLnKDjpC+6q5WO55M8wvr02DGvHQzP/LRTgU05EQxS+FxrgkZCxxY=
expires: Sat, 31 Jul 2021 17:59:36 GMT

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-us.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

40ms
12ms

Script
application/javascript

2600:9000:2190:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding: gzip
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 49515
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 30 Jul 2021 04:14:22 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: QYrLefWcgTSpsCYnVXY_6agsG_gwLWwrly44zJLSICvFvA0LXhCjkA==

Redirect headers

location: https://cdn-gl.imrworldwide.com:443/v60.js
date: Fri, 30 Jul 2021 17:59:36 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H2 200 nsgpt.jsonp Show response
ns.zdbb.net/ 659 B
582 B 269ms
155ms Script
application/javascript 2.21.172.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ns.zdbb.net/nsgpt.jsonp?u=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F
Requested by: Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/slashgear.com.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.172.90 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-172-90.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 89d331be202d451cce7cd4c14689964049762c84f7e3deda40373c3723682358

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: https://www.slashgear.com
cache-control: max-age=60
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 319
expires: Fri, 30 Jul 2021 18:00:36 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 70 KB
25 KB 83ms
29ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/slashgear.com.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

7fe56bfb238a4483d5310f2dc30c62aacd28a07e21ca924d01c34accaf7fafc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "944 / 176 of 1000 / last-modified: 1627643395"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24687
x-xss-protection: 0
expires: Fri, 30 Jul 2021 17:59:36 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
305 B 152ms
119ms XHR
text/plain 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3916&u=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F
Requested by: Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/slashgear.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.slashgear.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: tTPNNlPQ4EaP7jKXk4EHfQBTiZQQoY2YhLfdbIk6ubsi4YXRwXnVvA==

GET
H2 200 /
gurgle.zdbb.net/ 43 B
254 B 345ms
109ms Image
image/gif 52.71.45.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gurgle.zdbb.net/?domain=netshelter.net
Requested by: Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.45.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-45-67.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.slashgear.com
date: Fri, 30 Jul 2021 17:59:36 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
659 B 81ms
30ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.slashgear.com&callback=_gfp_s_&client=ca-pub-3201252381583585

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3201252381583585&plah=www.slashgear.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ab815412c774931194d52e05db24eb2afd049fa13c587c523822bf8db9644b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 34ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.slashgear.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.slashgear.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3CE 59 KB
22 KB 681ms
680ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=285&slotname=7713392594&adk=2092238195&adf=383669989&pi=t.ma~as.7713392594&w=346&lmt=1627667976&rafmt=12&psa=0&format=346x285&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976409&bpp=4&bdt=317&idt=116&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&correlator=103970874507&frm=20&pv=2&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=457&ady=931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=eW3DiXLpK3&p=https%3A//www.slashgear.com&dtd=136

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c896cf0badf452518a3fc03c0ded4d91d047793c5f5809a526834165e7d53c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3201252381583585&output=html&h=285&slotname=7713392594&adk=2092238195&adf=383669989&pi=t.ma~as.7713392594&w=346&lmt=1627667976&rafmt=12&psa=0&format=346x285&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976409&bpp=4&bdt=317&idt=116&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&correlator=103970874507&frm=20&pv=2&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=457&ady=931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=eW3DiXLpK3&p=https%3A//www.slashgear.com&dtd=136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.slashgear.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.slashgear.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Jul 2021 17:59:37 GMT
server: cafe
content-length: 22675
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Jul-2021 18:14:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Jul 2021 17:59:37 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eca48824a13b12bd6503bda806b0a66f2b0810fdc90796c0e763c3f934cee5a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472111755377"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Fri, 30 Jul 2021 17:59:36 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 34FE 91 KB
32 KB 528ms
527ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=280&slotname=1358470999&adk=1833265905&adf=2596562503&pi=t.ma~as.1358470999&w=336&lmt=1627667976&psa=0&format=336x280&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976413&bpp=1&bdt=321&idt=141&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=462&ady=3256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PxWHqJ5nY8&p=https%3A//www.slashgear.com&dtd=144

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88b5db70458819b692e1a4b500a7ad8269335bed8e2bb58342ba210ba54346f3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNjDudyvi_ICFdkHiwod4LcMkw&gqi=CD4EYeTBIuOlx_APz9-8qAw&layout=/sadbundle/%24csp%253Der3%24/6129057763443717358/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3201252381583585&output=html&h=280&slotname=1358470999&adk=1833265905&adf=2596562503&pi=t.ma~as.1358470999&w=336&lmt=1627667976&psa=0&format=336x280&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976413&bpp=1&bdt=321&idt=141&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=462&ady=3256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PxWHqJ5nY8&p=https%3A//www.slashgear.com&dtd=144
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.slashgear.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.slashgear.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNjDudyvi_ICFdkHiwod4LcMkw&gqi=CD4EYeTBIuOlx_APz9-8qAw&layout=/sadbundle/%24csp%253Der3%24/6129057763443717358/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Jul 2021 17:59:37 GMT
server: cafe
content-length: 32603
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Jul-2021 18:14:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Jul 2021 17:59:37 GMT
cache-control: private

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=177989887&t=pageview&_s=1&dl=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&dr=https%3A%2F%2Fcmun.it%2F&ul=en-us&de=UTF-8&dt=BIG%20Shiny%20Pokemon%20GO%20leak%3A%20See%20Galar%20get%20bright!%20-%20SlashGear&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1371847047&gjid=912166672&cid=455820475.1627667977&tid=UA-645197-1&_gid=1697395187.1627667977&_r=1&gtm=2wg7s0TQRF3TG&z=238838053

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.slashgear.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 24ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=177989887&t=pageview&_s=1&dl=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&dr=https%3A%2F%2Fcmun.it%2F&ul=en-us&de=UTF-8&dt=BIG%20Shiny%20Pokemon%20GO%20leak%3A%20See%20Galar%20get%20bright!%20-%20SlashGear&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1078810965&gjid=903824662&cid=455820475.1627667977&tid=UA-25946851-20&_gid=1697395187.1627667977&_r=1&_slc=1&z=1508490826

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.slashgear.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 matomo.php
stats.gixioanalytics.com/ 0
276 B 422ms
150ms Ping
text/plain 35.202.23.71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.gixioanalytics.com/matomo.php?action_name=BIG%20Shiny%20Pokemon%20GO%20leak%3A%20See%20Galar%20get%20bright!%20-%20SlashGear&idsite=1&rec=1&r=646055&h=19&m=59&s=36&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&urlref=https%3A%2F%2Fcmun.it%2F&_id=3a81a8af7208c1e9&_idn=1&_refts=1627667977&_ref=https%3A%2F%2Fcmun.it%2F&send_image=0&cookie=1&res=1600x1200&pv_id=4E2z6u&pf_net=255&pf_srv=131&pf_tfr=2&pf_dm1=283

Requested by

Host: cdn.slashgear.com
URL: https://cdn.slashgear.com/assets/matomo.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.23.71 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

71.23.202.35.bc.googleusercontent.com

Software

nginx / PHP/7.4.21

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
referrer-policy: origin
server: nginx
x-powered-by: PHP/7.4.21
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://www.slashgear.com
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
x-content-type-options: nosniff, nosniff

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8F19 57 KB
22 KB 733ms
731ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=250&slotname=9079582994&adk=151233876&adf=1647781436&pi=t.ma~as.9079582994&w=300&lmt=1627667976&psa=0&format=300x250&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976414&bpp=1&bdt=321&idt=174&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285%2C336x280&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=211&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kKtPEjJLAB&p=https%3A//www.slashgear.com&dtd=178

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fc51487470c88da3f5c4df2739bd46b03c7f208da23ad8cdba913d200fe4379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3201252381583585&output=html&h=250&slotname=9079582994&adk=151233876&adf=1647781436&pi=t.ma~as.9079582994&w=300&lmt=1627667976&psa=0&format=300x250&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976414&bpp=1&bdt=321&idt=174&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285%2C336x280&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=211&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kKtPEjJLAB&p=https%3A//www.slashgear.com&dtd=178
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.slashgear.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.slashgear.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Jul 2021 17:59:37 GMT
server: cafe
content-length: 22390
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Jul-2021 18:14:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Jul 2021 17:59:37 GMT
cache-control: private

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 85ms
84ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&tn=DIV&id=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A377 0
19 B 94ms
93ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&adk=1812271804&adf=3025194257&lmt=1627667976&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976426&bpp=1&bdt=333&idt=174&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285%2C336x280%2C300x250&nras=1&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=182

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3201252381583585&output=html&adk=1812271804&adf=3025194257&lmt=1627667976&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976426&bpp=1&bdt=333&idt=174&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285%2C336x280%2C300x250&nras=1&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=182
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.slashgear.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.slashgear.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 30 Jul 2021 17:59:36 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Jul-2021 18:14:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Jul 2021 17:59:36 GMT
cache-control: private

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=8&c2=6036316&c3=1&ns__t=1627667976610&ns_c=UTF-8&cv=3.5&c8=BIG%20Shiny%20Pokemon%20GO%20leak%3A%20See%20Galar%20get%20bright!%20-%20SlashGear&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=8&c2=6036316&c3=1&ns__t=1627667976610&ns_c=UTF-8&cv=3.5&c8=BIG%20Shiny%20Pokemon%20GO%20leak%3A%20See%20Galar%20get%20bright!%20-%20SlashGear&c7=https%3A%2F%2...

64 B
330 B

25ms
25ms

Image
image/gif

13.224.96.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=8&c2=6036316&c3=1&ns__t=1627667976610&ns_c=UTF-8&cv=3.5&c8=BIG%20Shiny%20Pokemon%20GO%20leak%3A%20See%20Galar%20get%20bright!%20-%20SlashGear&c7=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&c9=https%3A%2F%2Fcmun.it%2F
Requested by: Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-53.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: SiPyqv8kbMNMLjg_S7RL0K7EI3VMTem3vaSW1qWEiLhrf_hOejj7zA==

Redirect headers

date: Fri, 30 Jul 2021 17:59:36 GMT
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=8&c2=6036316&c3=1&ns__t=1627667976610&ns_c=UTF-8&cv=3.5&c8=BIG%20Shiny%20Pokemon%20GO%20leak%3A%20See%20Galar%20get%20bright!%20-%20SlashGear&c7=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&c9=https%3A%2F%2Fcmun.it%2F
content-length: 326
x-amz-cf-id: Rnmqki2XJ5NdH0p9GFNLgwc3Md3yPOhhgkTGfTvrv8vefVeI3u_lzg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
86 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-25946851-20&cid=455820475.1627667977&jid=1078810965&gjid=903824662&_gid=1697395187.1627667977&_u=YAjAAEABAAAAAC~&z=375022535

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 30 Jul 2021 17:59:36 GMT
content-type: text/plain
access-control-allow-origin: https://www.slashgear.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pubads_impl_2021072701.js Show response
securepubads.g.doubleclick.net/gpt/ 318 KB
111 KB 61ms
30ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

efd6c3fe040e0780295b2bb958b6cb638b10d68ea13bb0a5d3a4da7efce788a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 08:37:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113834
x-xss-protection: 0
expires: Fri, 30 Jul 2021 17:59:36 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 136 B
131 B 58ms
30ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.slashgear.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

fc667c47a1ff9bd99d633d9745b69bdbb549978f4b5ef4a6160c23eca7364711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 17:59:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Fri, 30 Jul 2021 17:59:36 GMT

GET
H2 200 info Show response
gurgle.zdbb.net/ 586 B
801 B 118ms
112ms XHR
application/json 52.71.45.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&fp=0
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.45.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-45-67.compute-1.amazonaws.com
Software: /
Resource Hash: 1fc54bd8e8e8ec0b76837a47958a6583e9cf2d2c33f65ba90562ef318968ffd9

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.slashgear.com
date: Fri, 30 Jul 2021 17:59:36 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 586
access-control-allow-methods: GET, OPTIONS
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 370 B
1 KB 163ms
114ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/slashgear.com.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a33bbfd57d513dda6ccf3c44cbf52b524a61e45cc54624771df57cdef6055f0d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 17:59:36 GMT
X-Proxy-Origin: 37.120.137.162; 37.120.137.162; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3ae9add1-902e-451b-b531-6639a69b7236
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.slashgear.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 370
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 1 KB
2 KB 171ms
61ms XHR
application/json 34.253.169.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=7529&slot=%7Bid:nsgpt-billboard-1,ss:%5B728.90,997.123,970.250,970.180,970.90%5D,p:/4585/ns.slashgear/articles,t:display%7D&slot=%7Bid:nsgpt-halfpage-1,ss:%5B300.600,300.250%5D,p:/4585/ns.slashgear/articles,t:display%7D&slot=%7Bid:nsgpt-rectangle-1,s:300.250,p:/4585/ns.slashgear/articles,t:display%7D&slot=%7Bid:nsgpt-oop-footer,s:1.1,p:/4585/ns.slashgear/articles,t:display%7D&slot=%7Bid:nsgpt-oop-stitials,s:1.1,p:/4585/ns.slashgear/articles,t:display%7D&slot=%7Bid:nsgpt-oop-inpage,s:1.1,p:/4585/ns.slashgear/articles,t:display%7D&slot=%7Bid:nsgpt-oop-skin,s:1.1,p:/4585/ns.slashgear/articles,t:display%7D&slot=%7Bid:nsgpt-oop-inline,s:1.1,p:/4585/ns.slashgear/articles,t:display%7D&slot=%7Bid:nsgpt-oop-masthead,s:1.1,p:/4585/ns.slashgear/articles,t:display%7D&slot=%7Bid:nsgpt-oop-native,s:1.1,p:/4585/ns.slashgear/articles,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=db686c5d-8278-f40f-97f9-f33bd41dd973&url=https%253A%252F%252Fwww.slashgear.com%252Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%252F
Requested by: Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/slashgear.com.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.169.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-169-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b5676a6d79c25d3b1437f12a36627e3865214434324087654ff67d6e02909162

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
x-server-name: app03.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.slashgear.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 52ms
52ms XHR
text/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3916&u=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&pr=https%3A%2F%2Fcmun.it%2F&pid=LMpzmqyGSkcFP&cb=0&ws=1600x1200&v=7.67.00&t=800&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22997x123%22%2C%22970x250%22%2C%22970x180%22%2C%22970x90%22%5D%2C%22sn%22%3A%22billboard%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22halfpage%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22rectangle%22%7D%5D&cfgv=0&gdpre=1&gdprc=BOQf-JpOQf-JpAKACCENBQAAAAAduAAA&gdprl=%7B%22status%22%3A%22cmp-success%22%7D
Requested by: Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/slashgear.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:36 GMT
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.slashgear.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 5XCtttzIlpmnAucDRWkZT7FaRu38B7zPB6mribWVD2mpzOuWW-rxOA==

GET
H2 200 z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/ 43 B
109 B 186ms
62ms Image
image/gif 63.34.231.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=https%3A%2F%2Fcmun.it%2F&zd_pageview_id=0f67b3ef-be64-4423-9fcb-6672c0df1546&zd_location=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&evidon_consent=undefined&third_party_consent=&fu=true
Requested by: Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.231.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-231-123.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:37 GMT
content-length: 43
content-type: image/gif

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 34FE 18 KB
8 KB 40ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=280&slotname=1358470999&adk=1833265905&adf=2596562503&pi=t.ma~as.1358470999&w=336&lmt=1627667976&psa=0&format=336x280&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976413&bpp=1&bdt=321&idt=141&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=462&ady=3256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PxWHqJ5nY8&p=https%3A//www.slashgear.com&dtd=144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:58:21 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 34FE 2 KB
1 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:59:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34FE 124 KB
37 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:37 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 17:59:37 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 34FE 14 KB
7 KB 31ms
5ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:56:11 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/ Frame BD48 95 KB
20 KB 20ms
9ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7b0f05fd4ae9ff960a0359190afda7c4b2e996b1af4df73b5080590203793c2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6129057763443717358/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 27 Jul 2021 19:40:43 GMT
expires: Wed, 27 Jul 2022 19:40:43 GMT
last-modified: Tue, 06 Jul 2021 13:40:06 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 19529
age: 253134
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 34FE 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHVP8CD4EYdifI9mPrATg77KYCZmX3eNjkcWXz50OkunS4LIBEAEg3KOGAmCVAqAB1NDQlwPIAQmpAq8lzCHa8LM-qAMByANIqgTzAU_Qvw41DPZq8T_V00PY3P9FMNe_Ww8pgljpfeZT2x019BzuNEgOxB6C8d0F_xHdzfs9sYvPe3D8v1tovMs9aCsP_89-UEqpRhIxwqUCnk-_bbs09BB8arQC4pvnJvrD-UHc99xN3txTRSPCpPRt7yxG7-Ye2O5QYw5usPx8C8pI93JMtoDqFytWg8U-IQ3g1fcjvJebBWpDGxZQ8rt5WtYSI94drSiSoKR14BffsZnxyLQOwmDHHOGpXyXPn71-xBo5lGBTw4NSEm2Z9j5aFwS1Q8oXPFFI-AeanOYGPzvvAarvd8qDTMXjeNeaiXS4zVkLksAEoYLkusQDkgUECAQYAZIFBAgFGASgBi6AB8v_3GyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwUQ5-GeA9IICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi0zMjAxMjUyMzgxNTgzNTg1&sigh=qZvxkFjiTl4&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=280&slotname=1358470999&adk=1833265905&adf=2596562503&pi=t.ma~as.1358470999&w=336&lmt=1627667976&psa=0&format=336x280&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976413&bpp=1&bdt=321&idt=141&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=462&ady=3256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PxWHqJ5nY8&p=https%3A//www.slashgear.com&dtd=144
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 30 Jul 2021 17:59:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jul 2021 17:59:37 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame BD48 2 KB
567 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:900

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fdb65c85e3d0d7be60ef0017b88fc183a2f12973211e671a6e0aecdece08d810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 17:17:05 GMT
server: ESF
date: Fri, 30 Jul 2021 17:59:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jul 2021 17:59:37 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E5CE 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=280&slotname=1358470999&adk=1833265905&adf=2596562503&pi=t.ma~as.1358470999&w=336&lmt=1627667976&psa=0&format=336x280&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976413&bpp=1&bdt=321&idt=141&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=462&ady=3256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PxWHqJ5nY8&p=https%3A//www.slashgear.com&dtd=144
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjktCNJIu0J3RuTTO0Tt2jmuat2PrQW5DsW7vMI6HkvBDYqytRZX2gBf9maVA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=280&slotname=1358470999&adk=1833265905&adf=2596562503&pi=t.ma~as.1358470999&w=336&lmt=1627667976&psa=0&format=336x280&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976413&bpp=1&bdt=321&idt=141&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=462&ady=3256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=PxWHqJ5nY8&p=https%3A//www.slashgear.com&dtd=144

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 30 Jul 2021 17:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 34FE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd17f3d7ef3900b6b6677d9dd08d5d158ebd950f53f544ba4acc1ba0260cc235

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BD48 16 KB
6 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 18:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 30 Jul 2021 18:13:47 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BD48 26 KB
10 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 31 Jul 2021 12:37:33 GMT

GET
H3-29 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuBWYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v3/ Frame BD48 17 KB
17 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuBWYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:900

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df05d2f33fef3383a2bbd852400ad273eaa8f72127df287b34642db985193235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 08:50:51 GMT
x-content-type-options: nosniff
age: 292126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17604
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:38:36 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:50:51 GMT

GET
H3-29 200 2474085465535546364
tpc.googlesyndication.com/simgad/ Frame D3CE 84 KB
85 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2474085465535546364?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlzuWEocoMxaRd6syDiQC1M7aaTSQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=285&slotname=7713392594&adk=2092238195&adf=383669989&pi=t.ma~as.7713392594&w=346&lmt=1627667976&rafmt=12&psa=0&format=346x285&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976409&bpp=4&bdt=317&idt=116&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&correlator=103970874507&frm=20&pv=2&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=457&ady=931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=eW3DiXLpK3&p=https%3A//www.slashgear.com&dtd=136

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc07a26fd74a871e0e6af216ba81ce4c823453c89776f94c7818a1a1f42cfca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:37:50 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Jul 2021 11:44:58 GMT
server: sffe
age: 1307
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86519
x-xss-protection: 0
expires: Sat, 30 Jul 2022 17:37:50 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame D3CE 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:58:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame D3CE 2 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:59:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3CE 124 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:37 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 17:59:37 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame D3CE 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:56:11 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame D3CE 26 KB
11 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f62a8ff7c0b7077bb1c9c33b29d6276bbde33e88b1833aecedc248526509a083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 15:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10769
x-xss-protection: 0
server: cafe
etag: 6617245152184291830
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 15:09:49 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D3CE 0
0 20ms
20ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5vc8CD4EYYeDI4mMjuwP94CY4A6Yk4X2Y7-m2vqFDsPmk6-QDhABINyjhgJglQKgAcbB_pMDyAECqAMByAPJBKoE9AFP0OVjRnrY5FyL04ZAh0RiyX18wauyFVyCl10ePPNBLc5O9klGyOu_TJ5C8c6GRSDHpscs6q-RPo8HnV_lliw5RwwZtsHTCHn0_DyAHOr1NClFGFI5PnJCjHEh3nKs_240hDfVyC9nrtod9ivW2WqD3dBnBMiJa-pXjmpbhIuEXqB1x6zohJvQrEvW5MMgMDRuBWtTs63ADLO-XP4xOKJ04-dt0yH49FdJ2VxnjAY7aS3eGGwyLZtAQpTWRQ7YfjlUGk5LGZrPHz47oLPqdkRcBlxX_tywy96Y3kkaEEm4NnBLcojwd8g3TCyS420PIm7hyIxQwATY2dfL6wOSBQQIBBgBkgUECAUYBKAGAoAHor6BbKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDtqy7SCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItMzIwMTI1MjM4MTU4MzU4NQ&sigh=FcfhQJuf7jA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=285&slotname=7713392594&adk=2092238195&adf=383669989&pi=t.ma~as.7713392594&w=346&lmt=1627667976&rafmt=12&psa=0&format=346x285&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976409&bpp=4&bdt=317&idt=116&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&correlator=103970874507&frm=20&pv=2&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=457&ady=931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=eW3DiXLpK3&p=https%3A//www.slashgear.com&dtd=136
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 30 Jul 2021 17:59:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E5CE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjktCNJIu0J3RuTTO0Tt2jmuat2PrQW5DsW7vMI6HkvBDYqytRZX2gBf9maVA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 30 Jul 2021 17:59:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 30-Jul-2021 18:59:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Jul 2021 17:59:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 30 Jul 2021 17:59:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 04FF 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=285&slotname=7713392594&adk=2092238195&adf=383669989&pi=t.ma~as.7713392594&w=346&lmt=1627667976&rafmt=12&psa=0&format=346x285&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976409&bpp=4&bdt=317&idt=116&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&correlator=103970874507&frm=20&pv=2&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=457&ady=931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=eW3DiXLpK3&p=https%3A//www.slashgear.com&dtd=136
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjktCNJIu0J3RuTTO0Tt2jmuat2PrQW5DsW7vMI6HkvBDYqytRZX2gBf9maVA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=285&slotname=7713392594&adk=2092238195&adf=383669989&pi=t.ma~as.7713392594&w=346&lmt=1627667976&rafmt=12&psa=0&format=346x285&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976409&bpp=4&bdt=317&idt=116&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&correlator=103970874507&frm=20&pv=2&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=457&ady=931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeE%7C&abl=NS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=eW3DiXLpK3&p=https%3A//www.slashgear.com&dtd=136

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 30 Jul 2021 17:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D3CE 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f786987b536b72c35b2ab3ae7467cb0f407ad96aecef6113f56367933a0c0eca

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame BD48 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 06:37:43 GMT

GET
H3-29 200 button_de.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/ Frame BD48 3 KB
3 KB 10ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/button_de.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e0a32a08e8237527fa5c3c1f1508966fe5fd9f12e1ad3a38004e67a688eec8f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 253131
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2648
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 13:40:06 GMT
server: sffe
date: Tue, 27 Jul 2021 19:40:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 19:40:46 GMT

GET
H3-29 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/ Frame BD48 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/logo.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a8a57d54dade1b13cd846b9e600204f046ff1b81a9b291a2d7fcf9217fa33fc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 253131
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2858
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 13:40:06 GMT
server: sffe
date: Tue, 27 Jul 2021 19:40:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 19:40:46 GMT

GET
H3-29 200 11052021_CB_Grover-1092_v7.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/ Frame BD48 84 KB
84 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/11052021_CB_Grover-1092_v7.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe0d38edfed19699716e0d23d7d0edb2b4977081cb6d51cc73d77395985e97c1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 253131
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86054
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 13:40:06 GMT
server: sffe
date: Tue, 27 Jul 2021 19:40:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 19:40:46 GMT

GET
H3-29 200 13212841964771754317
tpc.googlesyndication.com/simgad/ Frame 8F19 12 KB
12 KB 7ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13212841964771754317?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlpSebTP5p1sZZQEiQRrjVYZEyg3w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=250&slotname=9079582994&adk=151233876&adf=1647781436&pi=t.ma~as.9079582994&w=300&lmt=1627667976&psa=0&format=300x250&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976414&bpp=1&bdt=321&idt=174&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285%2C336x280&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=211&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kKtPEjJLAB&p=https%3A//www.slashgear.com&dtd=178

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d18a6d79482e7b4df24bfe9df7a57b8b0b462b2a95856e46952e84f2447927b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 16:06:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Jul 2021 11:52:40 GMT
server: sffe
age: 179562
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12189
x-xss-protection: 0
expires: Thu, 28 Jul 2022 16:06:55 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 8F19 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:58:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 8F19 2 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:59:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F19 124 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:37 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 17:59:37 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 8F19 14 KB
6 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:56:11 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 8F19 26 KB
11 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f62a8ff7c0b7077bb1c9c33b29d6276bbde33e88b1833aecedc248526509a083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 15:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10769
x-xss-protection: 0
server: cafe
etag: 6617245152184291830
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 15:09:49 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8F19 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPhjsCD4EYbudJYqLjuwPs5uduAnczO7xY_DG2Me3DtWOpKQEEAEg3KOGAmCVAqABqLf2ygPIAQKpApkLAOSm5bM-qAMByAPJBKoE8QFP0D0qsCFCySSgj_nI0ldaHFzUFAE8emBEOSJ_tgEKztyzbc03M2nsqwsreSAr2rM44s1ivE-ONK3oXB6K3RUuOMUjmd6NdnL5iMGzU3nHoFZpdVMKpMtvCB7Ve_NBpvMFX1042MDddWbH68XxliSFHta6Nc9M3f0jwUrSFpb5Qb6lUVRJXVcUz53kRpQZ4N1Nh8YHI1GVrEoboEa3O_PG8zB5CvynNAglmox0xWIZKa4XVVaQaX5gumOIKlGZhRNn01CkGhMi7Q3JpNnW5vmD-_CaiP3HR2X3L_PtT2p0csEiuAD6N56kpRuQWjcoNaA8wAT685nsvwOSBQQIBBgBkgUECAUYBKAGAoAHi-HomQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQkIAj0ggJCIDhgBAQARgfgAoByAsB2BMC0BUBgBcBshcaChgIABIUcHViLTMyMDEyNTIzODE1ODM1ODU&sigh=yQjVgIU9Isc

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=250&slotname=9079582994&adk=151233876&adf=1647781436&pi=t.ma~as.9079582994&w=300&lmt=1627667976&psa=0&format=300x250&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976414&bpp=1&bdt=321&idt=174&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285%2C336x280&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=211&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kKtPEjJLAB&p=https%3A//www.slashgear.com&dtd=178
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 30 Jul 2021 17:59:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BD48 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 04FF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjktCNJIu0J3RuTTO0Tt2jmuat2PrQW5DsW7vMI6HkvBDYqytRZX2gBf9maVA; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 30 Jul 2021 17:59:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 30-Jul-2021 18:59:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Jul 2021 17:59:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 30 Jul 2021 17:59:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 42C1 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 06:37:43 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F7FA 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=250&slotname=9079582994&adk=151233876&adf=1647781436&pi=t.ma~as.9079582994&w=300&lmt=1627667976&psa=0&format=300x250&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976414&bpp=1&bdt=321&idt=174&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285%2C336x280&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=211&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kKtPEjJLAB&p=https%3A//www.slashgear.com&dtd=178
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjktCNJIu0J3RuTTO0Tt2jmuat2PrQW5DsW7vMI6HkvBDYqytRZX2gBf9maVA; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3201252381583585&output=html&h=250&slotname=9079582994&adk=151233876&adf=1647781436&pi=t.ma~as.9079582994&w=300&lmt=1627667976&psa=0&format=300x250&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627667976414&bpp=1&bdt=321&idt=174&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&prev_fmts=346x285%2C336x280&correlator=103970874507&frm=20&pv=1&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=211&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530889%2C20211866&oid=3&pvsid=2340298016773662&ref=https%3A%2F%2Fcmun.it%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kKtPEjJLAB&p=https%3A//www.slashgear.com&dtd=178

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 30 Jul 2021 17:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8F19 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7143e0c012cdb9e8d3a1f1d81f7247bd1e74f8cc53ca090ab0e6d6078c5cb5d3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 match Show response
bee.imrworldwide.com/v1/clients/ 39 B
503 B 71ms
25ms XHR
application/json 13.224.96.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bee.imrworldwide.com/v1/clients/match?client_id=ziffdavis&url=https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Requested by

Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/v60.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-56.zrh50.r.cloudfront.net

Software

Resource Hash

0210bcf8c6f9fb41e1db722e8ec3c318101342f5922c59331321c993df1720d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1130
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-frame-options: DENY
strict-transport-security: max-age=25920000; includeSubDomains
content-type: application/json; charset=utf-8
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: NQDF86z7gG_dzZB-5gtkqyfNRwWaAhiK8fj9uGaDzK7Pypq_eS96AQ==

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1627667977519&ci=ziffdavis&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-le...
https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1627667977519&ci=ziffdavis&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-le...

44 B
368 B

43ms
42ms

Image
image/gif

54.246.201.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1627667977519&ci=ziffdavis&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&rp=https%3A%2F%2Fcmun.it%2F&sr=1600x1200&tz=2&ja=1
Requested by: Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.201.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-201-247.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:37 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:37 GMT
server: nginx
location: https://secure-us.imrworldwide.com/cgi-bin/m?rnd=1627667977519&ci=ziffdavis&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&rp=https%3A%2F%2Fcmun.it%2F&sr=1600x1200&tz=2&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 config250.js Show response
cdn-gl.imrworldwide.com/conf/ 12 KB
5 KB 12ms
11ms Script
application/javascript 2600:9000:2190:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Requested by: Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7dc630ee70492f5758c828c197336203ae216796796182b96b661136a6b2d5f

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 30 Jul 2021 17:50:23 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 17:20:34 GMT
server: AmazonS3
age: 555
etag: W/"bea69de204843dba6b2ae981a94dfe3b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: dqMIWzCgAECs9Sx1A8HYd1yLNR.A2r5w
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: DG9Mvdm3LowIyrwlvRhEXTkA88BgbC2xluFS1rgdNYCP66SfYg05gg==

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F7FA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjktCNJIu0J3RuTTO0Tt2jmuat2PrQW5DsW7vMI6HkvBDYqytRZX2gBf9maVA; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 30 Jul 2021 17:59:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 30-Jul-2021 18:59:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Jul 2021 17:59:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 30 Jul 2021 17:59:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
853 B 43ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.slashgear.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 17:59:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.slashgear.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 17:59:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame ACEF 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 06:37:43 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 99 KB
29 KB 785ms
785ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2340298016773662&correlator=995844409007491&output=ldjh&impl=fifs&eid=20211866&vrg=2021072701&ptt=17&sc=1&sfv=1-0-38&ecs=20210730&iu_parts=4585%2Cns.slashgear%2Carticles&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C997x123%7C970x250%7C970x180%7C970x90%2C300x600%7C300x250%2C300x250%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C120x30%2C1x1&ists=125&prev_scp=rfr%3Dfalse%26OOF%3Dfalse%26ppos%3Datf%26pos%3Datf%26amznbid%3D2%26amznp%3D2%26id%3De74aad22-f15f-11eb-b7db-0a6fa201f3de%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7Crfr%3Dfalse%26OOF%3Dfalse%26ppos%3Datf%26pos%3Datf%26amznbid%3D2%26amznp%3D2%26id%3De74aad23-f15f-11eb-b7db-0a6fa201f3de%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7Crfr%3Dfalse%26OOF%3Dfalse%26ppos%3Dbtf%26pos%3Dbtf%26amznbid%3D2%26amznp%3D2%26id%3De74aad24-f15f-11eb-b7db-0a6fa201f3de%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7COOP_type%3Dfooter%26rfr%3Dfalse%26OOF%3Dfalse%26id%3De74aad25-f15f-11eb-b7db-0a6fa201f3de%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7COOP_type%3Dstitials%26rfr%3Dfalse%26OOF%3Dfalse%26id%3De74aad26-f15f-11eb-b7db-0a6fa201f3de%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7COOP_type%3Dinpage%26rfr%3Dfalse%26OOF%3Dfalse%26id%3De74aad27-f15f-11eb-b7db-0a6fa201f3de%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7COOP_type%3Dskin%26rfr%3Dfalse%26OOF%3Dfalse%26id%3De74aad28-f15f-11eb-b7db-0a6fa201f3de%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7COOP_type%3Dinline%26rfr%3Dfalse%26OOF%3Dfalse%26id%3De74aad29-f15f-11eb-b7db-0a6fa201f3de%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7COOP_type%3Dmasthead%26rfr%3Dfalse%26OOF%3Dfalse%26id%3De74aad2a-f15f-11eb-b7db-0a6fa201f3de%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7COOP_type%3Dnative%26rfr%3Dfalse%26OOF%3Dfalse%26id%3De74aad2b-f15f-11eb-b7db-0a6fa201f3de%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%2C50&eri=4&cust_params=url%3D%252Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%252F%26ref%3Dhttps%253A%252F%252Fcmun.it%252F%26gdpr%3D0%26zcp%3Dee0e3eef2d98401023400%26cpid%3D61ce9ebb20c73de591caf88d82d557ac%26pageviewid%3D0f67b3ef-be64-4423-9fcb-6672c0df1546%26amznslots%3D%26zdid%3D61ce9ebb20c73de591caf88d82d557ac%26zc%3D02b9508f-92e6-45c3-a1ed-8bb2d9607f42%26p%3D1100549%252C7309%252C900109%252C900110%252C900111%252C900241%252C900115%252C900255%252C900002%252C900263%252C900138%252C900139%252C900140%252C900015%252C900146%252C900276%252C900152%252C900282%252C900156%252C900157%252C900286%252C900159%252C900160%252C900033%252C900162%252C900166%252C900294%252C900168%252C900041%252C900042%252C900169%252C900170%252C900172%252C900173%252C900296%252C900049%252C900305%252C900306%252C900307%252C900309%252C900311%252C900059%252C900315%252C900061%252C900189%252C900190%252C900192%252C900317%252C900320%252C900195%252C900327%252C900200%252C900332%252C900207%252C900336%252C900082%252C900085%252C900341%252C900092%26zdbb%3D%26s%3D%26p2%3D1100549%252C7309%252C900109%252C900110%252C900111%252C900241%252C900115%252C900255%252C900002%252C900263%252C900138%252C900139%252C900140%252C900015%252C900146%252C900276%252C900152%252C900282%252C900156%252C900157%252C900286%252C900159%252C900160%252C900033%252C900162%252C900166%252C900294%252C900168%252C900041%252C900042%252C900169%252C900170%252C900172%252C900173%252C900296%252C900049%252C900305%252C900306%252C900307%252C900309%252C900311%252C900059%252C900315%252C900061%252C900189%252C900190%252C900192%252C900317%252C900320%252C900195%252C900327%252C900200%252C900332%252C900207%252C900336%252C900082%252C900085%252C900341%252C900092%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&cookie=ID%3Dadbccad8cdaa40da-22ec47048fc80085%3AT%3D1627667976%3ART%3D1627667976%3AS%3DALNI_MbmxcR1UlOpSNiqYeW1XWvGi1o8QA&bc=31&abxe=1&dt=1627667977644&dlt=1627667976093&idt=682&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C993%2C993%2C0%2C0%2C0%2C0%2C0%2C0%2C0&adys=70%2C944%2C1442%2C1200%2C1200%2C1200%2C1200%2C1200%2C1170%2C1200&adks=1713693884%2C1089631908%2C1273777675%2C4088049011%2C3889242881%2C3500785569%2C3500298186%2C3507300634%2C2552859092%2C169727153&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=5&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&ref=https%3A%2F%2Fcmun.it%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=986x100%7C320x40%7C320x40%7C1600x4344%7C1600x4344%7C1600x4344%7C1600x4344%7C1600x4344%7C1600x4344%7C1600x4344&msz=986x0%7C320x0%7C320x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C120x-1%7C0x0&ga_vid=455820475.1627667977&ga_sid=1627667977&ga_hid=177989887&ga_fc=false&fws=4%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C512%2C0&ohw=986%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C0%7C7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e0ef405fb65a8737b4e0fbcb94b222d27332389c8cf507250a038348d774dd61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29548
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,4910077359,4910077359,4799980024,4910077359,4910077359,-2,4910077359
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138256970492,138256924653,138268342855,138256970483,138257174434,-2,138256924689
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.slashgear.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FF50 6 KB
3 KB 67ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.slashgear.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.slashgear.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 30 Jul 2021 17:59:37 GMT
expires: Sat, 30 Jul 2022 17:59:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 192 KB
54 KB 13ms
13ms Script
application/javascript 2600:9000:2190:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .6i.Bs5E9x1m.2d09i7OXpREHjKip94r
content-encoding: gzip
etag: W/"bd1ffd9a8dc416cfddcde665f3111e22"
last-modified: Tue, 06 Jul 2021 14:06:25 GMT
server: AmazonS3
age: 1412
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 30 Jul 2021 17:36:06 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 7YULNaaRzNGyIP4tREX92Tnb6fV1HjM4Hhc6nYCFRUef-_FqlynH1w==

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame B1C7 12 KB
4 KB 12ms
12ms Document
text/html 2600:9000:2190:5200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.slashgear.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCVER=v1; IMRID=e7a37b10-f15f-11eb-b991-fb802b17ddb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.slashgear.com/

Response headers

content-type: text/html
last-modified: Tue, 06 Jul 2021 14:06:24 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: TxpWXQUHATxp36qO.r6EdzVZ2u47hdPM
server: AmazonS3
content-encoding: gzip
date: Fri, 30 Jul 2021 17:18:28 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: a7d9G-M1fQe2DVgByZZQHTKYz33n37YAhODsmXAEdgEUUwRB7selJQ==
age: 2469

GET
H2 200 check Show response
jogger.zdbb.net/ 5 B
231 B 343ms
111ms XHR
text/plain 44.193.70.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jogger.zdbb.net/check?href=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.70.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-70-245.compute-1.amazonaws.com
Software: /
Resource Hash: 4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:38 GMT
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=591159
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 5

GET
H2 200 zd-core-olt.min.js Show response
cdn.static.zdbb.net/js/ 844 B
1 KB 45ms
45ms Script
application/javascript 2.21.172.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.172.90 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-172-90.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4Sg8n0YDuHi0U_1GzDoHhO1e86cU22YG
last-modified: Fri, 23 Jul 2021 16:36:45 GMT
x-amz-request-id: 83JWAGN9M1R0RZBW
date: Fri, 30 Jul 2021 17:59:37 GMT
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 844
x-amz-id-2: GWiHxmEpEnIF1wTNC4h/JqyIE+tn72KIuNUB1SZ0uRgQ5jICA+Aan5zvNVjyWy+F+BwmxRfgluE=
expires: Fri, 06 Aug 2021 17:59:37 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 127ms
49ms Script
application/javascript 104.111.228.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.228.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-137.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Fri, 30 Jul 2021 17:59:37 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Fri, 06 Aug 2021 17:59:37 GMT

GET
H2 200 krux-coretag.js Show response
cdn.static.zdbb.net/js/ 335 B
629 B 46ms
46ms Script
application/javascript 2.21.172.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.172.90 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-172-90.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: OHsIJkjYEKbnEbFnrKsb3eUE70zysZmJ
last-modified: Fri, 23 Jul 2021 16:36:44 GMT
x-amz-request-id: 83JVBKP0YVB46MK9
date: Fri, 30 Jul 2021 17:59:37 GMT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 335
x-amz-id-2: sjawjzjBdDEal5VqALNiRD6q7xsAsvFK6iwo/Ia5ljgx1lRZ4TSss1mUcCqXoToYMy/NWy+hOXU=
expires: Sat, 31 Jul 2021 17:59:37 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 29ms
27ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210728&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

984b24e553f69f58ee5dae5e37ad554b61b0cd4652ea7af91023d7e5ebe6ad2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 17:59:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8527
x-xss-protection: 0

GET
H2 200 gn
secure-us.imrworldwide.com/cgi-bin/ Frame B1C7 88 B
412 B 43ms
42ms Image
image/gif 54.246.201.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,NA&sessionId=djb8d2owpb6vps4sq6jzb4zk9n2xf1627667977&c16=sdkv,bj.6.0.0&retry=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.201.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-201-247.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 18344242ff477e6698f24b0211d53b9194cef9905ad67c8649e8a41ce614b415

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:37 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 88
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
djb8d2owpb6vps4sq6jzb4zk9n2xf1627667977.nuid.imrworldwide.com/ Frame B1C7 35 B
350 B 92ms
21ms Image
image/gif 2600:9000:2176:6400:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djb8d2owpb6vps4sq6jzb4zk9n2xf1627667977.nuid.imrworldwide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2176:6400:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 01:30:54 GMT
via: 1.1 950da666aeb2f1c767ee4d6f91c2858f.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 59324
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: MXP64-C3
accept-ranges: bytes
content-length: 35
x-amz-cf-id: QAui14ajxEZso6nFBhAYuKuMNLe2UGyPip2YvkDSpPPI7mU_o2rKBQ==

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=177989887&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&dr=https%3A%2F%2Fcmun.it%2F&ul=en-us&de=UTF-8&dt=BIG%20Shiny%20Pokemon%20GO%20leak%3A%20See%20Galar%20get%20bright!%20-%20SlashGear&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=View&el=25%25&ev=0&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=455820475.1627667977&tid=UA-645197-1&_gid=1697395187.1627667977&gtm=2wg7s0TQRF3TG&z=1301035528

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 03:41:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51465
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 30 Jul 2021 17:59:37 GMT

GET
H2 200 spgdj7g8u.js Show response
cdn.krxd.net/controltag/ 2 B
393 B 98ms
31ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/spgdj7g8u.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 30 Jul 2021 17:59:37 GMT
via: 1.1 varnish, 1.1 varnish
age: 361
x-cache: MISS, HIT, HIT
x-app-cache: MISS
x-age: 0
content-encoding: gzip
content-length: 22
x-served-by: config-service-a003-ash-prod.krxd.net, cache-bwi5139-BWI, cache-fra19124-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1627667978.926213,VS0,VE0
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 21

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1855 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.slashgear.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.slashgear.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 30 Jul 2021 17:41:53 GMT
expires: Sat, 30 Jul 2022 17:41:53 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D240 783 B
531 B 19ms
19ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5ca671c82f08adaefbfbcad2bcc76d076d57a6250a240f32b3be5e615d79a58

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+nM5y+pjNWnXe2Br2gma1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.slashgear.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.slashgear.com/

Response headers

expires: Fri, 30 Jul 2021 17:59:37 GMT
date: Fri, 30 Jul 2021 17:59:37 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+nM5y+pjNWnXe2Br2gma1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 1855 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 06:37:43 GMT

GET
H/1.1 200
OK 30629 Show response
stags.bluekai.com/site/ Frame 4CDD 71 B
338 B 235ms
189ms Document
text/html 23.45.99.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Dslashgear.com&phint=referer%3Dhttps%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&phint=bbseg%3D1100549&phint=bbseg%3D7309&phint=bbseg%3D900109&phint=bbseg%3D900110&phint=bbseg%3D900111&phint=bbseg%3D900241&phint=bbseg%3D900115&phint=bbseg%3D900255&phint=bbseg%3D900002&phint=bbseg%3D900263&phint=bbseg%3D900138&phint=bbseg%3D900139&phint=bbseg%3D900140&phint=bbseg%3D900015&phint=bbseg%3D900146&phint=bbseg%3D900276&phint=bbseg%3D900152&phint=bbseg%3D900282&phint=bbseg%3D900156&phint=bbseg%3D900157&phint=bbseg%3D900286&phint=bbseg%3D900159&phint=bbseg%3D900160&phint=bbseg%3D900033&phint=bbseg%3D900162&phint=bbseg%3D900166&phint=bbseg%3D900294&phint=bbseg%3D900168&phint=bbseg%3D900041&phint=bbseg%3D900042&phint=bbseg%3D900169&phint=bbseg%3D900170&phint=bbseg%3D900172&phint=bbseg%3D900173&phint=bbseg%3D900296&phint=bbseg%3D900049&phint=bbseg%3D900305&phint=bbseg%3D900306&phint=bbseg%3D900307&phint=bbseg%3D900309&phint=bbseg%3D900311&phint=bbseg%3D900059&phint=bbseg%3D900315&phint=bbseg%3D900061&phint=bbseg%3D900189&phint=bbseg%3D900190&phint=bbseg%3D900192&phint=bbseg%3D900317&phint=bbseg%3D900320&phint=bbseg%3D900195&phint=bbseg%3D900327&phint=bbseg%3D900200&phint=bbseg%3D900332&phint=bbseg%3D900207&phint=bbseg%3D900336&phint=bbseg%3D900082&phint=bbseg%3D900085&phint=bbseg%3D900341&phint=bbseg%3D900092&phint=__bk_t%3DBIG%20Shiny%20Pokemon%20GO%20leak%3A%20See%20Galar%20get%20bright!%20-%20SlashGear&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Fcmun.it%2F&phint=__bk_l%3Dhttps%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&phint=__bk_v%3D3.1.10&limit=10&r=46417560
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.99.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-99-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.slashgear.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.slashgear.com/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 6c1b
Date: Fri, 30 Jul 2021 17:59:38 GMT
Connection: keep-alive
X-N: S

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210728&jk=2340298016773662&bg=!vr2lvfnNAAals0SOpbM7ACkAdvg8WniCNZMqgaQSlMZzP5wu0TOdhJ9v68Jog329AO097Q09cn9_PAIAAAB6UgAAAA5oAQcKACL6ZN0rX5cr56mgwJGumjCDeWRtSP4BUaxNiFaApnEoMoQ8mQJznhrdBbDyvwuZUQrO97h4ewFElcpFO8J6715p1fCPs60RNReze6HR0bUPdd_E_cc2frWl8d7065MeGqsVQwcMEMnFdxZiFdCm1hKvwG11bi4wzNKJK2F2uaBQTyfKMTVI1-FciJih5SdVRMWWK9lMp7hjm_pXqyZ9gSLjBkqvsJszDxQb-uNw6FzoyKjEe89ADimUhC4wTdbgeLOJFWW4SGpuCBq77o4pLYcttfPcMekHY1Z4oSozZPlcBUP4Gr5zXu-lEWkC3S6p7ZybuW7hDrM0BJRUr3iecItyhNcoD7OM5DuW0n_8mMjOyWf_XYxvl7cwiuPhE1xvqjR3MF-con-0p3D9_9qG9u4CaIlNghOp7BOZI7brX1365wuzox2v5A8Lj6rYjtwbQ-ghTRTjWvszJwgxGk5WPbptTTECin5i7siC7Argb4qC2w7YxWVaru3P3yRTzausXfdtx-7pW5QaKUe7zQo2x2DC55r5qzua5ikAZlBaNRmVPknZNLC1AOMW47dUsYFG9oiqI52c5JP3zqGifGpzt2-_lIfhLZqkcEc9pGuhSmW7stFGWq2yGU8NSPq0DN94mBQxE68TRFcfz2zsYUm5WVxCFDzb2Br4CqTCU60RD9l8gvFboNMufHtuKd18jYbvaylbZk5Oi1cIbLAJBxx2meqqnPfyVHTlhFBn92PGtl_Upieg_okgX_dRoyKJg-mg5kiiY-bqlLnegtv-hGcwVI5RDKr6u-pvUp9DViomjfNkZFhAn9hkmyteFljr3V0-m7aGqnkTs4yBrpqKUt_1aiSK0Rm5V7kYyVPY9xZ0z-rK1XE80s2FQLGZ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D3CE 42 B
64 B 18ms
18ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuV47SGfSfOn5liAs-7m51o81TDpnhX8-SvrS7NLytz3sPUqhCJDXJEEN-m67GVC_7gv1ModeOUlqYVeniYEC3hLb8T5Q2OhblyEz7ZrWhPzPFBMYoNkNNZWx9o6A&sai=AMfl-YTI547J1UPKexV4xnY5CHQtAmaP7Jqe9_97POT4Vgq_k3EFWivAAKT2714G9pQ2urDDe3sSp2PqGfAU&sig=Cg0ArKJSzGpnHlJC7EViEAE&id=lidar2&mcvt=1001&p=931,459,1216,801&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210728&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&app=0&itpl=4&adk=2092238195&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627667976549&dlt=697&rpt=95&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F4DA 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.slashgear.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.slashgear.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 30 Jul 2021 17:59:37 GMT
expires: Sat, 30 Jul 2022 17:59:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D6E 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.slashgear.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.slashgear.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 30 Jul 2021 17:59:37 GMT
expires: Sat, 30 Jul 2022 17:59:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8F19 42 B
64 B 18ms
16ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnEaM7VEXITz5y9GuMa66G1LJjGfR2KwAfBBqJRx9tRJxUDUEqbggM_0JljLbdOTyszMR0LmG0IApv90hPuJD8LnBRwW-b6kSTiFxy8MVM0c0EwQCgCo9B9XMlYw&sai=AMfl-YQvshmRnGACCP3yKZ16WnBbZsShiE-jvKGXg4vbwsuvgwoklT0fPk2o9Ih2ZEaN8sCG1t0BfjxtIAMW&sig=Cg0ArKJSzHcCCnBJ7crjEAE&id=lidar2&mcvt=1010&p=211,993,461,1293&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20210728&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=151233876&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627667976594&dlt=756&rpt=46&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F500 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53ea6986f75a1bcb098fbff5584d6ee09ba2236abb1333ec7be6c8ae3e24567e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 1153452811013376518
tpc.googlesyndication.com/simgad/ Frame F500 826 B
854 B 7ms
7ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1153452811013376518?

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:38:02 GMT
x-content-type-options: nosniff
age: 321696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 826
x-xss-protection: 0
last-modified: Thu, 03 Jan 2019 21:31:22 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:38:02 GMT

GET
H3-29 200 view%3Fxai%3DAKAOjsshKDf_sqUDqrUekPINkzGbxm1-XxAxxaDE8ioIg2FS5F1QE6ZRNvOMaIqXGZQY6CaamYHqiweSCnGPL3kJaYOWm7mFiVl-3UC3TCz-DJQ1sxTX10812dBX3X0N9WJkRLKRZmGM8-tTsGkqRn8CFAYzlxstDvPCW1xaiLSbvDaOKa_q1onk...
securepubads.g.doubleclick.net/pcs/ Frame F500 0
23 B 36ms
36ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsshKDf_sqUDqrUekPINkzGbxm1-XxAxxaDE8ioIg2FS5F1QE6ZRNvOMaIqXGZQY6CaamYHqiweSCnGPL3kJaYOWm7mFiVl-3UC3TCz-DJQ1sxTX10812dBX3X0N9WJkRLKRZmGM8-tTsGkqRn8CFAYzlxstDvPCW1xaiLSbvDaOKa_q1onkhUpacq8vjUay8gwiBMmJEm_iT-qvwQKY8a2Km1Dx4wBCF5UKyVNNTIiqJ0s6TIW_FbpPFzxug2RAsRoIehdRDUOl_uMNQUOfL6bGLwnfqQfAsK6YMh_6htDTH7myiPgR5CqFC-Gxeno%26sig%3DCg0ArKJSzHG556Wf5v0zEAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 17:59:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 1153452811013376518
tpc.googlesyndication.com/simgad/ Frame 1E9B 826 B
854 B 6ms
6ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1153452811013376518?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:38:02 GMT
x-content-type-options: nosniff
age: 321696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 826
x-xss-protection: 0
last-modified: Thu, 03 Jan 2019 21:31:22 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:38:02 GMT

GET
DATA 200
OK truncated
/ Frame 1E9B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0fb1da0e27c522c4d706ce11ea149f69c1aece7d8197725610fcea78510dbc2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view%3Fxai%3DAKAOjssA65EpKhrJIWrMNHeXTp8E06TWI5vN5ntKiMtl_DO2yXsF2bDxLuLtlupZLJvvYwS8LUNOgnEku81CzK1BzqulOR7RwLqzKMGS_XdkWNpkiS4quxUsQAubFzpev9NfXoSPoHEGGedfJa2wxkiD5Thzb-awqj7nmZ2vrJgeB1ZocWhh3TLx...
securepubads.g.doubleclick.net/pcs/ Frame 1E9B 0
23 B 33ms
33ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssA65EpKhrJIWrMNHeXTp8E06TWI5vN5ntKiMtl_DO2yXsF2bDxLuLtlupZLJvvYwS8LUNOgnEku81CzK1BzqulOR7RwLqzKMGS_XdkWNpkiS4quxUsQAubFzpev9NfXoSPoHEGGedfJa2wxkiD5Thzb-awqj7nmZ2vrJgeB1ZocWhh3TLxmp7dj75e4-18Yl0bNaSLe5AQyAyVzRzUd0zv6iiWoTc0cgVRrzoDLK6ByZvy4PKmyeJsGPDmIAKQKge_SuDPfcDwxC8ReE09TF6NVd-WMJhrqiBp7T5guHwlqM8djmUY-pSXjAdTPZo%26sig%3DCg0ArKJSzLZtKnkYejkQEAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 17:59:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 1153452811013376518
tpc.googlesyndication.com/simgad/ Frame 6B95 826 B
854 B 6ms
6ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1153452811013376518?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:38:02 GMT
x-content-type-options: nosniff
age: 321696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 826
x-xss-protection: 0
last-modified: Thu, 03 Jan 2019 21:31:22 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:38:02 GMT

GET
DATA 200
OK truncated
/ Frame 6B95 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e07b64045a1f5a43489b38955ed81a3f0412b76e3f76b15d63653e81b0c4e223

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view%3Fxai%3DAKAOjstQ8i6X9rQWvcut5G1bR-28KDYUetzGtz1nYGytnKMCzAM6VkGjDDmR7kKzPUfSgc4-Blpo2kiOwkZaAEB9ji5LZUWKdOvDVQ9jOBCnnGMm4y8SeiCWpgYKv3Abtuezsu5rgSsUbBYVBAvis-X0ETFTcDzwEJmj5zaf0fOaYbc2Qj6d2yLu...
securepubads.g.doubleclick.net/pcs/ Frame 6B95 0
23 B 38ms
37ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstQ8i6X9rQWvcut5G1bR-28KDYUetzGtz1nYGytnKMCzAM6VkGjDDmR7kKzPUfSgc4-Blpo2kiOwkZaAEB9ji5LZUWKdOvDVQ9jOBCnnGMm4y8SeiCWpgYKv3Abtuezsu5rgSsUbBYVBAvis-X0ETFTcDzwEJmj5zaf0fOaYbc2Qj6d2yLuuCTxvTOnudiJ0UtufcxLI_q3zxqHfgx5gs0rbpJpFKWU-z9cm_lmbJ5myWfKUdQvex5FeDPx0advXf1bHLsjFaCWKnN-eE-0ZhJviS57VxHc2IbtcHKbQOcV9Ton47l6Qfx9pDCs8lc%26sig%3DCg0ArKJSzOLJ4sw9EN0cEAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 17:59:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 1153452811013376518
tpc.googlesyndication.com/simgad/ Frame 9E9C 826 B
854 B 10ms
10ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1153452811013376518?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:38:02 GMT
x-content-type-options: nosniff
age: 321696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 826
x-xss-protection: 0
last-modified: Thu, 03 Jan 2019 21:31:22 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:38:02 GMT

GET
DATA 200
OK truncated
/ Frame 9E9C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd99c6e05a78853cddec02eb422294faf69dc76ce0a4ef6bcef09243d96bd0e7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view%3Fxai%3DAKAOjsvS7eTM_3xlhKL10VIM55ogq_E8C_n5_mYQEhwdGx_4waNlYyoZCKIwel7dKsEldgE-3dsAmp-QH6n8aC-j7S4YptZkRKwIDLevHhGXV81vfKBLKs71T4Ria7TjoYCtna1MylePGZUf6OS-FWFeyEKdRYJQc8EOQ1sHyu1YoL_0FSo5ACdO...
securepubads.g.doubleclick.net/pcs/ Frame 9E9C 0
23 B 34ms
34ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvS7eTM_3xlhKL10VIM55ogq_E8C_n5_mYQEhwdGx_4waNlYyoZCKIwel7dKsEldgE-3dsAmp-QH6n8aC-j7S4YptZkRKwIDLevHhGXV81vfKBLKs71T4Ria7TjoYCtna1MylePGZUf6OS-FWFeyEKdRYJQc8EOQ1sHyu1YoL_0FSo5ACdOuYWa52co3riQ2YNbw5r6DY4ed2k_LKEpaEMfFjz5Ic54aD31IGHY9EwNo-YrYpB5KGZgVPdmyLv7J1jaXb-kC00wZi3kxMowZLEZUHXrk2dB18OIo9qWXmrxCbRALF2vsz-WmoRXTyQ%26sig%3DCg0ArKJSzLRX1TUUz_F0EAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 17:59:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 tag Show response
a.teads.tv/page/92146/ Frame 3A3F 1 KB
818 B 111ms
58ms Script
application/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/92146/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8ee56915e5f3bb051618c450af1c437d244e2d34d98c0327d4f7ae4d8991afca

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:38 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 618
expires: Fri, 30 Jul 2021 18:59:38 GMT

GET
DATA 200
OK truncated
/ Frame 3A3F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af014c6dcf9b2a7a91725577fbc4fe6ef2f524be1f5e0a21ef2acdb581752450

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107200040000/ Frame A1E9 188 KB
55 KB 38ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d51b5c14fd6455affd3baceb0d2015c532566645fd80f645260c803a8b0f1c57

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55196
x-xss-protection: 0
server: sffe
date: Thu, 29 Jul 2021 08:25:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a8830a242785ad6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 08:25:03 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame A1E9 13 KB
5 KB 49ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4808
x-xss-protection: 0
server: sffe
date: Thu, 29 Jul 2021 08:25:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "82cb572e3b54d217"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 08:25:03 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame A1E9 87 KB
27 KB 49ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27828
x-xss-protection: 0
server: sffe
date: Thu, 29 Jul 2021 08:25:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2309f93374d1f64f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 08:25:02 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame A1E9 4 KB
2 KB 52ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1648
x-xss-protection: 0
server: sffe
date: Thu, 29 Jul 2021 08:25:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0ef177dade489237"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 08:25:02 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame A1E9 40 KB
13 KB 50ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 120876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12831
x-xss-protection: 0
server: sffe
date: Thu, 29 Jul 2021 08:25:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "896e0bc3d66ccdf5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 08:25:02 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame A1E9 4 KB
617 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 17:08:44 GMT
server: ESF
date: Fri, 30 Jul 2021 17:59:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jul 2021 17:59:38 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame A1E9 4 KB
617 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 17:14:53 GMT
server: ESF
date: Fri, 30 Jul 2021 17:59:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jul 2021 17:59:38 GMT

GET
DATA 200
OK truncated
/ Frame A1E9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0f467094d000303250e2be5ffbf4b5f9ef45e048b7336fdf4df5b1e717b892e

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14696715877970558211/ Frame A1E9 9 KB
9 KB 17ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14696715877970558211/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4ql8oF9zXXkyLC9KegrlZboxbU7jSQ

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6ec26d1696890f88d1075ec7d5bea6deb2043d8209a1d676a3c73ac3792fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 05:24:20 GMT
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:37:12 GMT
server: sffe
age: 45318
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9341
x-xss-protection: 0
expires: Sat, 30 Jul 2022 05:24:20 GMT

GET
H3-29 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame A1E9 1 KB
759 B 10ms
7ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:50:55 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A1E9 0
0 65ms
62ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVp2lCT4EYbXAL5GXx_APgdOPoAPfqZT8YfSD9p70CpaCzYWIFhABIOXP6xZg9ZXOgeAEoAG8-s2_A8gBBqkCZfowWcCCsj7gAgCoAwHIAwqqBJgCT9BVZ4zxovVC-uuG3MPPyvhLWG4ipK1JKOlIKzKJnwIqunCOTyKeAQuYNHa5ZXYOTZanC6IMS-QKXhoh3N8oIQNvXuy68FnBCStyn7MNW-pbqivmCTWRc8gXKRnQJ2llD5P83cCr0SIqyFm4O_kN40-OKt0V0hlH7GWX_GZNZJsw5ZrJGDyuQbOlh3BXtMJ1PYVqUOkkD3nshgpTUnHxcp-OOiBd2q0E3ST3f5Bn5Fa19RIZ_YhZPLnkMo52vkmNgogiNhPFG7I9ZGhc4CbOi0txcQyMj1ZqA6yhQ9gttk-xI0g6JX2bzYPTUyZSn46RDmbBD5UK1NcCcUMOgWff0PUlP56Md_yNerOHYRbyCF21xKwkov5rPcAEvPTppsMC4AQBkgUECAQYAZIFBAgFGASgBjeAB6yFskCoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ96gP0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tNjc3MjEwNjQ5NDc1ODA3MoAKA8gLAdgTDYgUA9AVAYAXAbIXGgoYCAASFHB1Yi05OTE0OTkyOTE0OTEwODQ3&sigh=l7Z5OB01fso&template_id=492
Requested by: Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A1E9 0
0 17ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRomi765w2WIaG6_eq0moHsrsh0dzMi7-cmXcuyONryF8NyuT3pKhK9u0R6i92qRSIIHYChZRszRJ11KPruauFBvB6MWg
Requested by: Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A1E9 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 8705
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 31 Jul 2021 15:34:33 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A1E9 295 B
328 B 9ms
7ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 19325
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 31 Jul 2021 12:37:33 GMT

GET
H3-29 200 1153452811013376518
tpc.googlesyndication.com/simgad/ Frame 2962 826 B
854 B 9ms
6ms Image
image/gif 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1153452811013376518?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:38:02 GMT
x-content-type-options: nosniff
age: 321696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 826
x-xss-protection: 0
last-modified: Thu, 03 Jan 2019 21:31:22 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:38:02 GMT

GET
DATA 200
OK truncated
/ Frame 2962 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b2031cca2b65ee8143a391ecf084162f22f52ddf008eb417419f97198ffb713

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view%3Fxai%3DAKAOjssRwzcZCGXVp4iZ2_1I1iYFWp0PCNt1kEwUvRy1iEQzszTbed87fovLXREAMQoeKK-vxf6R-BCudVerKYoMkUi1KDu6tetjDAMQRRfccpqrKcMEDk8_11rNypLXOtem_d8LMuBm5Z-nAnoSH4e-qpvA-Vvfi0ylJQMGwkDRekIBJTU3hjFa...
securepubads.g.doubleclick.net/pcs/ Frame 2962 0
23 B 33ms
32ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssRwzcZCGXVp4iZ2_1I1iYFWp0PCNt1kEwUvRy1iEQzszTbed87fovLXREAMQoeKK-vxf6R-BCudVerKYoMkUi1KDu6tetjDAMQRRfccpqrKcMEDk8_11rNypLXOtem_d8LMuBm5Z-nAnoSH4e-qpvA-Vvfi0ylJQMGwkDRekIBJTU3hjFayOPRXLpCNEyuegs1kotTYQhSTKal9_GPzpniCGv8CvdybpqMsEDzlYpWs_jsEXbrCebpHE2Hk9uABYrFjR7OnoewgJ2B2hcHF8bx9XWpnzii7_m8ihfd5vvJJZP9P8P6QQgyL51ves8%26sig%3DCg0ArKJSzCQax8KOOYRdEAE%26urlfix%3D1%26adurl%3D

Requested by

Host: www.slashgear.com
URL: https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 17:59:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame A1E9 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.slashgear.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 261731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 17:17:27 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame A1E9 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.slashgear.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 343994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:24 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2604 478 B
253 B 17ms
17ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNXgvTGhSzA5l3NtcUYv2mA_ndm3fwewvpmHHPggo7KvHhHJOuRC6m_8L6-9uDr3J60ydmEPm7f5HiM1HsieETkde9rlVw

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNXgvTGhSzA5l3NtcUYv2mA_ndm3fwewvpmHHPggo7KvHhHJOuRC6m_8L6-9uDr3J60ydmEPm7f5HiM1HsieETkde9rlVw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjktCNJIu0J3RuTTO0Tt2jmuat2PrQW5DsW7vMI6HkvBDYqytRZX2gBf9maVA; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 30 Jul 2021 17:59:38 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Jul 2021 17:59:38 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F4DA 59 KB
24 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CG3BqgvQepmi_fYjC4pGJNfALzlZzciSZBBdD5YlmrpTsThlLB5TpZ-2sQd4Zta_w2sQhQMtZUYiYOGX4_Qn2X2xSQ9nY1ZLJO-u1xVqbWJqdzsz6s34Sh0y36DeVNwLeunSi_AFuew6E8HkwPm6tb1onVKQ&dbm_d=AKAmf-DCVwpKqZE-Fj0EDqNRqem-AoIpNdonZHWrrUzYmeWIJ35kyEunpQ2_mfahOVHqeTR9jdPnjOyQYcY2BH5dHSGvJLQNW4wM7yx0IHjpFLMlQuPcVWGLGIb7d42-O1zNhnndc1HXP8aYC2Kc1xnXgxqzmnpiZ5AbjpTbwfF_CfRyqTv2sK5sIxNu1jBIRqd4RXMffOyuYpL4hb84vCNy6XF4SLxVKMuvg7u_-3g9xIXp6DNYlRhvAWiwy8ybQYtYu31A3rROP20inXwyGBAXNfYA-v23BdQKW7LP9_XfpYgBSK3FAE-IJBrInXIQyS-8GaEk95nZM2TFXcQIc6LMYepEeVlgYk_pvUSzsCo3G3wOuUDC74Z6FAeckRCK66cucM8fKFCJjp4wcNRe04tmgux2bIqO2p0sl4_-ynb-vnvj4qcEQgvs5k2XlnO6flafZ_U5gCtmOVEH8QHmgkzzHUexteGgT1VxAWhTHn_88BZXuJnDKZGWDcWcdvmKKF4l34-nWKVZvHtoQJ_lBNO0si9C1_AKU3VYYlVoaGbWy1bUCRzdlqrv9_6Ah4fzuUCQiAPlz6n9neCk95y_JDSoZZBlkkWPUXTLDV5vg8-z8LIoCK72cDdaGL6v_SjzhubdgDUs3CTOAqYpTQJ2vKkQD0WZb5K0VPV-NQOeP_PXcinQ3svnAVaHSy-ApkKe1h_Y6rY1v1w5FmsDuoHnocqos_KHT6OKsJIUP4xynTo71vXJwtVq65F8rFsHg94098WId8MSvNLtNl9KXB3ivmBdY7HhQKVSfViDkjm7O9Ubuw6-V9uQMsFJzioZLsI5nnLTKGPsLGXQ54uxIFg4mb2sPpQxkq2ROeEQOWdiGdRKnH9XSNpohQpOb9M-_-3HhUjdmz8O0Avd99XMKpc9LIj-h8QBd-9j4lU5Pt-voaLZ2OCtwSOkwLXQeI8Sd17DQjVMzYOEsRbwKREYhFUx0v48qM-4c7LYHUFoXIeCWOlL8hgLpB_fRh0rsPAztNfjc4_TdD6yX7bwHN8FZRGy9hdD8O1VJ990HNODbV8W5YuwNDc9Mt2EOyjdVWP9QGUka2Kr7FtpSqVZNUPDi410JOSWBmlEjIspvHia2IY1VVhxFhjwlqnAkRBoM8Y-3TbPOk5yxXzHES7bSFvv95-pjxBpKmCJ9FD7HFAHLKM4cy0A900901hU3qhN5wHBR5SPWlBxn4eQitRuM7QhPrXQ-wXYE82ado6x7Rhq7-UDsFqXyvTlOl9J0AMkmtHuIOskeFBj5FInPc5EU5Jdad5LujGcntzJtJWK_Tcrfz4CK3m3cxCqcpDigu_UavK103K44Xa02sxogDKjrDyivgQSwtRbq23_2j-eWYWFE86OTf0z8bAm6aDukq8eBBckgE_X1aS2bjiysqXi4IWX5tFE3XQGi4l4vgUXLhWhFlBu32gJqhs7II70UM57397j8r9yEhPCcF25A94nKx4UboHWd6FZmi-hx_puftm9CMATmHaElOW6hy405y0w6evK42fpzBzUBodXZ1b87jS91QLis7IMoVyH-iEyLlL6kApsKDQIsALvWLcU5LGGPZ_iLQovUgNzwTwlJXPVRjI110Ov_axf7iATygvawbUZ5S1UxGzs9v9Yp4ZIKLVyhgbcH81KWNETQtZiyvSvFQV48D6nVjq1ykzGNTpvXAEh82XDvE4CQaJcgKDWLnYyNszsuOE5dosj9vexCKMDdP-g_BRXk_AsKWafaLqKeoMWAUVM6rnITEmhp-W12SJWfRntt6GIX8n-Iz9UyuBnlZrXM5On1pciL6CpUKWfA8Hm4IlmI93dV1XNFkyGdg3BqN1IcTEJjL5Rc7HSOD9NC5qDap1Og2lt_gGhDlkUWd-8x6ugw1mpur1wUbtKb-yENsrUM9tCP1V562MiivG1EvztfIi0T56K-6V365PtkaQhWhBji1NaIS8EBvq_gNXynfXOBoScRNQJ5dIdmBcyilQlr4_HVhhdCQf2x9NML1lB1qQVIIKudXcwWCUx9Q3GIz3Yg9Z1AriMVyZWAzsb4QMb9DGIKe9a0MIs7s5UVvceSF-cmTqw6bWvt3DCO7-MCSew1xLdU_KXDxyaN--auL0MKAfU_ypoF4lG6T5BFa1sdtHsvrBVeN59uFUAJ13-cirXhyv1_eAl7J1ZIENCBv4dSReQTAChIY-OLLlyD4Wjn4F-VO-MkiqhgSQ12ogNYYiZ2_OWQMdw6zSCJn6a3xtB9r6si4Ma2OafxCMk25kFWHNvblnVoo6esdyFyWwWZQl4FXe9MKVceXGbARA3orxknZxC6BTiZ9gU1WJ9wMqMmGoS6C02aIEHuu4f6Rh0eBtW1_UWvznO_xqqqZ7dloytFMTuL9Kw5Z-UbZx4xb2jmbijjoW3iaZCJjlezyeM6ZyFJMYOpe2hfa7RfTp9-oNJrtegGXPLYJBdzKw4CVirt_853CG636AwFQa_WbxgTYRNiFDsMCUbO-UyL-74r5nJxwvpiOA_PBB0lua9ylAyqufmhyFChnHbVzM55WH5vZuXgiS_Zo_DBwcQnQDM1Nca8YwOZRovf_GpkMsVm1EzaxuUJNVnaKxOEdgySU1vDP0DMr_7z5FL3NMfEAIEsJ0eHQUbh73fN3Ldn9Qsh4m0jln9ZB2L406sbBFur9fFHgjdAlmO-AD6jTTapicswutA4WIGBPRve04YaQy7kaIjq6BbylyS6pV8M4huUJG104fiFGhcbNQUcS4Oo-icfxf3fvybM3Oa9Vkh68srYVNa_uOL5P5tlj-uqPVtYVodkyMiY10Kv7sdZvIipB_jgbHqusY4scuio49mJzb_bZs4QIlih10jyA3GdeqWBXGqvdDav4e-9SxAeOD0v9MhIhb0tUpNCRqEs9g-0SCbf8_FVGsPpvWB7rW1RVWC7_eBneOurT5YN8W54GxS6q1xprg5jBZKIe_6Tz4VJTu-Jj862Ak87sXPoOvMBUR0FBFyYTQcclTeloW9V_rTPxCyJUX2Uzp2sdM4yg8xTBOm0hj2KFO82IM8u6NFeydTyLHmAvfhU-Sj-fj1XGwa09Wo2q8NPYsgNibEA3lS1urlVLs1PVTn9V46izbuC0f0rdroBbgtmpmQeP_GjlChXHCNBu3yjtoYKK10zD62HLNawt9eCouZiB9k-_MBInm0TAn8rwGWNfqXkgC3fShUbuo8VDLKCM17J9h5cGwQiV81n0JQypwwO_PvA3FKspEVSqwzTmtIE8HKkM7HjqGF8fOtdPH6toy7--7kD6mGGFpWeVS5akWEZ0wh6yXKIik83EC99HRzLiCL40pv9OBV4i5L&cid=CAASEuRorGKoj6gAHlfrUHJywzb2Ug&rfl=1%2Chttps%253A%252F%252Fwww.slashgear.com%252F%240

Requested by

Host: t.co
URL: https://t.co/fCS8oeenv2?amp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dde7b36758d6ea215829533c5edc1665ba78130c21375e919aa16572f49efc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F4DA 42 B
63 B 45ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C_SdNax3tBcZ8tlVoxYcvpjtWGS0_4Fu6BOHri6oHgQZKQHarBHQA42qeWq4rR9yNii5RgeyaX3bH6_rcpZQR-fsJw8CaYAtbbIk9eshccArNM06Q

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame F4DA 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:59:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4DA 124 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 17:59:38 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame F4DA 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:56:11 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9337 478 B
253 B 17ms
16ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNWAsV_cLO2ndpUT99Zh0sIwqY-XgQiOlmGd2Cc434OfBUM1PH8BiKc1DcHTOByyDmGYNNT0pExJcv9eap-5ueRZKXEBBA

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNWAsV_cLO2ndpUT99Zh0sIwqY-XgQiOlmGd2Cc434OfBUM1PH8BiKc1DcHTOByyDmGYNNT0pExJcv9eap-5ueRZKXEBBA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmjktCNJIu0J3RuTTO0Tt2jmuat2PrQW5DsW7vMI6HkvBDYqytRZX2gBf9maVA; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 30 Jul 2021 17:59:38 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Jul 2021 17:59:38 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3D6E 59 KB
25 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CqdIP0kf9dzmmKTZ9yUrTAEY1yKl0ZHwhJogbn5-VZvgFX9YHumn30qkKDXJ8aSgYYxSzIvX4OH_6rPc_S8SZyRppRgkOV3pvcLJscZUz17jSAqDkf7DedRMDwUqQ1lESXooLDi4xhQAiZ82aFY8bfz7HEsQ&dbm_d=AKAmf-CYpiQnHG0ju46O7tAFdoXeI-YAoCJTOBTZNjOfD3_MgWftBSb64DiakdYPyRuixjkkDIXdR9VIdFpyn6T5ARAVjO2bPdQmOLAsdBBwcwp1z0aj5s8HAkYwKGmBtySwdrG-OsdtANLtlp8CfzwLNcZYTXCL6PxXlYLgFvTKYPwCAntQRWpjz4GNHMgga1D09LY5b5urNvSEWI6pjh1eKh5bM_GiPZkPFut_6RB025_UKb_HWcTuWI_lnMp2lsdyY2Ej9KCL5waLwY2pfwcMTXZ5ykOxfHCIDLedXQxdXa2rRo-KW6Bss099W9Cb8IkwYfPTHZIyN1kVfWTAd7xJIPVUYnY5N9w10jzMdvKSzrxwNkkzwaB4ulpw4kswTZfi9O1NQ7TBP0mXcXlbk0gHmvSj4FkdnJLL9wsMFepRZ9f-52MsASk_tcRKBkPeXEusF8auWEk_b8KKg-ueWusHFTC-EaTBTwVYar51NOIaMrBuzw7KhsIgfJO54jXvckc68HgB7tDDgwG-4ZYDz2aDmbHp8mOUsTelPw7sC8qTcD8cYKDDdnepeMHFnGWVyZQU5dOhDeBKiMGYhkoZLFK8xRD4dHAp02pscqSFfpxgLcdVBCpVE_33762Az5nsPy_Q3ej48_EiXHEVtfllBlw4zmbJaegK3cIVpGseJrqQznqYGOl0mb1ningahnBJpu-0vv3V08Lt3KR-7t4vjB5neOamc5EgyMGGVNz3sHmXRcDQLtjEs_40nwD4PlTF7mdjE55vKZ59bhRETLn7n--43NoAk7oVEbcv3HUDltQedOq0-aX9OcyiHHciRLIzn0Am91s4CiAWj2okYMElErPUXCE8f7Fx91lOe4PWLQIrvMVTj46LI8HWlItSRyb2TAoeSN9jGhoBp5p5K_UOkln2F8IQJXYRz0byb9Ninh5XLl-zgsAt9i-vPWH9LNC8R_ifJGc3hK5yyf5QkH0jmTmYvqkzf-H597ithLdrpFf_oHFrFJwp2ENH_8-2WpEf8W1qBDRjBRLT9d6_ZQjFod128nJHQ-rX729HS32bqvSvh9sjNf2V9JXxoLnQc6yubgMQ9GP6ZGZQ4Ruqiw-fRlKh0Il4MM2CfFQawtkaOsZH5CBF7LwnhPbAichhzRAMrprjQ_MN0CavR6DQEPpJBuEmKmNL7DpDf0THWN1wsoQTHJrMRBvDdbK4UVyUr6n8IpNgzSRoJZZi6CDxFvPFUEViRugD6lTcwCnFMcRFepTnftvOIomOz25Vi6GX5JeOs1dEqPiKFg3NBLmJqmA6vRITY-zgPiVGx0Efq-sFINBpqRrIRZTNzaL0gG26M4lj3-o4qiOeTtOKEtmTwH9vBoqbrjqrVX2wcJetH3gdOhupga50eGgDR6sajkvimg8sS-eLXKFRCGK7vShhHdbNGs5lk0KTdjnUi_stIvfSQr77k5HCkcU40ct3-RXdqyfSD63c9ySjqdLDAAiIfRZGLTsQ3CzTUduIho47lscxds3pP1qGSZo2I2JL5fJEH5bl3u7pvOXRody9eobsAvoo2kdd8Hd7IiOA6mY871mrXmGhsf0Ro3B5zKVKtBDgTxJsqF7o9EY5rkg4JzQqUWFbIlEhIlS8VCJq4dvY45NG8qiKuglLBcOuCVJQ6lIIvFZkeB3nZLi9uJVxyB1SSwttRRILYa0QHldh5zSL9ykiHjf89f5E76Rh2joRDmH7jci-WPQKdyDwQTM5T32xp8Fgf7Vt_hU-VzGTCLel6eVVsAHZQ2pLzExNypiAbALTv6u4AJqbF_7uIJzvyXCQUJl4lKrxc8_K5cvwSsCxL-Z6PqunTkND1DdvUj7uqYzMB3tAZq54STNM6LtgWiqVO1TouxBFgqw1enD3KxMMA2Y6yVsZiRBn9ddNnZ4nyB9cIbHqrGUmPqIvtHXGeQjZYXQSOdTMZnDPo09nZuJpcGwxOW-h23FkHerfL-7C4GfYEfQM0kTr1CnD9h1mASk8LvIJxEl3rgqWvoxGcMabVcP_wqv1skyXRlJliffzFoqeGe8rcySq1UIh63cgshDPdKMH6kQgCwSrRz-G1_1laBGn3GqnTtpwNHRhMj8Dq7py3evnfWJx5CLwWejv_V3Sxftza2CYh9j5o1QJXRFJDBVpf_cpZkFyaELmAsDCqnkXIAllfgO6VIR4Nqef9ZjxQny7DjaAqSZEH9hk9TPkLVxwdOOAW0j9-QXQXDXyr40g8157thvMT_hmVxt7HFu7iCG0wm_HEfAVmZc_EXWRW7np2mrlVIAdkzgo3euRL5CnWFA58kFzQ4BEcRSdKfp9sD0JGDKl-Wnri467g4H7laC_9Luv3yLjImz1xhd3_dr9-jSvuFQFZZyqC7yQWiTwVvFJTgrF4WOIS7zqkLpDbZB8T7Q88IqrnYS16r9ZOECt0y3kcxbhBny6n23Gq5ClWcFDaBS2At5Qn0xqd6aaDPqQ_Qq0EPkwT0-vQodbeVxh0dt5231h9zsrInUdFIfXe7dOKOPx-CDG74Hj77DHr-JltLFTQfRvkeU5ZdV6J1RhovZzBzQOmB-AmhNGEq6ZKts9_jJTRb42-OzTDGsPuML7KSohUVfTkkTkELFy5KjT0GXafxog0kLq6IG8dyIMN1KmrWsoXjwxNRNyPc9u0caSXbkK0apnghVG_WWC6oLYIbEwiB9WrHJQfF8c77u4InaLCxmcrrtN90EO4MpD4MtkfreTYRwsvqDX7hgWJdPYw6R7BNYuntCT2P956o0XRV4rm5xDwDjv0b8kXh5Y8NU9GLWblZG42oxidObDE0dWUmOhdswMGrIhlNiJG_Po3Z2uTkuONOmEkt-WvEHywGV3o-KeV6UmXb6yBR3l4aGKDW69nx984lgd3IjjYwqQ6GvOh-wKfR12uMhuRWZ2sJhmvvZwes2GRvz_QBb090CLSidO7Ndo9ccum9fChRYD8y6iB_gJrhf6Jpm5TjTePfnE-xWsV2kqIoP7W_mGlqKTSER8kbugl_kpr7MNb7_-0t71LuT8wFhYf_oMXWrNQyLVVbIzPLnSEeIz4zci9m-SFDnaTlAW1tpfGC5VXbERyjlatb3vFaP_il6iDMZUS4qgQp6I3J_Z2PP5JXRdT3SsT6wo0EpUORDcjS-yzhkENB97a_N9aN2WRpAGaErPlYBD1m9DR5xV5Wqs4-vzv1MzQkSpBWdlM7TAY5qSDsX1AXM43RFgeM23GrVj7X6kFy5chGav2tTyBjSmdq7_kt0zNHe_cObWhVniwEFHcDgsd-I4VGHZkyu3r_tSmnEo4k1DcI0j90GP3EamcCRyE981mXFxnJIfS3x0W2la&cid=CAASEuRobGIMq6K8oNPmk0s9B0ZGaw&rfl=1%2Chttps%253A%252F%252Fwww.slashgear.com%252F%240

Requested by

Host: t.co
URL: https://t.co/fCS8oeenv2?amp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5b5a58a99604c00aebd7f84ede34f8dec3eb4e954b4fad5dd1a12e6260e797d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D6E 42 B
63 B 79ms
77ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bu7JwrUPBNKR8oEv7i8peB0froT6oTas440wYirgN3K9WqvbZtJU0mw8KjRTzb9CS1FbMMBEgrOYptBnKsOjGzaJX3SKMkoZpNPDPalVIInSEWhq0

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 3D6E 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:59:27 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D6E 124 KB
37 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 17:59:38 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 3D6E 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:56:11 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 3D6E 0
0 16ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0iuwdFXpz9YOAIgBiO3EHn7h8Q0WlwkxYSFu0yS_exNtHK44t8Dt-_agrW3HmxxgvXSzTyZ9AJiv3Bw7q33FOCo2_tg
Requested by: Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14696715877970558211/ Frame A1E9 9 KB
9 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6ec26d1696890f88d1075ec7d5bea6deb2043d8209a1d676a3c73ac3792fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 05:24:20 GMT
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 00:37:12 GMT
server: sffe
age: 45318
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9341
x-xss-protection: 0
expires: Sat, 30 Jul 2022 05:24:20 GMT

GET
H3-29 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame A1E9 1 KB
759 B 10ms
8ms Image
image/svg+xml 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:50:55 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A1E9 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 8705
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 31 Jul 2021 15:34:33 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A1E9 295 B
328 B 11ms
9ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 19325
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 31 Jul 2021 12:37:33 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame F4DA 114 KB
40 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: t.co
URL: https://t.co/fCS8oeenv2?amp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 10:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Jul 2021 10:46:05 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/ Frame F4DA 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CG3BqgvQepmi_fYjC4pGJNfALzlZzciSZBBdD5YlmrpTsThlLB5TpZ-2sQd4Zta_w2sQhQMtZUYiYOGX4_Qn2X2xSQ9nY1ZLJO-u1xVqbWJqdzsz6s34Sh0y36DeVNwLeunSi_AFuew6E8HkwPm6tb1onVKQ&dbm_d=AKAmf-DCVwpKqZE-Fj0EDqNRqem-AoIpNdonZHWrrUzYmeWIJ35kyEunpQ2_mfahOVHqeTR9jdPnjOyQYcY2BH5dHSGvJLQNW4wM7yx0IHjpFLMlQuPcVWGLGIb7d42-O1zNhnndc1HXP8aYC2Kc1xnXgxqzmnpiZ5AbjpTbwfF_CfRyqTv2sK5sIxNu1jBIRqd4RXMffOyuYpL4hb84vCNy6XF4SLxVKMuvg7u_-3g9xIXp6DNYlRhvAWiwy8ybQYtYu31A3rROP20inXwyGBAXNfYA-v23BdQKW7LP9_XfpYgBSK3FAE-IJBrInXIQyS-8GaEk95nZM2TFXcQIc6LMYepEeVlgYk_pvUSzsCo3G3wOuUDC74Z6FAeckRCK66cucM8fKFCJjp4wcNRe04tmgux2bIqO2p0sl4_-ynb-vnvj4qcEQgvs5k2XlnO6flafZ_U5gCtmOVEH8QHmgkzzHUexteGgT1VxAWhTHn_88BZXuJnDKZGWDcWcdvmKKF4l34-nWKVZvHtoQJ_lBNO0si9C1_AKU3VYYlVoaGbWy1bUCRzdlqrv9_6Ah4fzuUCQiAPlz6n9neCk95y_JDSoZZBlkkWPUXTLDV5vg8-z8LIoCK72cDdaGL6v_SjzhubdgDUs3CTOAqYpTQJ2vKkQD0WZb5K0VPV-NQOeP_PXcinQ3svnAVaHSy-ApkKe1h_Y6rY1v1w5FmsDuoHnocqos_KHT6OKsJIUP4xynTo71vXJwtVq65F8rFsHg94098WId8MSvNLtNl9KXB3ivmBdY7HhQKVSfViDkjm7O9Ubuw6-V9uQMsFJzioZLsI5nnLTKGPsLGXQ54uxIFg4mb2sPpQxkq2ROeEQOWdiGdRKnH9XSNpohQpOb9M-_-3HhUjdmz8O0Avd99XMKpc9LIj-h8QBd-9j4lU5Pt-voaLZ2OCtwSOkwLXQeI8Sd17DQjVMzYOEsRbwKREYhFUx0v48qM-4c7LYHUFoXIeCWOlL8hgLpB_fRh0rsPAztNfjc4_TdD6yX7bwHN8FZRGy9hdD8O1VJ990HNODbV8W5YuwNDc9Mt2EOyjdVWP9QGUka2Kr7FtpSqVZNUPDi410JOSWBmlEjIspvHia2IY1VVhxFhjwlqnAkRBoM8Y-3TbPOk5yxXzHES7bSFvv95-pjxBpKmCJ9FD7HFAHLKM4cy0A900901hU3qhN5wHBR5SPWlBxn4eQitRuM7QhPrXQ-wXYE82ado6x7Rhq7-UDsFqXyvTlOl9J0AMkmtHuIOskeFBj5FInPc5EU5Jdad5LujGcntzJtJWK_Tcrfz4CK3m3cxCqcpDigu_UavK103K44Xa02sxogDKjrDyivgQSwtRbq23_2j-eWYWFE86OTf0z8bAm6aDukq8eBBckgE_X1aS2bjiysqXi4IWX5tFE3XQGi4l4vgUXLhWhFlBu32gJqhs7II70UM57397j8r9yEhPCcF25A94nKx4UboHWd6FZmi-hx_puftm9CMATmHaElOW6hy405y0w6evK42fpzBzUBodXZ1b87jS91QLis7IMoVyH-iEyLlL6kApsKDQIsALvWLcU5LGGPZ_iLQovUgNzwTwlJXPVRjI110Ov_axf7iATygvawbUZ5S1UxGzs9v9Yp4ZIKLVyhgbcH81KWNETQtZiyvSvFQV48D6nVjq1ykzGNTpvXAEh82XDvE4CQaJcgKDWLnYyNszsuOE5dosj9vexCKMDdP-g_BRXk_AsKWafaLqKeoMWAUVM6rnITEmhp-W12SJWfRntt6GIX8n-Iz9UyuBnlZrXM5On1pciL6CpUKWfA8Hm4IlmI93dV1XNFkyGdg3BqN1IcTEJjL5Rc7HSOD9NC5qDap1Og2lt_gGhDlkUWd-8x6ugw1mpur1wUbtKb-yENsrUM9tCP1V562MiivG1EvztfIi0T56K-6V365PtkaQhWhBji1NaIS8EBvq_gNXynfXOBoScRNQJ5dIdmBcyilQlr4_HVhhdCQf2x9NML1lB1qQVIIKudXcwWCUx9Q3GIz3Yg9Z1AriMVyZWAzsb4QMb9DGIKe9a0MIs7s5UVvceSF-cmTqw6bWvt3DCO7-MCSew1xLdU_KXDxyaN--auL0MKAfU_ypoF4lG6T5BFa1sdtHsvrBVeN59uFUAJ13-cirXhyv1_eAl7J1ZIENCBv4dSReQTAChIY-OLLlyD4Wjn4F-VO-MkiqhgSQ12ogNYYiZ2_OWQMdw6zSCJn6a3xtB9r6si4Ma2OafxCMk25kFWHNvblnVoo6esdyFyWwWZQl4FXe9MKVceXGbARA3orxknZxC6BTiZ9gU1WJ9wMqMmGoS6C02aIEHuu4f6Rh0eBtW1_UWvznO_xqqqZ7dloytFMTuL9Kw5Z-UbZx4xb2jmbijjoW3iaZCJjlezyeM6ZyFJMYOpe2hfa7RfTp9-oNJrtegGXPLYJBdzKw4CVirt_853CG636AwFQa_WbxgTYRNiFDsMCUbO-UyL-74r5nJxwvpiOA_PBB0lua9ylAyqufmhyFChnHbVzM55WH5vZuXgiS_Zo_DBwcQnQDM1Nca8YwOZRovf_GpkMsVm1EzaxuUJNVnaKxOEdgySU1vDP0DMr_7z5FL3NMfEAIEsJ0eHQUbh73fN3Ldn9Qsh4m0jln9ZB2L406sbBFur9fFHgjdAlmO-AD6jTTapicswutA4WIGBPRve04YaQy7kaIjq6BbylyS6pV8M4huUJG104fiFGhcbNQUcS4Oo-icfxf3fvybM3Oa9Vkh68srYVNa_uOL5P5tlj-uqPVtYVodkyMiY10Kv7sdZvIipB_jgbHqusY4scuio49mJzb_bZs4QIlih10jyA3GdeqWBXGqvdDav4e-9SxAeOD0v9MhIhb0tUpNCRqEs9g-0SCbf8_FVGsPpvWB7rW1RVWC7_eBneOurT5YN8W54GxS6q1xprg5jBZKIe_6Tz4VJTu-Jj862Ak87sXPoOvMBUR0FBFyYTQcclTeloW9V_rTPxCyJUX2Uzp2sdM4yg8xTBOm0hj2KFO82IM8u6NFeydTyLHmAvfhU-Sj-fj1XGwa09Wo2q8NPYsgNibEA3lS1urlVLs1PVTn9V46izbuC0f0rdroBbgtmpmQeP_GjlChXHCNBu3yjtoYKK10zD62HLNawt9eCouZiB9k-_MBInm0TAn8rwGWNfqXkgC3fShUbuo8VDLKCM17J9h5cGwQiV81n0JQypwwO_PvA3FKspEVSqwzTmtIE8HKkM7HjqGF8fOtdPH6toy7--7kD6mGGFpWeVS5akWEZ0wh6yXKIik83EC99HRzLiCL40pv9OBV4i5L&cid=CAASEuRorGKoj6gAHlfrUHJywzb2Ug&rfl=1%2Chttps%253A%252F%252Fwww.slashgear.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:54:32 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame F4DA 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9340
x-xss-protection: 0
server: cafe
etag: 14963318235020188028
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:52:17 GMT

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 602 KB
132 KB 36ms
6ms Script
text/javascript 2a02:26f0:6c00:191::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/92146/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:191::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: db28f5c66e194dc9013c95bdea3240b43815c6163f927ed7ae9d8861f1ae6305

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:38 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: N0PVY719Q9HW241J
content-length: 134333
x-amz-id-2: YMFeVlcbqVU/m6eTPXU20SKZhLGNF1mBQyLqF1FTJm8YTK/nGEBLbC6DFx/0RMgFuFvpr4LDStA=
last-modified: Thu, 29 Jul 2021 14:28:59 GMT
etag: "b6d9baa3ec6779f8cb63d6aea51386c3"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 8
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 30 Jul 2021 18:29:38 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 2604 170 B
523 B 82ms
30ms Image
image/png 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNXgvTGhSzA5l3NtcUYv2mA_ndm3fwewvpmHHPggo7KvHhHJOuRC6m_8L6-9uDr3J60ydmEPm7f5HiM1HsieETkde9rlVw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2604
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&C=1

43 B
1014 B

54ms
53ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNXgvTGhSzA5l3NtcUYv2mA_ndm3fwewvpmHHPggo7KvHhHJOuRC6m_8L6-9uDr3J60ydmEPm7f5HiM1HsieETkde9rlVw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 17:59:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 30 Jul 2021 17:59:39 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 17:59:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 30 Jul 2021 17:59:39 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2604
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQQ.Cx5qwVyOLPdX05jqIgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&google_hm=2

43 B
894 B

61ms
53ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNXgvTGhSzA5l3NtcUYv2mA_ndm3fwewvpmHHPggo7KvHhHJOuRC6m_8L6-9uDr3J60ydmEPm7f5HiM1HsieETkde9rlVw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 17:59:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 30 Jul 2021 17:59:39 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 9337 170 B
232 B 82ms
30ms Image
image/png 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNWAsV_cLO2ndpUT99Zh0sIwqY-XgQiOlmGd2Cc434OfBUM1PH8BiKc1DcHTOByyDmGYNNT0pExJcv9eap-5ueRZKXEBBA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9337
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&C=1

43 B
1014 B

44ms
44ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNWAsV_cLO2ndpUT99Zh0sIwqY-XgQiOlmGd2Cc434OfBUM1PH8BiKc1DcHTOByyDmGYNNT0pExJcv9eap-5ueRZKXEBBA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 17:59:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 30 Jul 2021 17:59:39 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 17:59:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 30 Jul 2021 17:59:39 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9337
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQQ.Cx5qwVyOLPdX05jqIgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&google_hm=2

43 B
894 B

51ms
49ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBDs08sCGKb6zrABMAE&v=APEucNWAsV_cLO2ndpUT99Zh0sIwqY-XgQiOlmGd2Cc434OfBUM1PH8BiKc1DcHTOByyDmGYNNT0pExJcv9eap-5ueRZKXEBBA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 17:59:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 30 Jul 2021 17:59:39 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPMygNdi3bB_GErHWl1BnjM&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 3D6E 114 KB
39 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: t.co
URL: https://t.co/fCS8oeenv2?amp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 10:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Jul 2021 10:46:05 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/ Frame 3D6E 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CqdIP0kf9dzmmKTZ9yUrTAEY1yKl0ZHwhJogbn5-VZvgFX9YHumn30qkKDXJ8aSgYYxSzIvX4OH_6rPc_S8SZyRppRgkOV3pvcLJscZUz17jSAqDkf7DedRMDwUqQ1lESXooLDi4xhQAiZ82aFY8bfz7HEsQ&dbm_d=AKAmf-CYpiQnHG0ju46O7tAFdoXeI-YAoCJTOBTZNjOfD3_MgWftBSb64DiakdYPyRuixjkkDIXdR9VIdFpyn6T5ARAVjO2bPdQmOLAsdBBwcwp1z0aj5s8HAkYwKGmBtySwdrG-OsdtANLtlp8CfzwLNcZYTXCL6PxXlYLgFvTKYPwCAntQRWpjz4GNHMgga1D09LY5b5urNvSEWI6pjh1eKh5bM_GiPZkPFut_6RB025_UKb_HWcTuWI_lnMp2lsdyY2Ej9KCL5waLwY2pfwcMTXZ5ykOxfHCIDLedXQxdXa2rRo-KW6Bss099W9Cb8IkwYfPTHZIyN1kVfWTAd7xJIPVUYnY5N9w10jzMdvKSzrxwNkkzwaB4ulpw4kswTZfi9O1NQ7TBP0mXcXlbk0gHmvSj4FkdnJLL9wsMFepRZ9f-52MsASk_tcRKBkPeXEusF8auWEk_b8KKg-ueWusHFTC-EaTBTwVYar51NOIaMrBuzw7KhsIgfJO54jXvckc68HgB7tDDgwG-4ZYDz2aDmbHp8mOUsTelPw7sC8qTcD8cYKDDdnepeMHFnGWVyZQU5dOhDeBKiMGYhkoZLFK8xRD4dHAp02pscqSFfpxgLcdVBCpVE_33762Az5nsPy_Q3ej48_EiXHEVtfllBlw4zmbJaegK3cIVpGseJrqQznqYGOl0mb1ningahnBJpu-0vv3V08Lt3KR-7t4vjB5neOamc5EgyMGGVNz3sHmXRcDQLtjEs_40nwD4PlTF7mdjE55vKZ59bhRETLn7n--43NoAk7oVEbcv3HUDltQedOq0-aX9OcyiHHciRLIzn0Am91s4CiAWj2okYMElErPUXCE8f7Fx91lOe4PWLQIrvMVTj46LI8HWlItSRyb2TAoeSN9jGhoBp5p5K_UOkln2F8IQJXYRz0byb9Ninh5XLl-zgsAt9i-vPWH9LNC8R_ifJGc3hK5yyf5QkH0jmTmYvqkzf-H597ithLdrpFf_oHFrFJwp2ENH_8-2WpEf8W1qBDRjBRLT9d6_ZQjFod128nJHQ-rX729HS32bqvSvh9sjNf2V9JXxoLnQc6yubgMQ9GP6ZGZQ4Ruqiw-fRlKh0Il4MM2CfFQawtkaOsZH5CBF7LwnhPbAichhzRAMrprjQ_MN0CavR6DQEPpJBuEmKmNL7DpDf0THWN1wsoQTHJrMRBvDdbK4UVyUr6n8IpNgzSRoJZZi6CDxFvPFUEViRugD6lTcwCnFMcRFepTnftvOIomOz25Vi6GX5JeOs1dEqPiKFg3NBLmJqmA6vRITY-zgPiVGx0Efq-sFINBpqRrIRZTNzaL0gG26M4lj3-o4qiOeTtOKEtmTwH9vBoqbrjqrVX2wcJetH3gdOhupga50eGgDR6sajkvimg8sS-eLXKFRCGK7vShhHdbNGs5lk0KTdjnUi_stIvfSQr77k5HCkcU40ct3-RXdqyfSD63c9ySjqdLDAAiIfRZGLTsQ3CzTUduIho47lscxds3pP1qGSZo2I2JL5fJEH5bl3u7pvOXRody9eobsAvoo2kdd8Hd7IiOA6mY871mrXmGhsf0Ro3B5zKVKtBDgTxJsqF7o9EY5rkg4JzQqUWFbIlEhIlS8VCJq4dvY45NG8qiKuglLBcOuCVJQ6lIIvFZkeB3nZLi9uJVxyB1SSwttRRILYa0QHldh5zSL9ykiHjf89f5E76Rh2joRDmH7jci-WPQKdyDwQTM5T32xp8Fgf7Vt_hU-VzGTCLel6eVVsAHZQ2pLzExNypiAbALTv6u4AJqbF_7uIJzvyXCQUJl4lKrxc8_K5cvwSsCxL-Z6PqunTkND1DdvUj7uqYzMB3tAZq54STNM6LtgWiqVO1TouxBFgqw1enD3KxMMA2Y6yVsZiRBn9ddNnZ4nyB9cIbHqrGUmPqIvtHXGeQjZYXQSOdTMZnDPo09nZuJpcGwxOW-h23FkHerfL-7C4GfYEfQM0kTr1CnD9h1mASk8LvIJxEl3rgqWvoxGcMabVcP_wqv1skyXRlJliffzFoqeGe8rcySq1UIh63cgshDPdKMH6kQgCwSrRz-G1_1laBGn3GqnTtpwNHRhMj8Dq7py3evnfWJx5CLwWejv_V3Sxftza2CYh9j5o1QJXRFJDBVpf_cpZkFyaELmAsDCqnkXIAllfgO6VIR4Nqef9ZjxQny7DjaAqSZEH9hk9TPkLVxwdOOAW0j9-QXQXDXyr40g8157thvMT_hmVxt7HFu7iCG0wm_HEfAVmZc_EXWRW7np2mrlVIAdkzgo3euRL5CnWFA58kFzQ4BEcRSdKfp9sD0JGDKl-Wnri467g4H7laC_9Luv3yLjImz1xhd3_dr9-jSvuFQFZZyqC7yQWiTwVvFJTgrF4WOIS7zqkLpDbZB8T7Q88IqrnYS16r9ZOECt0y3kcxbhBny6n23Gq5ClWcFDaBS2At5Qn0xqd6aaDPqQ_Qq0EPkwT0-vQodbeVxh0dt5231h9zsrInUdFIfXe7dOKOPx-CDG74Hj77DHr-JltLFTQfRvkeU5ZdV6J1RhovZzBzQOmB-AmhNGEq6ZKts9_jJTRb42-OzTDGsPuML7KSohUVfTkkTkELFy5KjT0GXafxog0kLq6IG8dyIMN1KmrWsoXjwxNRNyPc9u0caSXbkK0apnghVG_WWC6oLYIbEwiB9WrHJQfF8c77u4InaLCxmcrrtN90EO4MpD4MtkfreTYRwsvqDX7hgWJdPYw6R7BNYuntCT2P956o0XRV4rm5xDwDjv0b8kXh5Y8NU9GLWblZG42oxidObDE0dWUmOhdswMGrIhlNiJG_Po3Z2uTkuONOmEkt-WvEHywGV3o-KeV6UmXb6yBR3l4aGKDW69nx984lgd3IjjYwqQ6GvOh-wKfR12uMhuRWZ2sJhmvvZwes2GRvz_QBb090CLSidO7Ndo9ccum9fChRYD8y6iB_gJrhf6Jpm5TjTePfnE-xWsV2kqIoP7W_mGlqKTSER8kbugl_kpr7MNb7_-0t71LuT8wFhYf_oMXWrNQyLVVbIzPLnSEeIz4zci9m-SFDnaTlAW1tpfGC5VXbERyjlatb3vFaP_il6iDMZUS4qgQp6I3J_Z2PP5JXRdT3SsT6wo0EpUORDcjS-yzhkENB97a_N9aN2WRpAGaErPlYBD1m9DR5xV5Wqs4-vzv1MzQkSpBWdlM7TAY5qSDsX1AXM43RFgeM23GrVj7X6kFy5chGav2tTyBjSmdq7_kt0zNHe_cObWhVniwEFHcDgsd-I4VGHZkyu3r_tSmnEo4k1DcI0j90GP3EamcCRyE981mXFxnJIfS3x0W2la&cid=CAASEuRobGIMq6K8oNPmk0s9B0ZGaw&rfl=1%2Chttps%253A%252F%252Fwww.slashgear.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:54:32 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 3D6E 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9340
x-xss-protection: 0
server: cafe
etag: 14963318235020188028
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 17:52:17 GMT

GET
H2 200 check_c Show response
zdbb.net/ 0
232 B 59ms
56ms XHR
text/plain 63.34.231.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zdbb.net/check_c
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.231.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-231-123.eu-west-1.compute.amazonaws.com
Software: Ziff Davis BuyerBase /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:38 GMT
server: Ziff Davis BuyerBase
p3p: CP="ALL DSP COR NID"
access-control-allow-origin: https://www.slashgear.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
content-length: 0
expires: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-3201252381583585&su=www.slashgear.com&eid=42530889&doc=complete&pg_h=4494&pg_w=1600&pg_hs=4494&c=6&aa_c=0&av_h=319.167&av_w=434.667&av_a=131031.667&s=41&all_s=41&b=807.875&all_b=807.875&d=0.426&all_d=0.426&ard=0.109&all_ard=0.109&dt=d

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/9774257/838241088266301/ Frame F87D 16 KB
4 KB 27ms
12ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9774257/838241088266301/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db1593f206e331cdac20c32c12f0f3d0cea309be430fee9f5d4455b9cd9a80f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9774257/838241088266301/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 4554
date: Thu, 29 Jul 2021 23:59:12 GMT
expires: Fri, 30 Jul 2021 23:59:12 GMT
last-modified: Mon, 26 Jul 2021 10:19:59 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 64826
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F4DA 0
592 B 120ms
69ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1U7CpOHGOkiwOT5NybkUChbjXXrIlsouRqg9uXTXPMaxTWAputEcRx_5uXSC7CWAlwKyd1m1paIi0jqQ9v-MAMI77O7TiYSF4va3a7LLGvUBlbcQ7E7e_39H3W3idKY-hIO5oBomL1ygwJhXWVjcMYIxF1DHrnh6rDf8O3A3bzgH0Np2B8MX157rYr_UqEMRmA538G0h4jlc-0danADQdAFzN8QRr_uPzsej7qv47ksMBLH0GGIJl98coTa24fhloAVZTuujkUm2zKLJB_px-38VV_ufFhyi__hvMB8jstSZmTeL3h3lg-Cp-bW5bL4mrmneL6VGO6YB41m_jta39_WTMHmWBQqNVMc2iItyYmm2qbIWExd1BsezmmaOEe9Ng8ipMwiT7Z6SxDV2HUlEa0mcCpvEsxvicnTqfRba7W0LDoiyEP3UEhHuXtH4w8yIrWBOkuYM3Cf71Grh_JaB8mhrNtqLbWa9VDFHMRlXacZ6XVjvInJlJUlv4LxpeyD9B_SgNzrxsaJAgneyDAPd8hSDXBrpDhqgQZowVTchNeA5a0BjIwYgJpgHhN9DEa-rcLVbB3QIGUt7vyS0D0J8Z2JB7zyDb1DTjlMhifoIs-bKgkotv3tk-R2-ZfQoaoa0ddgAeNKnrcwbbmJ3QRbixgwgh5j7VNjIJWTjnt0i3uiGzOHipfaRNJoQxrGy0BMYp6rqIfIb0APfC2gPFMk1w9Qp1gK_S34qPtK4IJoM9S4ahVqu9CEnG3F3Rx7QcPkQjSLIr5fJsmSzoR_A1rZE7XsUKJfOXpM4HT50vSUrDbdn16uRODCa8wV8bcMxKBuEJ-oqjJZ3FNXuiqXHgY4N3vV9DYRzpe5Po6uoLFPunsTI0rZsxvSBFTk08SI9skoG871kmj7HiC_lcKExLWMUozDAMM5-5t4Tgx_jyABxI9EP5HPKvJ2wjzJE78sSdqU0Qx_rLchbBh6t8PUIS-3G23YI2hcDyCVY1A3rHtRsXY_XB8yu7qYe7l3fwSPjwdI-rWwNheFTSK3jq-ow8CggOFBTh2GcX2NE3qy3Bq2n-AeZzntToueASM4cUK9ML0Tr4UAAeYyEvjtlG7J1kFyUNuXRrHzkMlDa1g4ZfKCShWNEPaMIhUrxCL1AsL3PfBK7YQgEiNndzxS0FbmPGhaET-rKhBacc-zCn8ggHIecxVhk3Y0c1SFnwmI3FFmpKgfFsc3-sEIkIOfDlJe3OBcKRTNKJyxJnTYgkKqMzzaZxq5KeYlLA&sai=AMfl-YTlQDaI4anutdO4HoCqW8xMmOqhS0hxosoOnHM-Db_PSgtrzgcQ8qXG-bC_lYtTmHjb4wKCQDmmU2Z0j4_SlY6vuCfoSVXbQ25SjY-E_VI6QP-vfGB_1pju4fYfFU7JWgxwwSbTB5yGFdfog6fqJFUEmg3yVQ&sig=Cg0ArKJSzNHXeGWmySd_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=106&cbvp=1&cstd=102&cisv=r20210728.03911&adurl=

Requested by

Host: t.co
URL: https://t.co/fCS8oeenv2?amp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 30 Jul 2021 17:59:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F4DA 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 10:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:46:07 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 27EB 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Jul 2021 03:09:05 GMT
expires: Sat, 31 Jul 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 53433
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F4DA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbb206df08b4ae8436bab3c62c18b8ebf094e06e7b66907b4524f5bbcd99c024

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3D6E 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 10:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:46:07 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C5FA 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Jul 2021 03:09:05 GMT
expires: Sat, 31 Jul 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 53433
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3D6E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8786ea0427753986032fe076d87ca1c6a4451a4dae9fcfe30f65f744d080916c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 track
t.teads.tv/ 23 B
143 B 195ms
91ms Image
image/gif 23.47.213.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&fv=822&ts=1627667978998&env=js-web&pageId=92146&pid=99849&auctid=1697aa1f-fa91-4b11-9ba7-bdf2c8d6e182&f=1&debug_metadata=wb&referer=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.213.73 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
113 B 196ms
91ms Image
image/gif 23.47.213.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=1697aa1f-fa91-4b11-9ba7-bdf2c8d6e182&pageId=92146&pid=99849&debug_metadata=6Eyk3lduZw&fv=822&ts=1627667979001&f=1&referer=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.213.73 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:39 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 213ms
109ms Image
image/gif 23.47.213.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=1697aa1f-fa91-4b11-9ba7-bdf2c8d6e182&pageId=92146&pid=99849&slot=native&fv=822&ts=1627667979009&f=1&referer=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.213.73 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 248ms
144ms Image
image/gif 23.47.213.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&fv=822&ts=1627667979014&env=js-web&pageId=92146&pid=109965&auctid=004b68da-e172-49b0-9936-048b5e4bab60&f=1&debug_metadata=wb&referer=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.213.73 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
113 B 216ms
112ms Image
image/gif 23.47.213.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=004b68da-e172-49b0-9936-048b5e4bab60&pageId=92146&pid=109965&debug_metadata=6pdRphVbXR&fv=822&ts=1627667979015&f=1&referer=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.213.73 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:39 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 215ms
112ms Image
image/gif 23.47.213.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=004b68da-e172-49b0-9936-048b5e4bab60&pageId=92146&pid=109965&slot=multislot&fv=822&ts=1627667979025&f=1&referer=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.213.73 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-213-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 p
sb.scorecardresearch.com/ 64 B
443 B 22ms
22ms Image
image/gif 13.224.96.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1627667979027&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=16021058&cs_ucfr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-53.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:39 GMT
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: _dF2RQD_iI5HcNnvV8u1Ela1EhWH4_JzrzK2g1AIkBJ2VOg85_ScfQ==

GET
H2 200 ad Show response
a.teads.tv/page/92146/ 510 B
679 B 52ms
51ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/92146/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&pageReferrerUrl=https%3A%2F%2Fcmun.it&windowReferrerUrl=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&page=%7B%22id%22%3A92146%2C%22placements%22%3A%5B%7B%22id%22%3A99849%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A685%2C%22height%22%3A385%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A240%2C%22status%22%3A24%2C%22consent%22%3A%22BOQf-JpOQf-JpAKACCENBQAAAAAduAAA%22%2C%22apiVersion%22%3A1%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=1697aa1f-fa91-4b11-9ba7-bdf2c8d6e182&formatVersion=822&env=js-web&netBw=9.5&ttfb=131
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48240c88e1e44badebc572e38b02e545800ea2b04ce16a2087247b3d57179d35

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.slashgear.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 356
expires: Fri, 30 Jul 2021 17:59:39 GMT

GET
H2 200 p
sb.scorecardresearch.com/ 64 B
444 B 23ms
23ms Image
image/gif 13.224.96.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1627667979028&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=09512604&cs_ucfr=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-53.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:39 GMT
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: YhM5wgaOHZ_tHkBysXxy03fenzxt4M6Qk8gSe5N8twoJg4La_23NVw==

GET
H2 200 ad Show response
a.teads.tv/page/92146/ 512 B
677 B 65ms
64ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/92146/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&pageReferrerUrl=https%3A%2F%2Fcmun.it&windowReferrerUrl=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&page=%7B%22id%22%3A92146%2C%22placements%22%3A%5B%7B%22id%22%3A109965%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A685%2C%22height%22%3A385%7D%2C%22slotType%22%3A%22multislot%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A240%2C%22status%22%3A24%2C%22consent%22%3A%22BOQf-JpOQf-JpAKACCENBQAAAAAduAAA%22%2C%22apiVersion%22%3A1%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=004b68da-e172-49b0-9936-048b5e4bab60&formatVersion=822&env=js-web&netBw=9.5&ttfb=131
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4d9829f7cca0e528b3fce3aacbcb09099abd411fd96a67d7d49f412b70c5aed1

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.slashgear.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 354
expires: Fri, 30 Jul 2021 17:59:39 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/9774257/838239135150656/ Frame 1F75 16 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9774257/838239135150656/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f594bec0c00952cb3697b82bc8fcd049b6c50587283eeacc31468221b32430e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9774257/838239135150656/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 4632
date: Thu, 29 Jul 2021 22:03:44 GMT
expires: Fri, 30 Jul 2021 22:03:44 GMT
last-modified: Mon, 26 Jul 2021 10:19:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 71755
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3D6E 0
24 B 121ms
93ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqSG5chrvjuUcfqC7ks14pMUfZFcOXGdJYkbPGOrtVRBtNui01VRxXUygkN1LAYABRYgIaADahI9kNfvNNhQZutGeSGqF8OMWJ2ipV7kJBXder9fNosF_ekkqWUY-v8k3ix5rlmzb9A1nphnExUAsZTAjHMPTKsyUNY6-eiwxpRSJbxGzyKuqDO4YOMXZwG8jGTDqZajhZk1B99Ck32OA43zkL4Yf3HRynOVD1VB1kS7sFUxwxzIgeNFPhz-kVblYFh9N93SToADg6jtz3L8OZLrdEV__1w_KA-BFr6WzWnJDAveyNVfQtY4slwRpi_vEEtnfzUWT1pJhfo2pROt9jViC1hqlsijuEJ--fTQ7MyKvyTsxP1dxygAeYGlUfTmjRGwWmjGXP6N42YdUkGyI846cF7JnW6C-5lPhz-fEs_gILvIDiq6V3HvudiMAb9TG6YAXtTJCfPi6GHFjTU2LtEZiWEwHA9daSLUtDlwL5i4ye9ye6ut1GcHpjqOTl5ZUVcBlAB1l7Cb7xX_KqQDKb8UamEOyljGVVtIm2EHPPKbzwauuiFZV7DhCDCKgz6UEWs0CyN-_06Ro9nUln7_xWjZbf3cxcJ-pEPankHysLqbC892_uNeeAPCJ5ZxCE_TEeV-iCU6_hHcsJv-MW7J0Nbr1lBRlnP1RhY7oOB84QzThgb8g2d0_a8O8Oq3M5bwDW8T-urBYIBG_u3havALlrqJWyf2MEq1WYmED3iivHO_aIpKq6z_tN7V3VC4i-SwFzoMEQLjkQUP-nRTl2IZ3qh8IsPVYPA-A3Y9iGLZEu5_rSV9Gfc8lpTfakbrM6uOKPQ2k-K9mAlPRXFjJOnYy3Almm28WEC84tHaAVBXpYFkiJks5ePLbsxFx_sjABIhkGVZECnIgieVAUU4hJfmD_LdUMiQQI45h9CwlGDKougT9KNIgWHZU4mGVNUDScl9BQFjZT57_HmsJgcb1Z0ewaPLMWGsFWLrPEUuwEt_xyCxcios8OOu5ixIhZKhAM0znC-Ab-7soyLtSxurR_z4isqMGzFBcawFhdkl42wjNYMg-nOQBa4_0Z1fXfhTfRNcyzcQTJhkLsfyST7C64Y7nNX6QYLC_NjbZiPxUrb0Da-mC8TF6ZbokIe4fSRv0PtBcWUpx6udQXclXX7xdz5_yi2B12tnTvWX9g4O9en5FNUrmInHYcbfelsIBFhSUIHuq_rqfkwlO4xjSkW6qIDqYCC1X_AKRiLeUv_3hRF0ocvuZJtf0iEwaRLw&sai=AMfl-YQ4vzv67nBcYO_sSVSbWU3xmXteOi3xWAx10akd8lMEO_dEsexmr5pxpVjfuPCU_W2CBckWDljPNCMqw1u-g850bFrEtuuEZhdDJAhG5yTNIRh8RNevB9vfY70gPko1jt7wRa24QPp_FgJs-_h0oU4c2tf03Q&sig=Cg0ArKJSzFc-lsiG6QssEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=253&cbvp=1&cstd=251&cisv=r20210728.01065&adurl=

Requested by

Host: t.co
URL: https://t.co/fCS8oeenv2?amp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 30 Jul 2021 17:59:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F2CB 22 KB
8 KB 14ms
12ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 27 Jul 2021 10:46:08 GMT
expires: Wed, 27 Jul 2022 10:46:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 285211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 11052021_CB_Grover-1092_v7.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/ Frame BD48 84 KB
84 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/11052021_CB_Grover-1092_v7.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe0d38edfed19699716e0d23d7d0edb2b4977081cb6d51cc73d77395985e97c1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 253133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86054
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 13:40:06 GMT
server: sffe
date: Tue, 27 Jul 2021 19:40:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 19:40:46 GMT

GET
H3-29 200 button_de.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/ Frame BD48 3 KB
3 KB 12ms
11ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6129057763443717358/button_de.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e0a32a08e8237527fa5c3c1f1508966fe5fd9f12e1ad3a38004e67a688eec8f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 253133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2648
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 13:40:06 GMT
server: sffe
date: Tue, 27 Jul 2021 19:40:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 19:40:46 GMT

GET
H3-29 200 HYPE-736.thin.min.js Show response
s0.2mdn.net/9774257/838241088266301/ Frame F87D 55 KB
24 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9774257/838241088266301/HYPE-736.thin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838241088266301/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34660fe46d78c890b82dd7e19886dca4ce2c46d31b1b308ba9b81e53a9f1669e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838241088266301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 23:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24549
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:59 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 23:59:12 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DFA1 22 KB
8 KB 11ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 27 Jul 2021 10:46:08 GMT
expires: Wed, 27 Jul 2022 10:46:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 285211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 27EB
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEK19MUNR6MYf0M_hbdwA60U&google_cver=1&google_push=AYg5qPJQvzmbBJBjeutfRgTChANgMhoMG1lucS49yJGtIRcb_qhzQ1CVHEhsQ5hCE2-watuB-DRkvOem1Ka...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJQvzmbBJBjeutfRgTChANgMhoMG1lucS49yJGtIRcb_qhzQ1CVHEhsQ5hCE2-watuB-DRkvOem1Ka5YgwbVeRVWNYKGdWafg&google_hm=OmBRk5LwTX2buODDbF...

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJQvzmbBJBjeutfRgTChANgMhoMG1lucS49yJGtIRcb_qhzQ1CVHEhsQ5hCE2-watuB-DRkvOem1Ka5YgwbVeRVWNYKGdWafg&google_hm=OmBRk5LwTX2buODDbFGBc6I

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:38 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJQvzmbBJBjeutfRgTChANgMhoMG1lucS49yJGtIRcb_qhzQ1CVHEhsQ5hCE2-watuB-DRkvOem1Ka5YgwbVeRVWNYKGdWafg&google_hm=OmBRk5LwTX2buODDbFGBc6I
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 27EB
Redirect Chain

https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEJAnyZmFhXiWGtT3GR3LIEQ&google_cver=1&google_push=AYg5qPLwtkQxJlxtpbYGymLI3ak4epcb-e5XXJQPXZ1jPZ2y7gZZ6UGOPULjIKAqZvP1xGPdQ7qxit83vu0xEFDPqYda...
https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESEJAnyZmFhXiWGtT3GR3LIEQ&google_cver=1&google_push=AYg5qPLwtkQxJlxtpbYGymLI3ak4epcb-e5XXJQPXZ1jPZ2y7gZZ6UGOPULjIKAqZvP1xGPdQ7qxit83vu0xEFDPqYdamfZ...

43 B
390 B

99ms
22ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESEJAnyZmFhXiWGtT3GR3LIEQ&google_cver=1&google_push=AYg5qPLwtkQxJlxtpbYGymLI3ak4epcb-e5XXJQPXZ1jPZ2y7gZZ6UGOPULjIKAqZvP1xGPdQ7qxit83vu0xEFDPqYdamfZovuwpzQ
Requested by: Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 17:59:39 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location: https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESEJAnyZmFhXiWGtT3GR3LIEQ&google_cver=1&google_push=AYg5qPLwtkQxJlxtpbYGymLI3ak4epcb-e5XXJQPXZ1jPZ2y7gZZ6UGOPULjIKAqZvP1xGPdQ7qxit83vu0xEFDPqYdamfZovuwpzQ
Date: Fri, 30 Jul 2021 17:59:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 27EB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SgBtIrjHStiF3aksJOlDqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SgBtIrjHStiF3aksJOlDqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIm1IHiBhR8gyGPV8sDp-iuaZBQQvEzkYGjg8nlgdrRD3B9TmfhY5SFSZcrBEVMU_RIQ6F9DpecBEaBK0GRJ_KJeRoY6J4ieQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SgBtIrjHStiF3aksJOlDqQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIm1IHiBhR8gyGPV8sDp-iuaZBQQvEzkYGjg8nlgdrRD3B9TmfhY5SFSZcrBEVMU_RIQ6F9DpecBEaBK0GRJ_KJeRoY6J4ieQ
date: Fri, 30 Jul 2021 17:59:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 27EB
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKF4qw8B4N9js386iE5uwu8&google_cver=1&google_push=AYg5qPK1YCRl32g84n9AdmoU3gCpT9b5Rid3Sp8SjQO821Fs7hiwPmI7...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKF4qw8B4N9js386iE5uwu8&google_cver=1&google_push=AYg5qPK1YCRl32g84n9AdmoU3gCpT9b5Rid3Sp8SjQO821Fs7hiwPmI7...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKF4qw8B4N9js386iE5uwu8&google_cver=1&google_push=AYg5qPK1YCRl32g84n9AdmoU3gCpT9b5Rid3Sp8SjQO821Fs7hiwPm...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEKF4qw8B4N9js386iE5uwu8&google_cver=1&google_push=AYg5qPK1YCRl32g84n9AdmoU3gCpT9b5Rid3Sp8SjQO821Fs7hiwPm...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlOGEwYzc5MS1mMTVmLTExZWItOWJkMy0wMjRhYTk5MzE3N2M%3D&google_push=AYg5qPK1YCRl32g84n9AdmoU3gCpT9b5Rid3Sp8SjQO821Fs7hiwPmI7lBS5BcX_5z...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlOGEwYzc5MS1mMTVmLTExZWItOWJkMy0wMjRhYTk5MzE3N2M%3D&google_push=AYg5qPK1YCRl32g84n9AdmoU3gCpT9b5Rid3Sp8SjQO821Fs7hiwPmI7lBS5BcX_5zspviUW1ZgVa_6sTJXIZfgSqrXY6e-4oa7qxSo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jul 2021 17:59:39 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlOGEwYzc5MS1mMTVmLTExZWItOWJkMy0wMjRhYTk5MzE3N2M%3D&google_push=AYg5qPK1YCRl32g84n9AdmoU3gCpT9b5Rid3Sp8SjQO821Fs7hiwPmI7lBS5BcX_5zspviUW1ZgVa_6sTJXIZfgSqrXY6e-4oa7qxSo
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 27EB
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEB-wCURftZpuHra3UH0Xt3U&google_cver=1&google_push=AYg5qPIzKP3GyrBXP972GUl-56bC1phWt0-re4gCnr3Zn4Qj7XanD97hwNj6dkqltc-gHHRYRJFdDjKs5Ln8lfmfKSJG7bq...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPIzKP3GyrBXP972GUl-56bC1phWt0-re4gCnr3Zn4Qj7XanD97hwNj6dkqltc-gHHRYRJFdDjKs5Ln8lfmfKSJG7bqOjTzcExQ&google_hm=NTA2MTky...

170 B
188 B

37ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPIzKP3GyrBXP972GUl-56bC1phWt0-re4gCnr3Zn4Qj7XanD97hwNj6dkqltc-gHHRYRJFdDjKs5Ln8lfmfKSJG7bqOjTzcExQ&google_hm=NTA2MTkyODEwODUyNjYwOTE5Mw==

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPIzKP3GyrBXP972GUl-56bC1phWt0-re4gCnr3Zn4Qj7XanD97hwNj6dkqltc-gHHRYRJFdDjKs5Ln8lfmfKSJG7bqOjTzcExQ&google_hm=NTA2MTkyODEwODUyNjYwOTE5Mw==
Date: Fri, 30 Jul 2021 17:59:39 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-29 200 dot.gif
s0.2mdn.net/ Frame 27EB 43 B
63 B 16ms
15ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEDbkOWacrKJwMbuEGgmxdLw&google_cver=1&google_push=AYg5qPLcBDB-N5_GXTQaTezF6aS13wJMuKd5k73FOGJpoCiNnntAmOLLP-jtkfOG6Cr3n8UU01e6xp8b4uG7ONxxWRfYsMnQ4FRS6iE

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 31 Jul 2021 17:59:39 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 27EB
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESELm-MOQNUgrA9sxpN9cZVeU&google_cver=1&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw
https://ads.avads.net/sync/ggl?google_gid=CAESELm-MOQNUgrA9sxpN9cZVeU&google_cver=1&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AX...
https://ads.avads.net/sync/ggl?google_gid=CAESELm-MOQNUgrA9sxpN9cZVeU&google_cver=1&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik...

0
0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 27EB 0
12 B 41ms
40ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRoB4zpqQsLFbd6wIbQ7fhugczxWo5H-oxNKzErYqx0IKV3tIhOzOmYLEIRXA9DtjA6vGhU8qaGw

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 HYPE-736.thin.min.js Show response
s0.2mdn.net/9774257/838239135150656/ Frame 1F75 55 KB
24 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9774257/838239135150656/HYPE-736.thin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838239135150656/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34660fe46d78c890b82dd7e19886dca4ce2c46d31b1b308ba9b81e53a9f1669e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838239135150656/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 22:03:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24549
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 22:03:44 GMT

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame C5FA
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEF133d_u7r3NOW-iroxiB78&google_cver=1&google_push=AYg5qPID4C5YV2a0uyf1nvw6FR1SBlgDJYtcnkZOwiGNcjju1QNUItyZHQxAqzTlA3ivPVd9-IjtujtcArnhy2ujphfb0k_...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPID4C5YV2a0uyf1nvw6FR1SBlgDJYtcnkZOwiGNcjju1QNUItyZHQxAqzTlA3ivPVd9-IjtujtcArnhy2ujphfb0k_Ewk_j&google_hm=MjE0NjQ1Njk...
https://a.rfihub.com/cm?pub=445&google_error=5

42 B
813 B

36ms
35ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&google_error=5
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 17:59:39 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C5FA
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEDLe0IMBJPCUijVItT8j-KA&google_cver=1&google_push=AYg5qPI_EvNrFMuaTK3Bn1eiNpjtbCfvDD9FNEeaTFP_oMMR8Wb8zS19S930Us_dQ_XeN6CqUg_ylHT...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEDLe0IMBJPCUijVItT8j-KA&google_cver=1&google_push=AYg5qPI_EvNrFMuaTK3Bn1eiNpjtbCfvDD9FNEeaTFP_oMMR8Wb8zS19S930Us_dQ_XeN...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=KxLPojTGTsS2X2Li2xAVPGEEPgs

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=KxLPojTGTsS2X2Li2xAVPGEEPgs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:38 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=KxLPojTGTsS2X2Li2xAVPGEEPgs
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C5FA
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESELdHLXDYibu46ZVc_DVYXWY&google_cver=1&google_push=AYg5qPLqhDH9UGpQk3R1tub1qloKMGAx7GkSrntKgh0e-jauJD-Y4F8CoNA--RwK0FGNT6SMx4aNstnfcrTxdl3Z81vzQCmvUs9-
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QkFGNzAzODU4QkRDRjZCQg==

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QkFGNzAzODU4QkRDRjZCQg==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QkFGNzAzODU4QkRDRjZCQg==
date: Fri, 30 Jul 2021 17:59:39 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame C5FA
Redirect Chain

https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEJAnyZmFhXiWGtT3GR3LIEQ&google_cver=1&google_push=AYg5qPIxKmwbD3dJouXMODIwK01YLe25SR9hnAdgcsUPsA6NLClNOXIjmq9iKEe68wyJtcwxJGX9hheGknmVxPjWwyWM...
https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESEJAnyZmFhXiWGtT3GR3LIEQ&google_cver=1&google_push=AYg5qPIxKmwbD3dJouXMODIwK01YLe25SR9hnAdgcsUPsA6NLClNOXIjmq9iKEe68wyJtcwxJGX9hheGknmVxPjWwyWMQXV...

43 B
390 B

102ms
22ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESEJAnyZmFhXiWGtT3GR3LIEQ&google_cver=1&google_push=AYg5qPIxKmwbD3dJouXMODIwK01YLe25SR9hnAdgcsUPsA6NLClNOXIjmq9iKEe68wyJtcwxJGX9hheGknmVxPjWwyWMQXVpDwcg
Requested by: Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 17:59:39 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location: https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESEJAnyZmFhXiWGtT3GR3LIEQ&google_cver=1&google_push=AYg5qPIxKmwbD3dJouXMODIwK01YLe25SR9hnAdgcsUPsA6NLClNOXIjmq9iKEe68wyJtcwxJGX9hheGknmVxPjWwyWMQXVpDwcg
Date: Fri, 30 Jul 2021 17:59:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C5FA
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEABfEGhY8QSTDKXNDXmpeJk&google_cver=1&google_push=AYg5qPK-4lqSyRzh6KFiw3yuKiUa5N4iCEU9mKM2paYWXBe3ekZ7MBwdTC3prqOsu7_sgectkj_bcESbe-xh-FB5R...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEABfEGhY8QSTDKXNDXmpeJk&google_cver=1&google_push=AYg5qPK-4lqSyRzh6KFiw3yuKiUa5N4iCEU9mKM2paYWXBe3ekZ7MBwdTC3prqOsu7_sgectkj_bcESbe-xh-FB5R...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK-4lqSyRzh6KFiw3yuKiUa5N4iCEU9mKM2paYWXBe3ekZ7MBwdTC3prqOsu7_sgectkj_bcESbe-xh-FB5RW6BxzG_nOTs&google_hm=e8d11304f4160d6a57fd5caf

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK-4lqSyRzh6KFiw3yuKiUa5N4iCEU9mKM2paYWXBe3ekZ7MBwdTC3prqOsu7_sgectkj_bcESbe-xh-FB5RW6BxzG_nOTs&google_hm=e8d11304f4160d6a57fd5caf

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jul 2021 17:59:39 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK-4lqSyRzh6KFiw3yuKiUa5N4iCEU9mKM2paYWXBe3ekZ7MBwdTC3prqOsu7_sgectkj_bcESbe-xh-FB5RW6BxzG_nOTs&google_hm=e8d11304f4160d6a57fd5caf
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame C5FA 0
44 B 805ms
266ms Image
text/plain 35.72.120.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEJqKo_yTvUKmOHOnEYNZrVk&google_cver=1&google_push=AYg5qPLhGh0qOYeolnoZtdB-X2fNzFvogIdKtji3fQcavYTzvLpGoiIUEFCUGpT3qQwqGWC_bfvzukvarSEvGZCUUefTWLy2_BPS
Requested by: Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.72.120.200 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-72-120-200.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:39 GMT
server: awselb/2.0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C5FA
Redirect Chain

https://google.ops.beeline.ru/p?ssp=gl&google_gid=CAESED-1Dbi7eB1-8p9qVzKWd3Y&google_cver=1&google_push=AYg5qPKNAS49ZURyIFnrFTuG0Fn8CtXuPN25gNuDlOqhs_XvTI1-v_XTnFz3KWbrS6Bex5v9uen42NWtZJvM8uDB3UY2L...
https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=YmQyNTlhNjQtY2IyZC00YTlhLWFiZGUtMzdiYTk1MTJhNjEw&google_push=AYg5qPKNAS49ZURyIFnrFTuG0Fn8CtXuPN25gNuDlOqhs_XvTI1-v_XTnFz3KWbrS...

170 B
188 B

35ms
34ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=YmQyNTlhNjQtY2IyZC00YTlhLWFiZGUtMzdiYTk1MTJhNjEw&google_push=AYg5qPKNAS49ZURyIFnrFTuG0Fn8CtXuPN25gNuDlOqhs_XvTI1-v_XTnFz3KWbrS6Bex5v9uen42NWtZJvM8uDB3UY2LCE9lRK4hw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Jul 2021 17:59:39 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=vimpelcom_pjsc&google_hm=YmQyNTlhNjQtY2IyZC00YTlhLWFiZGUtMzdiYTk1MTJhNjEw&google_push=AYg5qPKNAS49ZURyIFnrFTuG0Fn8CtXuPN25gNuDlOqhs_XvTI1-v_XTnFz3KWbrS6Bex5v9uen42NWtZJvM8uDB3UY2LCE9lRK4hw
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.60
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame C5FA 0
12 B 41ms
35ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRlfhl0cSET9XJ8Wa8g3hIkr9QkV7bPv__DIKqLLkwcV6AuZVzaTmGSOhqgdRTMf6iDvn48Q

Requested by

Host: 8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
URL: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 17:59:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 streak_red.svg
s0.2mdn.net/9774257/838241088266301/ Frame F87D 242 B
232 B 14ms
10ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838241088266301/streak_red.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838241088266301/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d669848f9f0c0cbcc426aa4e3ffb853aa1388e1775aab0604d1a115749c10e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838241088266301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 23:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 208
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:59 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 23:59:13 GMT

GET
H3-29 200 fireworks_large_2.svg
s0.2mdn.net/9774257/838241088266301/ Frame F87D 17 KB
7 KB 14ms
11ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838241088266301/fireworks_large_2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838241088266301/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75649a4d283510ac94c606b4caff999bf702a30c6eed611db9480bfdac9dd95b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838241088266301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 23:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6783
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:59 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 23:59:13 GMT

GET
H3-29 200 Sunrise-red.svg
s0.2mdn.net/9774257/838241088266301/ Frame F87D 4 KB
2 KB 14ms
10ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838241088266301/Sunrise-red.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838241088266301/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54197fb4d107c2359625a8db4a7a0d2c63b4e5868380ee346d87d9b1928285cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838241088266301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 23:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1705
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:59 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 23:59:13 GMT

GET
H3-29 200 fireworks_small_1.svg
s0.2mdn.net/9774257/838241088266301/ Frame F87D 18 KB
6 KB 14ms
11ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838241088266301/fireworks_small_1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838241088266301/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347baa0ea6417bd2819c2d4f97bc3348738dda1ea4e0c181b742876c23f9446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838241088266301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 23:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5634
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:59 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 23:59:13 GMT

GET
H3-29 200 streak_yellow.svg
s0.2mdn.net/9774257/838241088266301/ Frame F87D 256 B
236 B 13ms
10ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838241088266301/streak_yellow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838241088266301/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de245c18fe5f7c9719b55d162a9d23dbf575829e0e9935004438add727f386cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838241088266301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 23:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 212
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:59 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 23:59:13 GMT

GET
H3-29 200 fireworks_small_2.svg
s0.2mdn.net/9774257/838241088266301/ Frame F87D 20 KB
6 KB 17ms
11ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838241088266301/fireworks_small_2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838241088266301/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d84b4c199cf42959e046fed61b0660176769a2b65eaecfad0a53e7ee774796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838241088266301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 23:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5615
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:59 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 23:59:13 GMT

GET
H3-29 200 fireworks_small_3.svg
s0.2mdn.net/9774257/838241088266301/ Frame F87D 18 KB
5 KB 16ms
11ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838241088266301/fireworks_small_3.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838241088266301/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aff86ff3c89779360b9a7bebd8b1192089c68e7c94a1006f1b2b1083ed24da83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838241088266301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 23:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:59 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 23:59:13 GMT

GET
H3-29 200 bubble_en.svg
s0.2mdn.net/9774257/838241088266301/ Frame F87D 18 KB
6 KB 18ms
11ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838241088266301/bubble_en.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838241088266301/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

119c4fa0c29b6ec11ef4449b93e690989ad5dc52db4ff1ca13976319b4fa4198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838241088266301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 23:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6129
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:59 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 23:59:13 GMT

GET
H3-29 200 headline_en.svg
s0.2mdn.net/9774257/838241088266301/ Frame F87D 14 KB
4 KB 17ms
11ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838241088266301/headline_en.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838241088266301/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c8350fc3d0c611323c0ef4e6152c171b7abbd8f7ed5d548aa58ef7540fe2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838241088266301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 23:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4435
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:59 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 23:59:13 GMT

GET
H3-29 200 subline_en.svg
s0.2mdn.net/9774257/838241088266301/ Frame F87D 16 KB
5 KB 17ms
11ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838241088266301/subline_en.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838241088266301/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

781b52eda5cf7cc4646ec99b5b7808a7079421723f319fc6be8527c4bb8a1639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838241088266301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 23:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4851
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:59 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 23:59:13 GMT

GET
H3-29 200 cta_en.svg
s0.2mdn.net/9774257/838241088266301/ Frame F87D 5 KB
2 KB 17ms
12ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838241088266301/cta_en.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838241088266301/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33f8c554f38ee83780ec65cf06a15f7bad8f9c81c1c52ae0ab34b576f25596b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838241088266301/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 23:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2105
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:59 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 23:59:13 GMT

GET
H3-29 200 streak_red.svg
s0.2mdn.net/9774257/838239135150656/ Frame 1F75 242 B
232 B 13ms
13ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838239135150656/streak_red.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838239135150656/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d669848f9f0c0cbcc426aa4e3ffb853aa1388e1775aab0604d1a115749c10e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838239135150656/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 22:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 208
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 22:03:45 GMT

GET
H3-29 200 fireworks_large_2.svg
s0.2mdn.net/9774257/838239135150656/ Frame 1F75 17 KB
7 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838239135150656/fireworks_large_2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838239135150656/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75649a4d283510ac94c606b4caff999bf702a30c6eed611db9480bfdac9dd95b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838239135150656/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 22:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6783
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 22:03:45 GMT

GET
H3-29 200 Sunrise-red.svg
s0.2mdn.net/9774257/838239135150656/ Frame 1F75 4 KB
2 KB 27ms
16ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838239135150656/Sunrise-red.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838239135150656/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54197fb4d107c2359625a8db4a7a0d2c63b4e5868380ee346d87d9b1928285cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838239135150656/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 22:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1705
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 22:03:45 GMT

GET
H3-29 200 fireworks_small_1.svg
s0.2mdn.net/9774257/838239135150656/ Frame 1F75 18 KB
6 KB 29ms
13ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838239135150656/fireworks_small_1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838239135150656/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347baa0ea6417bd2819c2d4f97bc3348738dda1ea4e0c181b742876c23f9446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838239135150656/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 22:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5634
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 22:03:45 GMT

GET
H3-29 200 streak_yellow.svg
s0.2mdn.net/9774257/838239135150656/ Frame 1F75 256 B
236 B 29ms
10ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838239135150656/streak_yellow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838239135150656/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de245c18fe5f7c9719b55d162a9d23dbf575829e0e9935004438add727f386cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838239135150656/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 22:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 212
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 22:03:45 GMT

GET
H3-29 200 fireworks_small_2.svg
s0.2mdn.net/9774257/838239135150656/ Frame 1F75 20 KB
6 KB 30ms
11ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838239135150656/fireworks_small_2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838239135150656/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d84b4c199cf42959e046fed61b0660176769a2b65eaecfad0a53e7ee774796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838239135150656/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 22:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5615
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 22:03:45 GMT

GET
H3-29 200 fireworks_small_3.svg
s0.2mdn.net/9774257/838239135150656/ Frame 1F75 18 KB
5 KB 31ms
12ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838239135150656/fireworks_small_3.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838239135150656/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aff86ff3c89779360b9a7bebd8b1192089c68e7c94a1006f1b2b1083ed24da83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838239135150656/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 22:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 22:03:45 GMT

GET
H3-29 200 bubble_en.svg
s0.2mdn.net/9774257/838239135150656/ Frame 1F75 18 KB
6 KB 27ms
10ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838239135150656/bubble_en.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838239135150656/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

119c4fa0c29b6ec11ef4449b93e690989ad5dc52db4ff1ca13976319b4fa4198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838239135150656/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 12:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6129
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 31 Jul 2021 12:40:48 GMT

GET
H3-29 200 headline_en.svg
s0.2mdn.net/9774257/838239135150656/ Frame 1F75 14 KB
4 KB 21ms
11ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838239135150656/headline_en.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838239135150656/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c8350fc3d0c611323c0ef4e6152c171b7abbd8f7ed5d548aa58ef7540fe2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838239135150656/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 22:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4435
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 22:03:45 GMT

GET
H3-29 200 subline_en.svg
s0.2mdn.net/9774257/838239135150656/ Frame 1F75 16 KB
5 KB 26ms
9ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838239135150656/subline_en.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838239135150656/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

781b52eda5cf7cc4646ec99b5b7808a7079421723f319fc6be8527c4bb8a1639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838239135150656/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 22:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4851
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 22:03:45 GMT

GET
H3-29 200 cta_en.svg
s0.2mdn.net/9774257/838239135150656/ Frame 1F75 5 KB
2 KB 26ms
9ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9774257/838239135150656/cta_en.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9774257/838239135150656/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33f8c554f38ee83780ec65cf06a15f7bad8f9c81c1c52ae0ab34b576f25596b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9774257/838239135150656/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 22:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2105
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 10:19:57 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 30 Jul 2021 22:03:45 GMT

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame F2CB 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 06:37:43 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame F4DA 0
23 B 73ms
71ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: t.co
URL: https://t.co/fCS8oeenv2?amp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 17:59:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame DFA1 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 06:37:43 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3D6E 0
23 B 65ms
64ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: t.co
URL: https://t.co/fCS8oeenv2?amp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 17:59:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F2CB 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bf0ikCj4EYbP3KJOD3wP2npqgAQAAAAA4AeAEAg&bg=!Y2ClYCTNAAals0SOpbM7ACkAdvg8WmEfTG82h6C7NhlPagK73d0p3LyF_dU2WjYhAwYK40ysHBwloQIAAAF0UgAAABFoAQcKAJy0DcSE_lbf3mcne4FBWXRp-MvtknLKzKxbMqthEi-1wcbY3vkitbY0pF_D6UDKU8EGuACrnLilzP1Cl58pgQ6iEnRN0KxfAdhSelEww44VE4ckHGUoUPw9TsnU45Gja6oGqAeVlvjF1UfgxZ5kFOjpSIPsfF-6mS0r2SMp-KD1uZWf-0Mim3O7ys3x7Zto0E34Lo7g9pcfVNu40lyZAuf3mmZPVArWKIhqHF8ze_3dwbPBC04S-0W8vgiPTsTDDTEcdG5dJ2YVaBJ5V88YGudo74c_3kxUB-bHGt8Fu8pwC4WPtxkm2lGL-8VSlQMy29uiJfZq-Puu7c7U-t2gViyM0zoVRMrted0tIFmo0QYhm4u9fPzy0JDXTX9J2JYXCyw7v1pmQWuFR0HdOGKIdCQC3hpzf-UXBnhKip7lQtCSV_4DbkHIW0t2sDh8SeGAOjP8TPOU00zRnJ5iXwIwKeFTpk35dz4L4FAmM-65P9Pn5OoVhOCyjMJWfspdXWGvl0CX0yZxZpmr8qIwmyf4b3BMvXWy_W6YM-FT-rOt_J85JCA6vQqsNo3LCEDKivAatuQgJ9-QqOi-kps2LgOAbjt1bbVakcnqHepKKltp54xZZvLg68yH6J2nmitWP2flW9FTrrQ4gIgfeOA7-BcOIZaDp7Xa-XiEyI64u0avJ3oNRjkEoOEd1p-ybVvHNUY_VfvhnxDUriL2T4pCW9ZYPVprGMSjvx_dsY8kkR9p8Q_4fSad8ztHfSz2Z9taHMllA4yGO7VQkl7iz8yOm08KeQMYkmU_lRVvfbZBiaj4NgQvirh4hTcHPOri-Xp6qEoe9R-Q9U5HGWfZmKgQVSL8S97wZagdbDtzmyPtGSGkBszZ9VXSCQxlS8CQeTm1v7QxcqlvP9UOgfUTnalzDbYLqtqYr15_RdXqdncarNXAaV5G4sUsYrQYKghORCrr2UTkYTsyzwGqTyaV7WpzKD3vOTz9joMn-CvnKMiRb8pXBK8T1INH9v7vQlX0sj5LGGMMauJxfFPJyeWEFZ7vT5Rx-Ra--lVMughNjfnE-w7Tmx312xHKMgYdJsmAP0Sq083gkIgwwvZ3UcL9e7R3dxZpKGODski52fNy2jjO8ZmDYQv1uXUy8zgrwbVzpWgK9uj5yHKK95pzJGjRRdO5VfgALz-VZ1QfcbAHRZ0cPC_NZaapslApyII6cQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFA1 0
20 B 82ms
82ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgA3XCj4EYZXbKZH03wOor4FgAAAAADgB4AQC&bg=!eHulez_NAAals0SOpbM7ACkAdvg8WsK_LGX4Oe3g17OuGDUTxZO1AYi93j2XvMwqI5jcexCAIjoQMAIAAAFjUgAAABNoAQcKAD-n2FFGfQVODD9vsSxqvZuoeit97ixkrx3YENJdoaNR-PZz461rWwNfSlENVsvDo_TxeVbeN1hpQUcxPlb59UOZAsw5Glt59q3P_wP7Sbkve7J6QWtkKN8nDLPmP7ABIO0Ocft6-5kzLsEOU_pVP35Br7a5en-eFOwnpenJVobESan_LuuGwIU4oAjT8JoyDCXIHYFByCG_oHiv5xuzipo40wyBTxG8U-_EK1VWWDcDonKN-D39sj4v57RcXqDJ_-cpIUEk9uZvpR3MSxoe3dT3ArDa63SWRVXwP4rwinHxQuVp5by2PiU1zrrKJDV6cFRTdvEI2F8G2uo0KaLreTzDmJE04HdNRsBPdW8ySrFp3O0dfAbR7PJetn2kR1MrsZPBJEWBZg5LRdfhbxGKdF-KR1f2P2JpAcgroM_t0SRjbUFCaNRK-vXQ3m1iwq6IAjKrUADeaGYJ8j9XGCqerSgQZDguyrlIPd-dmpg8C-xyyVD7x9Mmmj14rYXk4l8SBYLXJ0i_lZZ2qwcf48dD2KILHdl6vX0DMUAOEN1VQwmLvbyuovHy0i0prJOy5BJs7YpURsqgfL7vPtQ5exyFYw1swJ9HM7PxA7nYiAdVpViXkOIGOKceanGSMvry7_SLwF86gVjejgkiwR_-Tkr-5X5czLP_ph1FgWRW2SQth2q8KY0inLrpDzY-5S4hujguO1aPLpAixQubSKC9XN59e49-9Nm3H3obgYRbjDc7Ag84AU5KgkNG4TxGL6Hs-ARVX9IUx9VvHsbf3iiwOoDMnRCdaouN4LV6c6xpubvRSiY3GDW8s0yfpbWz3b23UPu7WV-tSWskEZtCN2wBXsjpPeI0u-aIJSGMS4sFu_p2I0LIMbeZvWSMvYi_Nn1wV7-LFaAngPgp2Uo2g5Og_6APjkPQ-xAd8G_1CtF7ytxrYGf7FaLavWc8bJYiCjhJ3BnotvB0pBYXMNTwT6jS8vYZjNxQwS27JZAeCSV7Ykp5etdpihLGTXOp2ash_El01ORJckdiI96dCERP2aPtFMHrfQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F4DA 42 B
64 B 20ms
20ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRdhcA2w_80VeloxwkjrQRgSvqqjx1SzuhlKVGLO9pv5HD7UterIo1DAvQhhffRYi0ctJv7elWj1NWrxPI9Tm1cY2_29QHsQ6D4bcP9rOGUkn2AtXaCVjHVVY&sai=AMfl-YQsFcboJIjUb60Eo6xfcj71xjMvg8YwJthRuqzNE2p403-SI6frkwgrARP20jaOF7bUxJSSoFA7sFM1IqQLDBsIp5nRlSaqgAmSE8MVZMPGlYqo24270Wq_CTm_&sig=Cg0ArKJSzHXo8sEecwamEAE&cid=CAASEuRorGKoj6gAHlfrUHJywzb2Ug&id=lidar2&mcvt=1000&p=70,315,320,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210728&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1713693884&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627667978509&dlt=102&rpt=1&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3D6E 42 B
64 B 24ms
24ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssM44WpChuK1ozhLQn1MtPZiFbpC50SlPb5fKr7G4TwTS4Y23Zd6nKVlauqyX2tC5-HaQjZMVssWx-ajJA7CaYhySNUGOAMswaelIL9Av37ZZ1ItYF9o3RBAC4&sai=AMfl-YSW615EsnSZMj-sGrFLvnDPZSB0Ce86YVDsiEz_pyKCqIdZk_kkKlhjnGnq6PK9TPNNaC25bWzU4TyMdb7mybv1tOu5zCsL86GMaJsPEB2Uu08wqo9K4kKDO6nv&sig=Cg0ArKJSzC15Ij6KKbpKEAE&cid=CAASEuRobGIMq6K8oNPmk0s9B0ZGaw&id=lidar2&mcvt=1000&p=1094,1252,1134,1293&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210728&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1089631908&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627667978516&dlt=98&rpt=1&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gn
secure-us.imrworldwide.com/cgi-bin/ 44 B
368 B 44ms
44ms Image
image/gif 54.246.201.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-408075&ch=au-408075_b99_0&sessionId=djb8d2owpb6vps4sq6jzb4zk9n2xf1627667977&asn=0&prv=1&c6=vc,b99&ca=NA&c13=asid,NA&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,v60Bsdk&sup=0&segment2=&segment1=&forward=1&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16276679777689799&c30=bldv,6.0.0.602&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&si=https%3A%2F%2Fwww.slashgear.com%2Fbig-shiny-pokemon-go-leak-see-galar-get-bright-28622618%2F&c73=phtype,&c74=dvcnm,&uoo=&c62=sendTime,1627667979&rnd=230749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.201.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-201-247.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.slashgear.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 17:59:40 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWU2MTFlYWEtZmQ4Mi00N2MwLTk3ZWQtM2VlZDZjM2EwOWU2&google_push=AYg5qPK3c46tPHdy96CU9CKU35czMEDfhPc1v9UDo52rbq2lnJhiBYhMuQyE9xDaRqukmik48mSvqcytyEAXgsMPG9GGnQ7wLq7AXw

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imrworldwide.com/	1970-01-20 05:29:23	Name: IMRID Value: e7a37b10-f15f-11eb-b991-fb802b17ddb9
.doubleclick.net/	1970-01-19 20:07:48	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 20:07:51	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 05:29:23	Name: IDE Value: AHWqTUmjktCNJIu0J3RuTTO0Tt2jmuat2PrQW5DsW7vMI6HkvBDYqytRZX2gBf9maVA
www.slashgear.com/	1970-01-20 00:30:35	Name: _pk_ref.1.c9b9 Value: %5B%22%22%2C%22%22%2C1627667977%2C%22https%3A%2F%2Fcmun.it%2F%22%5D
www.slashgear.com/	1970-01-19 20:08:02	Name: geoCC Value: DE
www.slashgear.com/	1970-01-19 20:50:59	Name: fu Value: 1
www.slashgear.com/	1970-01-19 20:07:49	Name: _pk_ses.1.c9b9 Value: 1
www.slashgear.com/	1970-01-20 05:33:43	Name: _pk_id.1.c9b9 Value: 3a81a8af7208c1e9.1627667977.
www.slashgear.com/	1970-01-20 00:26:59	Name: h_zdbb Value:
.slashgear.com/	1970-01-20 05:29:23	Name: __gads Value: ID=adbccad8cdaa40da-22ec47048fc80085:T=1627667976:RT=1627667976:S=ALNI_MbmxcR1UlOpSNiqYeW1XWvGi1o8QA
.slashgear.com/	1970-01-20 13:38:59	Name: _ga Value: GA1.2.455820475.1627667977
.slashgear.com/	1970-01-19 20:07:48	Name: _gat_ns Value: 1
.imrworldwide.com/	1970-01-20 05:29:23	Name: SSCVER Value: v1
.slashgear.com/	1970-01-19 20:07:48	Name: _gat_UA-645197-1 Value: 1
.slashgear.com/	1970-01-19 20:09:14	Name: _gid Value: GA1.2.1697395187.1627667977

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.nsstatic.net/ns/slashgear.com.js(Line 738) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5(Line 1) Message: ZD Core :: Outbound Link Tracking Initialized
console-api	info	URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107200040000 https://www.slashgear.com/big-shiny-pokemon-go-leak-see-galar-get-bright-28622618/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8d1d6aba7238ea00cd39d79d8051f21a.safeframe.googlesyndication.com
a.rfihub.com
a.teads.tv
adservice.google.ch
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
bee.imrworldwide.com
c.amazon-adsystem.com
cc.adingo.jp
cdn-gl.imrworldwide.com
cdn.ampproject.org
cdn.krxd.net
cdn.nsstatic.net
cdn.slashgear.com
cdn.static.zdbb.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cmun.it
djb8d2owpb6vps4sq6jzb4zk9n2xf1627667977.nuid.imrworldwide.com
dsum-sec.casalemedia.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g.pcmag.com
gcm.ctnsnet.com
google.ops.beeline.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gurgle.zdbb.net
ib.adnxs.com
image6.pubmatic.com
jogger.zdbb.net
ns.zdbb.net
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.advertising.com
s0.2mdn.net
s8t.teads.tv
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
stags.bluekai.com
stats.g.doubleclick.net
stats.gixioanalytics.com
sync.bumlam.com
sync3.sniperlog.ru
t.co
t.teads.tv
tags.bkrtx.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.slashgear.com
zdbb.net
cm.g.doubleclick.net
104.111.228.137
104.244.42.69
13.224.90.44
13.224.96.53
13.224.96.56
142.250.181.226
142.250.184.226
142.250.186.98
142.250.74.194
151.101.14.133
18.197.99.6
184.30.21.51
185.64.189.115
193.0.160.128
193.0.160.129
2.16.186.144
2.18.234.21
2.21.172.90
216.144.248.138
216.52.2.19
23.45.99.241
23.47.213.73
2600:9000:2176:6400:1d:667e:2a40:93a1
2600:9000:2190:5200:2:42d9:3100:93a1
2606:4700::6810:135e
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9a
2a02:26f0:6c00:191::26e5
2a02:26f0:6c00::210:bb40
3.126.56.137
31.172.81.159
31.172.81.160
34.253.169.181
35.186.193.173
35.202.23.71
35.222.52.199
35.72.120.200
37.252.173.27
37.9.245.57
44.193.70.245
44.194.225.67
52.71.45.67
54.246.201.247
63.34.231.123
66.155.71.149
68.232.34.149
0210bcf8c6f9fb41e1db722e8ec3c318101342f5922c59331321c993df1720d1
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0a13281aa2176a69e922bfd397c6a0cbf678633f0c677d18ff1b02f10b6da48b
0b2031cca2b65ee8143a391ecf084162f22f52ddf008eb417419f97198ffb713
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d18a6d79482e7b4df24bfe9df7a57b8b0b462b2a95856e46952e84f2447927b
0dde7b36758d6ea215829533c5edc1665ba78130c21375e919aa16572f49efc0
119c4fa0c29b6ec11ef4449b93e690989ad5dc52db4ff1ca13976319b4fa4198
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2
172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18344242ff477e6698f24b0211d53b9194cef9905ad67c8649e8a41ce614b415
18c8350fc3d0c611323c0ef4e6152c171b7abbd8f7ed5d548aa58ef7540fe2b4
1a8a57d54dade1b13cd846b9e600204f046ff1b81a9b291a2d7fcf9217fa33fc
1b4031a923e9fe5846dca170a40b4791777b1c59e41e32ba0afe75b9be11997d
1f594bec0c00952cb3697b82bc8fcd049b6c50587283eeacc31468221b32430e
1fc54bd8e8e8ec0b76837a47958a6583e9cf2d2c33f65ba90562ef318968ffd9
2093abc47104aed8b7ee990f6a7c217296cb2d08f26e998974409bc562304445
2285227d4baf50a98406c85b4fea8c8040d53e70913c359e490d3d5607463253
245bce7ae8c9454fdb0189abf0dd331939f993a845ae1894faae3ee7224159a9
24dafe3b46bfc451a25556868c09802ad6357d9884710a122c9d54330f7e4eca
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2e0a32a08e8237527fa5c3c1f1508966fe5fd9f12e1ad3a38004e67a688eec8f
2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2fd874ab0169a62443c5ed5cb76b0af6a64fdb6eb17282d1d8863c146fc3f6da
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33f8c554f38ee83780ec65cf06a15f7bad8f9c81c1c52ae0ab34b576f25596b0
34660fe46d78c890b82dd7e19886dca4ce2c46d31b1b308ba9b81e53a9f1669e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7
3fc51487470c88da3f5c4df2739bd46b03c7f208da23ad8cdba913d200fe4379
42ebfed84d3f96a400cafcef75d6629342768c52ee98a172e06e95a1379ade1b
4347baa0ea6417bd2819c2d4f97bc3348738dda1ea4e0c181b742876c23f9446
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46b535feebd6e45a5b43d7c4ef2b12f4b424ea843d3ef380d46bf9c2701c6dfa
46c0c734f626f441bcfa71b18c3d2603c9e2196cfa82d332e4d05b36f717a25f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48240c88e1e44badebc572e38b02e545800ea2b04ce16a2087247b3d57179d35
4c7dd742d06806a863055682ff3e9a24816d968b7abfe14b1f0af87cf38a7177
4d6ec26d1696890f88d1075ec7d5bea6deb2043d8209a1d676a3c73ac3792fcb
4d7ac35c4ed819ac412c2057b73ee3736090b763bd781e47b5a8a4773ac2d8c6
4d9829f7cca0e528b3fce3aacbcb09099abd411fd96a67d7d49f412b70c5aed1
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
53ea6986f75a1bcb098fbff5584d6ee09ba2236abb1333ec7be6c8ae3e24567e
54197fb4d107c2359625a8db4a7a0d2c63b4e5868380ee346d87d9b1928285cb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
558cbd26ff432481dc316e0956929cb426284eaf2ecbc4aebd30ad27e488adcd
58f643de3caab5b0ddbdc7a6b4d07ea368b6beed613c103f21a1489b68083f11
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
67a806a2caa05540ca80de614ab7a5b4c829ce5c51ab4886861ae95630dd1aac
6831fd18cbe99a5ec4293a20643b6baba2e86ce4f1c782fabcfc2852764ca52c
695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
7143e0c012cdb9e8d3a1f1d81f7247bd1e74f8cc53ca090ab0e6d6078c5cb5d3
72300715c57175c0eb278fb5924d5f9dfa786b6289b3203f3a46949825b416ae
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
75649a4d283510ac94c606b4caff999bf702a30c6eed611db9480bfdac9dd95b
781b52eda5cf7cc4646ec99b5b7808a7079421723f319fc6be8527c4bb8a1639
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e84778be145e427487918662879adb89c2d7479664bfb11294d299d801cd44b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe56bfb238a4483d5310f2dc30c62aacd28a07e21ca924d01c34accaf7fafc5
81c74f0766f53645f859c1ed85b5c8e0d42e768e89b505990efd9d518b3f64b9
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86e0b3624b6fb1f58c640dd298d2f422b501bd9000ff6c89f21d9d56cadcebe0
8786ea0427753986032fe076d87ca1c6a4451a4dae9fcfe30f65f744d080916c
88b5db70458819b692e1a4b500a7ad8269335bed8e2bb58342ba210ba54346f3
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
89d331be202d451cce7cd4c14689964049762c84f7e3deda40373c3723682358
8db05b5d0c34c0d22a86d6b9aee5204e67531d2e52494d2adb4102261ebe7532
8ee56915e5f3bb051618c450af1c437d244e2d34d98c0327d4f7ae4d8991afca
92704f0026adca12f0fd6fca2cfcf6849d465c18126b13527cab79d4a668c9a2
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
984b24e553f69f58ee5dae5e37ad554b61b0cd4652ea7af91023d7e5ebe6ad2a
99ecb14ec0a4e706ee386f1bde1a4684119fa8e100f24821f71f7fa75ccd481d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875
a0d84b4c199cf42959e046fed61b0660176769a2b65eaecfad0a53e7ee774796
a0f467094d000303250e2be5ffbf4b5f9ef45e048b7336fdf4df5b1e717b892e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a33bbfd57d513dda6ccf3c44cbf52b524a61e45cc54624771df57cdef6055f0d
a39b49accb5917af2836dd21b3b1fe271cc239de8be48b1396b3ccabf4aaa408
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7dc630ee70492f5758c828c197336203ae216796796182b96b661136a6b2d5f
a92ede8b5e556faa9a00e2501808b3a1bb0ef8bee5c70da0481e3be12bdd2227
ab815412c774931194d52e05db24eb2afd049fa13c587c523822bf8db9644b39
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ae607ea7a823203f649d99f674ac1b5f47ba177bd55b46729fa48137d564e926
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af014c6dcf9b2a7a91725577fbc4fe6ef2f524be1f5e0a21ef2acdb581752450
aff86ff3c89779360b9a7bebd8b1192089c68e7c94a1006f1b2b1083ed24da83
b0eb21032851980d76c5464cfdd537c7bcfe6ab6e3213950413c3f18a32ccddb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5676a6d79c25d3b1437f12a36627e3865214434324087654ff67d6e02909162
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
be5ed0fcada74e7f150ecfcaf27b9110d31830ae561b9665b0046ac5ec66d03f
be745e15bb8eb5e9940f1f6c096a76628a3ec845b577e93883f9dd8b813fb5de
c0fb1da0e27c522c4d706ce11ea149f69c1aece7d8197725610fcea78510dbc2
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c7b0f05fd4ae9ff960a0359190afda7c4b2e996b1af4df73b5080590203793c2
c8503991228334d66d47d98b514d60a31cf85079b650b6112674a960c25da355
c896cf0badf452518a3fc03c0ded4d91d047793c5f5809a526834165e7d53c63
cc07a26fd74a871e0e6af216ba81ce4c823453c89776f94c7818a1a1f42cfca0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf0b1763c95843c2da7428a742a2b41ac2a199e02d88ff48034b27a47068c163
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d51b5c14fd6455affd3baceb0d2015c532566645fd80f645260c803a8b0f1c57
d669848f9f0c0cbcc426aa4e3ffb853aa1388e1775aab0604d1a115749c10e75
d77db41dc4c7b8c130a5569ce570646d824303b3909cbfc8767a5c513b4c9140
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d813eb186c8fc642e65d3dc2e73e4cc580af677d78968fc6e1c0a4d946db644e
db1593f206e331cdac20c32c12f0f3d0cea309be430fee9f5d4455b9cd9a80f8
db28f5c66e194dc9013c95bdea3240b43815c6163f927ed7ae9d8861f1ae6305
dbb206df08b4ae8436bab3c62c18b8ebf094e06e7b66907b4524f5bbcd99c024
dd17f3d7ef3900b6b6677d9dd08d5d158ebd950f53f544ba4acc1ba0260cc235
de245c18fe5f7c9719b55d162a9d23dbf575829e0e9935004438add727f386cb
df05d2f33fef3383a2bbd852400ad273eaa8f72127df287b34642db985193235
e07b64045a1f5a43489b38955ed81a3f0412b76e3f76b15d63653e81b0c4e223
e0ef405fb65a8737b4e0fbcb94b222d27332389c8cf507250a038348d774dd61
e33f0e3e63fac80b588cdb659bd85b969ad5664ac25cc66e45565b3b68cd8618
e343db5aaf377aa0afb3d512a1ebd1090585733b1790818da792b8894fd1470c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57ae25fc885f74da9faecb08c7ff45422e0bda8d22005cbdd59ae7aa4279d19
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
eca48824a13b12bd6503bda806b0a66f2b0810fdc90796c0e763c3f934cee5a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd6c3fe040e0780295b2bb958b6cb638b10d68ea13bb0a5d3a4da7efce788a6
f31f14f173559d1bc035ffcec66bdcd19b6685f42a2853bf7eaabd1e4bd9aba0
f4d01bd6e9571febec49d1566e896770f812e30b8b4154b888a146d21733cacb
f5b5a58a99604c00aebd7f84ede34f8dec3eb4e954b4fad5dd1a12e6260e797d
f5ca671c82f08adaefbfbcad2bcc76d076d57a6250a240f32b3be5e615d79a58
f62a8ff7c0b7077bb1c9c33b29d6276bbde33e88b1833aecedc248526509a083
f786987b536b72c35b2ab3ae7467cb0f407ad96aecef6113f56367933a0c0eca
f7b22ec43eb8523e50a220ce7b2a246b23c1d1d43e441c02d66f5b47ebd6d85a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f905435c0278c8998a37b1e932c610553df7c656806432baf8670720ec6e4e1e
fc667c47a1ff9bd99d633d9745b69bdbb549978f4b5ef4a6160c23eca7364711
fd99c6e05a78853cddec02eb422294faf69dc76ce0a4ef6bcef09243d96bd0e7
fdb65c85e3d0d7be60ef0017b88fc183a2f12973211e671a6e0aecdece08d810
fe0d38edfed19699716e0d23d7d0edb2b4977081cb6d51cc73d77395985e97c1

www.slashgear.com Open in urlscan Pro 35.222.52.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

278 Requests

96 %HTTPS

38 %IPv6

43 Domains

62 Subdomains

53 IPs

8 Countries

2751 kBTransfer

6677 kBSize

16 Cookies

8 Outgoing links

Page URL History

Redirected requests

278 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.slashgear.com Open in urlscan Pro
35.222.52.199 Public Scan

Screenshot
Live screenshot

Full Image

278
Requests

96 %
HTTPS

38 %
IPv6

43
Domains

62
Subdomains

53
IPs

8
Countries

2751 kB
Transfer

6677 kB
Size

16
Cookies

278 HTTP transactions
6 data transactions